Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Skype virus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Skype virus
Dobrý den Prosim potřebuju poradit mam v pc vir ktery sam posila odkazy kde jsou viry vsem pratelum na skypu co mam a nevim jak to odstranit a nevim kde mam vzit nake Log jak chcete ani nemam ten Combo fix prosim poradte kde sezenu Vypis log a kde sezenu combofix a jak mam ten vir odstranit Dekuji za odpověd
Re: Skype virus
Muj log
Kód: Vybrat vše
ComboFix 10-10-18.05 - admin 19.10.2010 17:22:09.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.350 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\program files\Softonic-Eng7\tbSof1.dll"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\admin\Data aplikací\Dealio
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\as_sidebar.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\blank.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\deal_report.jpg
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\DealioSearch.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\deals-endcap.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\deals-leftcap.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\ebay_login.jpg
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\endcap22-bg.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\endcap22-left.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\endcap22-right-arrow.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\endcap22-right.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\err_mainwindow.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\err_sidebar.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\err_toolbar.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\ErrorPageTemplate.css
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\global_scripts.js
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\headerbgthin.jpg
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\help.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\logo.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\logo_over.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\man_toolbar.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\man_toolbar.js
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\pill_bg.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\post-this-deal.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\post-this-deal_over.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\scripts.js
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\scroller.js
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\search-chevron.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\search_bg_blink.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\separator.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\settings.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\settings_over.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\sidebar.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\steals_bg.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\tab_icon.png
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\tabdata.js
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\tablib.js
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\tabwelcome_en.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\toolbar_background.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\yahoo_search.gif
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\index.1.80.39
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.10.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.109.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.110.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.12.52
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.13.58
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.130.58
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.135.50
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.153.44
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.155.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.156.49
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.16.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.161.52
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.178.66
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.184.55
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.188.52
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.189.45
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.196.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.198.56
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.199.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.200.53
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.201.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.202.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.203.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.205.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.213.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.214.49
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.215.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.216.67
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.217.67
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.218.52
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.219.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.220.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.221.57
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.222.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.223.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.226.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.227.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.228.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.229.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.23.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.239.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.24.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.240.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.241.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.242.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.243.77
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.244.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.245.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.247.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.248.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.249.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.250.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.251.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.252.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.253.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.254.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.255.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.256.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.257.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.279.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.28.58
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.282.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.283.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.284.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.289.67
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.290.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.291.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.296.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.297.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.304.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.307.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.308.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.31.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.310.46
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.311.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.315.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.316.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.317.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.318.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.319.49
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.32.48
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.334.44
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.335.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.336.44
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.337.44
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.338.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.339.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.34.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.340.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.341.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.349.50
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.35.48
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.350.50
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.351.51
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.352.77
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.353.51
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.354.51
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.357.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.358.52
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.359.52
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.360.53
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.361.54
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.362.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.363.58
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.364.54
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.365.53
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.367.56
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.368.58
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.369.55
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.370.80
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.371.56
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.372.57
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.373.55
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.375.56
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.376.57
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.377.55
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.378.65
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.384.58
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.386.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.387.59
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.388.59
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.389.59
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.390.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.391.78
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.392.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.393.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.394.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.396.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.397.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.398.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.399.60
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.403.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.404.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.405.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.406.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.407.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.408.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.409.61
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.412.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.413.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.414.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.415.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.416.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.417.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.418.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.419.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.420.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.421.62
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.423.77
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.424.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.425.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.426.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.427.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.428.65
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.429.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.430.63
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.432.65
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.433.64
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.434.65
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.435.64
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.436.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.437.64
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.438.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.439.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.440.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.442.73
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.443.73
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.444.73
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.445.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.446.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.450.67
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.451.67
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.452.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.453.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.454.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.456.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.457.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.458.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.459.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.460.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.462.74
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.463.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.464.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.465.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.468.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.469.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.470.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.471.73
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.472.70
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.478.74
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.479.73
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.480.68
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.481.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.482.74
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.49.67
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.50.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.500.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.501.74
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.502.71
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.51.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.52.72
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.520.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.521.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.522.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.53.51
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.531.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.532.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.533.77
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.534.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.54.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.55.45
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.56.69
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.57.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.58.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.591.79
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.592.79
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.593.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.594.77
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.595.76
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.608.78
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.610.80
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.611.79
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.614.79
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.617.79
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.624.80
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.63.57
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.640.80
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.641.80
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.66.47
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.70.75
c:\documents and settings\admin\Data aplikací\Dealio\kb124\rules\rules.1.71.43
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1452_4560_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_1188_103.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_2300_90.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_2356_127.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_2360_142.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_2840_122.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_2860_112.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_3016_97.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_3088_157.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_3992_79.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_4240_159.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_4240_160.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_4332_132.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_4348_153.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_4348_162.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_4860_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_5388_80.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_5448_152.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_5480_117.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_5488_107.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_5568_137.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_6028_89.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_668_147.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_1652_724_45.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_2460_516_1.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_2460_516_2.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_2512_2516_1.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_2512_2516_2.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_2620_1132_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_2900_5176_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_3272_192_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_3716_2280_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_3780_5248_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_392_468_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_3976_5372_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4468_4472_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4632_5436_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4672_3736_1.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4672_3736_2.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4696_5084_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_484_2056_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4876_4384_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_4940_4908_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_5068_2336_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_5332_5572_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_5364_2068_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_5416_3128_7.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_5456_5460_5.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_560_1440_49.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_560_2060_81.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_560_4660_74.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_560_4860_76.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_560_5652_86.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_560_5656_61.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\_toolbar_tmp_5796_1528_135.html
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dt10.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dt9.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dt95.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dtA.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dtB.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dtC.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dtD.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dtE.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\~dtF.tmp
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\dealio-14877.log
c:\documents and settings\admin\Data aplikací\Dealio\kb124\temp\dod_cache.xml
c:\documents and settings\admin\Plocha\[Torrentsworld.net] - Ultra Hackers 2008 every program you need to become a hacker!.torrent
c:\program files\\setup.exe
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\program files\Setup.exe
C:\Thumbs.db
c:\windows\PixArt\PAC207\Monitor.exe
c:\windows\system32\AutoRun.inf
c:\windows\system32\Cache
c:\windows\system32\spool\prtprocs\w32x86\CNMPP5i.DLL
c:\windows\system32\Thumbs.db
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-19 do 2010-10-19 )))))))))))))))))))))))))))))))
.
2010-10-16 17:11 . 2010-10-16 17:11 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\SkinSoft
2010-10-16 14:38 . 2010-10-16 14:38 -------- d-----w- c:\program files\Drahokamovy mic - Davne legendy
2010-10-11 16:44 . 2010-10-11 16:44 -------- d-----w- c:\program files\AutocompletePro
2010-10-11 16:44 . 2010-10-11 16:44 -------- d-----w- c:\program files\Moo0
2010-10-10 07:17 . 2010-10-10 07:17 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\QuickStores
2010-10-09 15:59 . 2005-08-25 20:10 9804 ----a-w- c:\windows\system\vdremote.dll
2010-10-09 15:59 . 2005-08-25 20:09 7244 ----a-w- c:\windows\system\vdsvrlnk.dll
2010-10-09 15:57 . 2010-10-10 07:27 -------- d-----w- C:\Fraps
2010-10-05 16:03 . 2010-10-05 16:03 -------- d-----w- c:\program files\Ventrilo
2010-10-03 18:16 . 2010-10-04 18:05 -------- d-----w- c:\program files\Úžasná tajemství Mistra Leonarda
2010-09-30 15:49 . 2010-09-30 15:49 -------- d-----w- c:\program files\Counter-Strike
2010-09-23 17:37 . 2010-09-25 16:10 -------- d-----w- c:\program files\Brana svetu - cesta za horizont
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 138552]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP1.dll" [2010-09-09 2735200]
"{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}]
[HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}]
2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-24 19:25 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
2010-09-09 12:29 2735200 ----a-w- c:\program files\MyPlayCity\tbMyP1.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2010-09-09 12:29 2735200 ----a-w- c:\program files\TorrentMan\tbTor0.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}]
2010-02-18 07:37 221184 ----a-w- c:\program files\Family Toolbar\mhxpcomi.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-24 333192]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-09-09 2735200]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]
"{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"= "c:\program files\MyPlayCity\tbMyP1.dll" [2010-09-09 2735200]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTor0.dll" [2010-09-09 2735200]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]
"{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"= "c:\program files\MyPlayCity\tbMyP1.dll" [2010-09-09 2735200]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-24 333192]
"{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}]
[HKEY_CLASSES_ROOT\MHToolbar.MHToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-09-28 443968]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-06-04 68856]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-10-02 1124352]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-07-29 1213680]
"Google Update"="c:\documents and settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-06-16 136176]
"Steam"="c:\program files\Steam\steam.exe" [2010-08-31 1242448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 16125440]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2008-02-21 453936]
"Realtime Audio Engine"="mmrtkrnl.exe" [2005-01-20 53248]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"KB350e"="c:\program files\KB350e\MagicKey.exe" [2007-12-12 184320]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-06-07 111928]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-08-01 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-27 393216]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Servant Salamander 2.0\\salamand.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Microsoft Games\\Motocross Madness 2 Trial\\mcm2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\World of Padman\\wop.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\TopCD\\GTR\\GTR.exe"=
"c:\\Program Files\\Namco\\Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\TomaWeb\\Simple FTP\\TWFTPCli.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\SweetIM\\Messenger\\update\\sweetimsetup.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\tip19\\counter-strike\\hl.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 1.0\\yct.exe"=
"c:\\Program Files\\Steam\\steamapps\\formulka\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\formulka\\condition zero\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27016:TCP"= 27016:TCP:89.111.96.58/255.255.255.255:Enabled:Dedicated Server
"27016:UDP"= 27016:UDP:89.111.96.58/255.255.255.255:Enabled:Dedicated Server
"27015:UDP"= 27015:UDP:89.111.96.58/255.255.255.255:Enabled:Dedicated Srver
"33737:UDP"= 33737:UDP:uTorrent 1.8
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.3.2010 21:50 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [27.9.2005 23:29 13696]
R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [18.12.2008 20:51 464264]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.3.2010 21:50 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [19.11.2009 17:43 246520]
R2 Iprip;Naslouchání RIP;c:\windows\System32\svchost.exe -k netsvcs [25.10.2001 14:00 14336]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R3 PAC207;Sweex Webcam USB;c:\windows\system32\drivers\PFC027.SYS [25.10.2007 19:31 616064]
S2 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [18.12.2008 20:51 234888]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.9.2009 19:25 133104]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.4.2009 16:22 13224]
S3 GT681x;%GrandTechICNameNT%;c:\windows\system32\DRIVERS\GT681x.SYS --> c:\windows\system32\DRIVERS\GT681x.SYS [?]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
2010-08-17 c:\windows\Tasks\AdobeAAMUpdater-1.0-E2180-admin.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-08-01 16:56]
2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 17:25]
2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-26 17:25]
.
.
------- Doplňkový sken -------
.
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://search.qip.ru
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Compare Prices with &Dealio - c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\DealioSearch.html
IE: Crawler Search - tbr:iemenu
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {BA833AAD-219A-4ABF-9CB4-671ADA4AFD54} = 62.84.128.6,62.84.132.6
Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - c:\program files\Family Toolbar\mhxpcomi.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q=
FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-PAC207_Monitor - c:\windows\PixArt\PAC207\Monitor.exe
HKLM-Run-Monitor - c:\windows\PixArt\PAC207\Monitor.exe
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(796)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1856)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\System32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\msdtc.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Teleca Shared\CapabilityManager.exe
c:\documents and settings\admin\Local Settings\Data aplikací\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\ATI Technologies\ATI.ACE\cli.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2010-10-19 17:44:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-19 15:44
Před spuštěním: Volných bajtů: 29 606 166 528
Po spuštění: Volných bajtů: 29 554 696 192
- - End Of File - - 8766682C50AC6993D9CAD96737FD92B3
Re: Skype virus
Zdravim 
Nevim proc neustale spamujete cizi topic, kdyz zde mate sve tema zalozene
Cetl jste pravidla fora jak jsem Vam psal 
Jaky log jste mel vlozit
Vidim ze CF jste spustil i se skriptem, kdyz si ho umite vytvorit, tak proc si nevylustite log a nezbavite se haveti sam - pouzivani CF neni hracka, ale Vy to evidentne umite kdyz si tvorite i skripty...
Nevim proc neustale spamujete cizi topic, kdyz zde mate sve tema zalozene Cetl jste pravidla fora jak jsem Vam psal Jaky log jste mel vlozit Vidim ze CF jste spustil i se skriptem, kdyz si ho umite vytvorit, tak proc si nevylustite log a nezbavite se haveti sam - pouzivani CF neni hracka, ale Vy to evidentne umite kdyz si tvorite i skripty..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Skype virus
Prominte ale necetl jsem jaky log mam sem dat reknete mi to prosim znova jo a script neumim vytvorit teda udelal jsme vse co jste psal na tomtom foru a skopiroval jsem ten script co mate napsany no a log mam Prosim poradte jak mam dat ten vir pryc.vyosek píše:Zdravim
Re: Skype virus
Nevim kde mam v tom Logu hledat ach jo prosim Jak jse mam toho viru zbavit?vyosek píše:Zdravim
Re: Skype virus
Nedavejte citovat mou odpoved, je to zbytecne Kdyz nectete pravidla fora 
, tak se nedivte ze vite prd a zbytecne tu delate s prominutim bordel 
Proc myslite ze tu jsou, jen tak na ozdobu Skript jste pouzil zcela blby, jelikoz ten byl urcen pro nekoho jineho Nedavejte logy do code, spatne se to cte a boli z toho oci. Tenhle jeste prelouskam, ale dalsi uz v nem nechci videt 
Uprimne, zasrane to mate jak jetel - ono se ani neni cemu divit, kdyz vidim co stahujete za kraviny - tohle Ultra Hackers 2008 every program you need to become a hacker! ma byt jako co Dejte mi chvili, nez napisu spravny skript na opravu, mezitim mi muzete odpovedet na otazky vyse..."Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Skype virus
Prominte za ten code ze stoho bolej oci jo k tomu : Ultra Hackers 2008 every program you need to become a hacker! To muj Bratr je mu 13let a tak trochu jse snazi s pocitacema a moc si toho vazym ze delate prome script spravnyy. Kam mam pak poslat ten spravny Log ? a mam odstranit ten stary log z C:// ? Dekujivyosek píše:
Re: Skype virus
Nedavejte citovat mou odpoved Stary log neodstranujte, delejte jen to co napisi... Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Folder:: c:\program files\SweetIM c:\program files\Family Toolbar c:\program files\AskBarDis c:\program files\ICQ6Toolbar File:: c:\program files\MyPlayCity\tbMyP1.dll c:\windows\Tasks\AdobeAAMUpdater-1.0-E2180-admin.job c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"=- "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"=- "{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"=- [-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [-HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [-HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}] [-HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1] [-HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}] [-HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=- "{7c5c0f58-e061-457d-9033-77307f5ed00c}"=- "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- "{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}"=- "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{7C5C0F58-E061-457D-9033-77307F5ED00C}"=- "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- "{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}"=- "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=- "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"=- [-HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}] [-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [-HKEY_CLASSES_ROOT\clsid\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}] [-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [-HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}] [-HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3] [-HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [-HKEY_CLASSES_ROOT\MHToolbar.MHToolbar] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Picasa Media Detector"=- "swg"=- "PC Suite Tray"=- "Google Update"=- "Steam"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=- "RemoteControl"=- "Sony Ericsson PC Suite"=- "KB350e"=-0] "HP Software Update"=- "SweetIM"=- "AdobeAAMUpdater-1.0"=- "SwitchBoard"=- "AdobeCS5ServiceManager"=- "Adobe Reader Speed Launcher"=- [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Documents and Settings\\All Users\\Data aplikací\\SweetIM\\Messenger\\update\\sweetimsetup.exe"=- Driver:: ASKService ICQ Service ASKUpgrade DDS:: uDefault_Search_URL = hxxp://search.qip.ru uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Compare Prices with &Dealio - c:\documents and settings\admin\Data aplikací\Dealio\kb124\res\DealioSearch.html Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - c:\program files\Family Toolbar\mhxpcomi.dll Firefox:: FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Skype virus
Děkuji jdu to udělat a pak jsem dam log
Re: Skype virus
Fajn, budu log vyhlizet 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Skype virus
Toto je Logo:
ComboFix 10-10-18.05 - admin 19.10.2010 19:47:11.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.472 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\program files\MyPlayCity\tbMyP1.dll"
"c:\windows\Tasks\AdobeAAMUpdater-1.0-E2180-admin.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\AskService.exe
c:\program files\AskBarDis\bar\bin\AskSplash.exe
c:\program files\AskBarDis\bar\bin\AskTBApp.exe
c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\05EECF7D.bin
c:\program files\AskBarDis\bar\Cache\05EED20D.bin
c:\program files\AskBarDis\bar\Cache\05EED327.bin
c:\program files\AskBarDis\bar\Cache\05EED4DC.bin
c:\program files\AskBarDis\bar\Cache\05EED692.bin
c:\program files\AskBarDis\bar\Cache\05EED847.bin
c:\program files\AskBarDis\bar\Cache\05EED980.bin
c:\program files\AskBarDis\bar\Cache\0EE9EAA8
c:\program files\AskBarDis\bar\Cache\1A43B336.bin
c:\program files\AskBarDis\bar\Cache\1A43B46E.bin
c:\program files\AskBarDis\bar\Cache\1A43B597.bin
c:\program files\AskBarDis\bar\Cache\1A43B6B0.bin
c:\program files\AskBarDis\bar\Cache\1A43B7D9.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\AskLogo.ico
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\bar\Settings\prevCfg2.htm
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\program files\Family Toolbar
c:\program files\Family Toolbar\404.htm
c:\program files\Family Toolbar\about.gif
c:\program files\Family Toolbar\about.html
c:\program files\Family Toolbar\active.html
c:\program files\Family Toolbar\addPhotos.gif
c:\program files\Family Toolbar\alerts.gif
c:\program files\Family Toolbar\anniversary.gif
c:\program files\Family Toolbar\AR.gif
c:\program files\Family Toolbar\banner.html
c:\program files\Family Toolbar\basis.xml
c:\program files\Family Toolbar\BG.gif
c:\program files\Family Toolbar\birthday.gif
c:\program files\Family Toolbar\buyFamilyGifts.gif
c:\program files\Family Toolbar\calendar.gif
c:\program files\Family Toolbar\clearhist.exe
c:\program files\Family Toolbar\clearSearchHistory.gif
c:\program files\Family Toolbar\close.gif
c:\program files\Family Toolbar\closeRoll.gif
c:\program files\Family Toolbar\collage.gif
c:\program files\Family Toolbar\createFamilySite.gif
c:\program files\Family Toolbar\CS.gif
c:\program files\Family Toolbar\DA.gif
c:\program files\Family Toolbar\data.js
c:\program files\Family Toolbar\dbghelp.dll
c:\program files\Family Toolbar\DE.gif
c:\program files\Family Toolbar\dialog_close.gif
c:\program files\Family Toolbar\dns.htm
c:\program files\Family Toolbar\EL.gif
c:\program files\Family Toolbar\EN.gif
c:\program files\Family Toolbar\ES.gif
c:\program files\Family Toolbar\Family_Toolbar.dll
c:\program files\Family Toolbar\family_toolbar.xpi
c:\program files\Family Toolbar\familyTree.gif
c:\program files\Family Toolbar\femaleOnline.gif
c:\program files\Family Toolbar\femaleOnlineAway.gif
c:\program files\Family Toolbar\ff.gif
c:\program files\Family Toolbar\ff.ico
c:\program files\Family Toolbar\FI.gif
c:\program files\Family Toolbar\FR.gif
c:\program files\Family Toolbar\HE.gif
c:\program files\Family Toolbar\HR.gif
c:\program files\Family Toolbar\HU.gif
c:\program files\Family Toolbar\icons.bmp
c:\program files\Family Toolbar\ie.gif
c:\program files\Family Toolbar\ie.ico
c:\program files\Family Toolbar\inboxOff.gif
c:\program files\Family Toolbar\inboxOn.gif
c:\program files\Family Toolbar\info.txt
c:\program files\Family Toolbar\inviteFamily.gif
c:\program files\Family Toolbar\IT.gif
c:\program files\Family Toolbar\lang.js
c:\program files\Family Toolbar\Loading.gif
c:\program files\Family Toolbar\Loading.jpg
c:\program files\Family Toolbar\logoff.gif
c:\program files\Family Toolbar\logOnToMH.gif
c:\program files\Family Toolbar\LT.gif
c:\program files\Family Toolbar\maleOnline.gif
c:\program files\Family Toolbar\maleOnlineAway.gif
c:\program files\Family Toolbar\MHlogo.gif
c:\program files\Family Toolbar\mhxpcomi.dll
c:\program files\Family Toolbar\MissingSnapshot.jpg
c:\program files\Family Toolbar\morph.gif
c:\program files\Family Toolbar\MyHeritage.ico
c:\program files\Family Toolbar\MyHeritage.png
c:\program files\Family Toolbar\MyHeritageSearch.png
c:\program files\Family Toolbar\MyHeritageWhiteBg.gif
c:\program files\Family Toolbar\MyNewTab - Grid.htm
c:\program files\Family Toolbar\MyNewTab - History Off.htm
c:\program files\Family Toolbar\MyNewTab.css
c:\program files\Family Toolbar\MyNewTab.js
c:\program files\Family Toolbar\NL.gif
c:\program files\Family Toolbar\NO.gif
c:\program files\Family Toolbar\off.exe
c:\program files\Family Toolbar\online.gif
c:\program files\Family Toolbar\PB.gif
c:\program files\Family Toolbar\photos.gif
c:\program files\Family Toolbar\PL.gif
c:\program files\Family Toolbar\privacy.gif
c:\program files\Family Toolbar\PT.gif
c:\program files\Family Toolbar\reload.gif
c:\program files\Family Toolbar\RO.gif
c:\program files\Family Toolbar\RU.gif
c:\program files\Family Toolbar\search.gif
c:\program files\Family Toolbar\site.gif
c:\program files\Family Toolbar\sites.gif
c:\program files\Family Toolbar\SK.gif
c:\program files\Family Toolbar\spacer.gif
c:\program files\Family Toolbar\SR.gif
c:\program files\Family Toolbar\stub.xml
c:\program files\Family Toolbar\SV.gif
c:\program files\Family Toolbar\tagPeople.gif
c:\program files\Family Toolbar\TB_AR.gif
c:\program files\Family Toolbar\TB_BG.gif
c:\program files\Family Toolbar\TB_CS.gif
c:\program files\Family Toolbar\TB_DA.gif
c:\program files\Family Toolbar\TB_DE.gif
c:\program files\Family Toolbar\TB_EL.gif
c:\program files\Family Toolbar\TB_EN.gif
c:\program files\Family Toolbar\TB_ES.gif
c:\program files\Family Toolbar\TB_FI.gif
c:\program files\Family Toolbar\TB_FR.gif
c:\program files\Family Toolbar\TB_HE.gif
c:\program files\Family Toolbar\TB_HR.gif
c:\program files\Family Toolbar\TB_HU.gif
c:\program files\Family Toolbar\TB_IT.gif
c:\program files\Family Toolbar\TB_LT.gif
c:\program files\Family Toolbar\TB_NL.gif
c:\program files\Family Toolbar\TB_NO.gif
c:\program files\Family Toolbar\TB_PB.gif
c:\program files\Family Toolbar\TB_PL.gif
c:\program files\Family Toolbar\TB_PT.gif
c:\program files\Family Toolbar\TB_RO.gif
c:\program files\Family Toolbar\TB_RU.gif
c:\program files\Family Toolbar\TB_SK.gif
c:\program files\Family Toolbar\TB_SR.gif
c:\program files\Family Toolbar\TB_SV.gif
c:\program files\Family Toolbar\TB_TR.gif
c:\program files\Family Toolbar\TB_UK.gif
c:\program files\Family Toolbar\tbcore3.dll
c:\program files\Family Toolbar\tbhelper.dll
c:\program files\Family Toolbar\tbs_include_script_000391.js
c:\program files\Family Toolbar\tbs_include_script_000733.js
c:\program files\Family Toolbar\tbs_include_script_000784.js
c:\program files\Family Toolbar\tbs_include_script_001134.js
c:\program files\Family Toolbar\tbs_include_script_002287.js
c:\program files\Family Toolbar\tbs_include_script_002346.js
c:\program files\Family Toolbar\tbs_include_script_002789.js
c:\program files\Family Toolbar\tbs_include_script_002833.js
c:\program files\Family Toolbar\tbs_include_script_002855.js
c:\program files\Family Toolbar\tbs_include_script_003080.js
c:\program files\Family Toolbar\tbs_include_script_003083.js
c:\program files\Family Toolbar\tbs_include_script_004183.js
c:\program files\Family Toolbar\tbs_include_script_004456.js
c:\program files\Family Toolbar\tbs_include_script_004711.js
c:\program files\Family Toolbar\tbs_include_script_004823.js
c:\program files\Family Toolbar\tbs_include_script_004824.js
c:\program files\Family Toolbar\tbs_include_script_005792.js
c:\program files\Family Toolbar\tbs_include_script_006838.js
c:\program files\Family Toolbar\tbs_include_script_007158.js
c:\program files\Family Toolbar\tbs_include_script_007564.js
c:\program files\Family Toolbar\tbs_include_script_007690.js
c:\program files\Family Toolbar\tbs_include_script_007803.js
c:\program files\Family Toolbar\tbs_include_script_008357.js
c:\program files\Family Toolbar\tbs_include_script_008502.js
c:\program files\Family Toolbar\tbs_include_script_009578.js
c:\program files\Family Toolbar\tbs_include_script_009807.js
c:\program files\Family Toolbar\tbs_include_script_011492.js
c:\program files\Family Toolbar\tbs_include_script_011493.js
c:\program files\Family Toolbar\tbs_include_script_011550.js
c:\program files\Family Toolbar\tbs_include_script_011614.js
c:\program files\Family Toolbar\tbs_include_script_011637.js
c:\program files\Family Toolbar\tbs_include_script_012671.js
c:\program files\Family Toolbar\tbs_include_script_012765.js
c:\program files\Family Toolbar\tbs_include_script_013916.js
c:\program files\Family Toolbar\tbs_include_script_014484.js
c:\program files\Family Toolbar\tbs_include_script_014583.js
c:\program files\Family Toolbar\tbs_include_script_014799.js
c:\program files\Family Toolbar\tbs_include_script_015508.js
c:\program files\Family Toolbar\tbs_include_script_015800.js
c:\program files\Family Toolbar\tbs_include_script_016179.js
c:\program files\Family Toolbar\tbs_include_script_016289.js
c:\program files\Family Toolbar\tbs_include_script_016678.js
c:\program files\Family Toolbar\tbs_include_script_017022.js
c:\program files\Family Toolbar\tbs_include_script_017427.js
c:\program files\Family Toolbar\tbs_include_script_018243.js
c:\program files\Family Toolbar\tbs_include_script_018279.js
c:\program files\Family Toolbar\tbs_include_script_018382.js
c:\program files\Family Toolbar\tbs_include_script_018505.js
c:\program files\Family Toolbar\tbs_include_script_020098.js
c:\program files\Family Toolbar\tbs_include_script_020109.js
c:\program files\Family Toolbar\tbs_include_script_020129.js
c:\program files\Family Toolbar\tbs_include_script_020859.js
c:\program files\Family Toolbar\tbs_include_script_022495.js
c:\program files\Family Toolbar\tbs_include_script_023942.js
c:\program files\Family Toolbar\tbs_include_script_024113.js
c:\program files\Family Toolbar\tbs_include_script_025757.js
c:\program files\Family Toolbar\tbs_include_script_025787.js
c:\program files\Family Toolbar\tbs_include_script_026799.js
c:\program files\Family Toolbar\tbs_include_script_026954.js
c:\program files\Family Toolbar\tbs_include_script_027482.js
c:\program files\Family Toolbar\tbs_include_script_027696.js
c:\program files\Family Toolbar\tbs_include_script_028246.js
c:\program files\Family Toolbar\tbs_include_script_028279.js
c:\program files\Family Toolbar\tbs_include_script_029390.js
c:\program files\Family Toolbar\tbs_include_script_030206.js
c:\program files\Family Toolbar\tbs_include_script_030277.js
c:\program files\Family Toolbar\tbs_include_script_030359.js
c:\program files\Family Toolbar\tbs_include_script_030760.js
c:\program files\Family Toolbar\tbs_include_script_030814.js
c:\program files\Family Toolbar\tbs_include_script_031331.js
c:\program files\Family Toolbar\tbs_include_script_031332.js
c:\program files\Family Toolbar\tbs_include_script_031711.js
c:\program files\Family Toolbar\tbs_include_script_032188.js
c:\program files\Family Toolbar\tbs_include_script_032423.js
c:\program files\Family Toolbar\tbs_include_script_032495.js
c:\program files\Family Toolbar\tellAFriend.gif
c:\program files\Family Toolbar\Thumbs.db
c:\program files\Family Toolbar\toolbarSetting.gif
c:\program files\Family Toolbar\ToolUninstall.exe
c:\program files\Family Toolbar\TR.gif
c:\program files\Family Toolbar\translations.js
c:\program files\Family Toolbar\UK.gif
c:\program files\Family Toolbar\uninstall.exe
c:\program files\Family Toolbar\uninstall.gif
c:\program files\Family Toolbar\update.exe
c:\program files\Family Toolbar\updateToolbar.gif
c:\program files\Family Toolbar\userSite.gif
c:\program files\Family Toolbar\version.txt
c:\program files\Family Toolbar\whatsNew.gif
c:\program files\Family Toolbar\xoff.jpg
c:\program files\Family Toolbar\xon.jpg
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\1001311815\config.xml
c:\program files\ICQ6Toolbar\1001311815\Icons.bmp
c:\program files\ICQ6Toolbar\1001311815\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\1001311815\ICQToolBar.dll
c:\program files\ICQ6Toolbar\1001311815\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\1001311815\logo_small.gif
c:\program files\ICQ6Toolbar\1001311815\short.wav
c:\program files\ICQ6Toolbar\1001311815\Version.txt
c:\program files\ICQ6Toolbar\100606920\config.xml
c:\program files\ICQ6Toolbar\100606920\Icons.bmp
c:\program files\ICQ6Toolbar\100606920\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\100606920\ICQToolBar.dll
c:\program files\ICQ6Toolbar\100606920\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\100606920\logo_small.gif
c:\program files\ICQ6Toolbar\100606920\short.wav
c:\program files\ICQ6Toolbar\100606920\Version.txt
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Thumbs.db
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\MyPlayCity\tbMyP1.dll
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\windows\Tasks\AdobeAAMUpdater-1.0-E2180-admin.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASKSERVICE
-------\Legacy_ASKUPGRADE
-------\Legacy_ICQ_SERVICE
-------\Service_ASKService
-------\Service_ASKUpgrade
-------\Service_ICQ Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-19 do 2010-10-19 )))))))))))))))))))))))))))))))
.
2010-10-16 17:11 . 2010-10-16 17:11 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\SkinSoft
2010-10-16 14:38 . 2010-10-16 14:38 -------- d-----w- c:\program files\Drahokamovy mic - Davne legendy
2010-10-11 16:44 . 2010-10-11 16:44 -------- d-----w- c:\program files\AutocompletePro
2010-10-11 16:44 . 2010-10-11 16:44 -------- d-----w- c:\program files\Moo0
2010-10-10 07:17 . 2010-10-10 07:17 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\QuickStores
2010-10-09 15:59 . 2005-08-25 20:10 9804 ----a-w- c:\windows\system\vdremote.dll
2010-10-09 15:59 . 2005-08-25 20:09 7244 ----a-w- c:\windows\system\vdsvrlnk.dll
2010-10-09 15:57 . 2010-10-10 07:27 -------- d-----w- C:\Fraps
2010-10-05 16:03 . 2010-10-05 16:03 -------- d-----w- c:\program files\Ventrilo
2010-10-03 18:16 . 2010-10-04 18:05 -------- d-----w- c:\program files\Úžasná tajemství Mistra Leonarda
2010-09-30 15:49 . 2010-09-30 15:49 -------- d-----w- c:\program files\Counter-Strike
2010-09-23 17:37 . 2010-09-25 16:10 -------- d-----w- c:\program files\Brana svetu - cesta za horizont
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-07-29 1213680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 16125440]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2008-02-21 453936]
"Realtime Audio Engine"="mmrtkrnl.exe" [2005-01-20 53248]
"KB350e"="c:\program files\KB350e\MagicKey.exe" [2007-12-12 184320]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-27 393216]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Servant Salamander 2.0\\salamand.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Microsoft Games\\Motocross Madness 2 Trial\\mcm2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\World of Padman\\wop.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\TopCD\\GTR\\GTR.exe"=
"c:\\Program Files\\Namco\\Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\TomaWeb\\Simple FTP\\TWFTPCli.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\tip19\\counter-strike\\hl.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 1.0\\yct.exe"=
"c:\\Program Files\\Steam\\steamapps\\formulka\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\formulka\\condition zero\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27016:TCP"= 27016:TCP:89.111.96.58/255.255.255.255:Enabled:Dedicated Server
"27016:UDP"= 27016:UDP:89.111.96.58/255.255.255.255:Enabled:Dedicated Server
"27015:UDP"= 27015:UDP:89.111.96.58/255.255.255.255:Enabled:Dedicated Srver
"33737:UDP"= 33737:UDP:uTorrent 1.8
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.3.2010 21:50 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [27.9.2005 23:29 13696]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.3.2010 21:50 17744]
R2 Iprip;Naslouchání RIP;c:\windows\System32\svchost.exe -k netsvcs [25.10.2001 14:00 14336]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R3 PAC207;Sweex Webcam USB;c:\windows\system32\drivers\PFC027.SYS [25.10.2007 19:31 616064]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.9.2009 19:25 133104]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.4.2009 16:22 13224]
S3 GT681x;%GrandTechICNameNT%;c:\windows\system32\DRIVERS\GT681x.SYS --> c:\windows\system32\DRIVERS\GT681x.SYS [?]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {BA833AAD-219A-4ABF-9CB4-671ADA4AFD54} = 62.84.128.6,62.84.132.6
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q=
FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Family Toolbar - c:\program files\Family Toolbar\ToolUninstall.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3224)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\System32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\msdtc.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
c:\program files\ATI Technologies\ATI.ACE\cli.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2010-10-19 20:05:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-19 18:05
ComboFix2.txt 2010-10-19 15:44
Před spuštěním: Volných bajtů: 29 582 422 016
Po spuštění: Volných bajtů: 29 438 898 176
- - End Of File - - 13EB94671CAD5BC955CDF93B0C705A02
Chtěl bych jse zeptat jen zeptat proc jse skoro vse tyka ohledne icq Pritom vir je asi v skypu kdyz sam odepisuje vsem uzivatelum virove stranky . ale Odpovidat nemusite Moc dik Doufam ze poradite jak dat ten vir pryc Moc dykes.
ComboFix 10-10-18.05 - admin 19.10.2010 19:47:11.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1022.472 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\program files\MyPlayCity\tbMyP1.dll"
"c:\windows\Tasks\AdobeAAMUpdater-1.0-E2180-admin.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\AskService.exe
c:\program files\AskBarDis\bar\bin\AskSplash.exe
c:\program files\AskBarDis\bar\bin\AskTBApp.exe
c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\05EECF7D.bin
c:\program files\AskBarDis\bar\Cache\05EED20D.bin
c:\program files\AskBarDis\bar\Cache\05EED327.bin
c:\program files\AskBarDis\bar\Cache\05EED4DC.bin
c:\program files\AskBarDis\bar\Cache\05EED692.bin
c:\program files\AskBarDis\bar\Cache\05EED847.bin
c:\program files\AskBarDis\bar\Cache\05EED980.bin
c:\program files\AskBarDis\bar\Cache\0EE9EAA8
c:\program files\AskBarDis\bar\Cache\1A43B336.bin
c:\program files\AskBarDis\bar\Cache\1A43B46E.bin
c:\program files\AskBarDis\bar\Cache\1A43B597.bin
c:\program files\AskBarDis\bar\Cache\1A43B6B0.bin
c:\program files\AskBarDis\bar\Cache\1A43B7D9.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\AskLogo.ico
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\bar\Settings\prevCfg2.htm
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\program files\Family Toolbar
c:\program files\Family Toolbar\404.htm
c:\program files\Family Toolbar\about.gif
c:\program files\Family Toolbar\about.html
c:\program files\Family Toolbar\active.html
c:\program files\Family Toolbar\addPhotos.gif
c:\program files\Family Toolbar\alerts.gif
c:\program files\Family Toolbar\anniversary.gif
c:\program files\Family Toolbar\AR.gif
c:\program files\Family Toolbar\banner.html
c:\program files\Family Toolbar\basis.xml
c:\program files\Family Toolbar\BG.gif
c:\program files\Family Toolbar\birthday.gif
c:\program files\Family Toolbar\buyFamilyGifts.gif
c:\program files\Family Toolbar\calendar.gif
c:\program files\Family Toolbar\clearhist.exe
c:\program files\Family Toolbar\clearSearchHistory.gif
c:\program files\Family Toolbar\close.gif
c:\program files\Family Toolbar\closeRoll.gif
c:\program files\Family Toolbar\collage.gif
c:\program files\Family Toolbar\createFamilySite.gif
c:\program files\Family Toolbar\CS.gif
c:\program files\Family Toolbar\DA.gif
c:\program files\Family Toolbar\data.js
c:\program files\Family Toolbar\dbghelp.dll
c:\program files\Family Toolbar\DE.gif
c:\program files\Family Toolbar\dialog_close.gif
c:\program files\Family Toolbar\dns.htm
c:\program files\Family Toolbar\EL.gif
c:\program files\Family Toolbar\EN.gif
c:\program files\Family Toolbar\ES.gif
c:\program files\Family Toolbar\Family_Toolbar.dll
c:\program files\Family Toolbar\family_toolbar.xpi
c:\program files\Family Toolbar\familyTree.gif
c:\program files\Family Toolbar\femaleOnline.gif
c:\program files\Family Toolbar\femaleOnlineAway.gif
c:\program files\Family Toolbar\ff.gif
c:\program files\Family Toolbar\ff.ico
c:\program files\Family Toolbar\FI.gif
c:\program files\Family Toolbar\FR.gif
c:\program files\Family Toolbar\HE.gif
c:\program files\Family Toolbar\HR.gif
c:\program files\Family Toolbar\HU.gif
c:\program files\Family Toolbar\icons.bmp
c:\program files\Family Toolbar\ie.gif
c:\program files\Family Toolbar\ie.ico
c:\program files\Family Toolbar\inboxOff.gif
c:\program files\Family Toolbar\inboxOn.gif
c:\program files\Family Toolbar\info.txt
c:\program files\Family Toolbar\inviteFamily.gif
c:\program files\Family Toolbar\IT.gif
c:\program files\Family Toolbar\lang.js
c:\program files\Family Toolbar\Loading.gif
c:\program files\Family Toolbar\Loading.jpg
c:\program files\Family Toolbar\logoff.gif
c:\program files\Family Toolbar\logOnToMH.gif
c:\program files\Family Toolbar\LT.gif
c:\program files\Family Toolbar\maleOnline.gif
c:\program files\Family Toolbar\maleOnlineAway.gif
c:\program files\Family Toolbar\MHlogo.gif
c:\program files\Family Toolbar\mhxpcomi.dll
c:\program files\Family Toolbar\MissingSnapshot.jpg
c:\program files\Family Toolbar\morph.gif
c:\program files\Family Toolbar\MyHeritage.ico
c:\program files\Family Toolbar\MyHeritage.png
c:\program files\Family Toolbar\MyHeritageSearch.png
c:\program files\Family Toolbar\MyHeritageWhiteBg.gif
c:\program files\Family Toolbar\MyNewTab - Grid.htm
c:\program files\Family Toolbar\MyNewTab - History Off.htm
c:\program files\Family Toolbar\MyNewTab.css
c:\program files\Family Toolbar\MyNewTab.js
c:\program files\Family Toolbar\NL.gif
c:\program files\Family Toolbar\NO.gif
c:\program files\Family Toolbar\off.exe
c:\program files\Family Toolbar\online.gif
c:\program files\Family Toolbar\PB.gif
c:\program files\Family Toolbar\photos.gif
c:\program files\Family Toolbar\PL.gif
c:\program files\Family Toolbar\privacy.gif
c:\program files\Family Toolbar\PT.gif
c:\program files\Family Toolbar\reload.gif
c:\program files\Family Toolbar\RO.gif
c:\program files\Family Toolbar\RU.gif
c:\program files\Family Toolbar\search.gif
c:\program files\Family Toolbar\site.gif
c:\program files\Family Toolbar\sites.gif
c:\program files\Family Toolbar\SK.gif
c:\program files\Family Toolbar\spacer.gif
c:\program files\Family Toolbar\SR.gif
c:\program files\Family Toolbar\stub.xml
c:\program files\Family Toolbar\SV.gif
c:\program files\Family Toolbar\tagPeople.gif
c:\program files\Family Toolbar\TB_AR.gif
c:\program files\Family Toolbar\TB_BG.gif
c:\program files\Family Toolbar\TB_CS.gif
c:\program files\Family Toolbar\TB_DA.gif
c:\program files\Family Toolbar\TB_DE.gif
c:\program files\Family Toolbar\TB_EL.gif
c:\program files\Family Toolbar\TB_EN.gif
c:\program files\Family Toolbar\TB_ES.gif
c:\program files\Family Toolbar\TB_FI.gif
c:\program files\Family Toolbar\TB_FR.gif
c:\program files\Family Toolbar\TB_HE.gif
c:\program files\Family Toolbar\TB_HR.gif
c:\program files\Family Toolbar\TB_HU.gif
c:\program files\Family Toolbar\TB_IT.gif
c:\program files\Family Toolbar\TB_LT.gif
c:\program files\Family Toolbar\TB_NL.gif
c:\program files\Family Toolbar\TB_NO.gif
c:\program files\Family Toolbar\TB_PB.gif
c:\program files\Family Toolbar\TB_PL.gif
c:\program files\Family Toolbar\TB_PT.gif
c:\program files\Family Toolbar\TB_RO.gif
c:\program files\Family Toolbar\TB_RU.gif
c:\program files\Family Toolbar\TB_SK.gif
c:\program files\Family Toolbar\TB_SR.gif
c:\program files\Family Toolbar\TB_SV.gif
c:\program files\Family Toolbar\TB_TR.gif
c:\program files\Family Toolbar\TB_UK.gif
c:\program files\Family Toolbar\tbcore3.dll
c:\program files\Family Toolbar\tbhelper.dll
c:\program files\Family Toolbar\tbs_include_script_000391.js
c:\program files\Family Toolbar\tbs_include_script_000733.js
c:\program files\Family Toolbar\tbs_include_script_000784.js
c:\program files\Family Toolbar\tbs_include_script_001134.js
c:\program files\Family Toolbar\tbs_include_script_002287.js
c:\program files\Family Toolbar\tbs_include_script_002346.js
c:\program files\Family Toolbar\tbs_include_script_002789.js
c:\program files\Family Toolbar\tbs_include_script_002833.js
c:\program files\Family Toolbar\tbs_include_script_002855.js
c:\program files\Family Toolbar\tbs_include_script_003080.js
c:\program files\Family Toolbar\tbs_include_script_003083.js
c:\program files\Family Toolbar\tbs_include_script_004183.js
c:\program files\Family Toolbar\tbs_include_script_004456.js
c:\program files\Family Toolbar\tbs_include_script_004711.js
c:\program files\Family Toolbar\tbs_include_script_004823.js
c:\program files\Family Toolbar\tbs_include_script_004824.js
c:\program files\Family Toolbar\tbs_include_script_005792.js
c:\program files\Family Toolbar\tbs_include_script_006838.js
c:\program files\Family Toolbar\tbs_include_script_007158.js
c:\program files\Family Toolbar\tbs_include_script_007564.js
c:\program files\Family Toolbar\tbs_include_script_007690.js
c:\program files\Family Toolbar\tbs_include_script_007803.js
c:\program files\Family Toolbar\tbs_include_script_008357.js
c:\program files\Family Toolbar\tbs_include_script_008502.js
c:\program files\Family Toolbar\tbs_include_script_009578.js
c:\program files\Family Toolbar\tbs_include_script_009807.js
c:\program files\Family Toolbar\tbs_include_script_011492.js
c:\program files\Family Toolbar\tbs_include_script_011493.js
c:\program files\Family Toolbar\tbs_include_script_011550.js
c:\program files\Family Toolbar\tbs_include_script_011614.js
c:\program files\Family Toolbar\tbs_include_script_011637.js
c:\program files\Family Toolbar\tbs_include_script_012671.js
c:\program files\Family Toolbar\tbs_include_script_012765.js
c:\program files\Family Toolbar\tbs_include_script_013916.js
c:\program files\Family Toolbar\tbs_include_script_014484.js
c:\program files\Family Toolbar\tbs_include_script_014583.js
c:\program files\Family Toolbar\tbs_include_script_014799.js
c:\program files\Family Toolbar\tbs_include_script_015508.js
c:\program files\Family Toolbar\tbs_include_script_015800.js
c:\program files\Family Toolbar\tbs_include_script_016179.js
c:\program files\Family Toolbar\tbs_include_script_016289.js
c:\program files\Family Toolbar\tbs_include_script_016678.js
c:\program files\Family Toolbar\tbs_include_script_017022.js
c:\program files\Family Toolbar\tbs_include_script_017427.js
c:\program files\Family Toolbar\tbs_include_script_018243.js
c:\program files\Family Toolbar\tbs_include_script_018279.js
c:\program files\Family Toolbar\tbs_include_script_018382.js
c:\program files\Family Toolbar\tbs_include_script_018505.js
c:\program files\Family Toolbar\tbs_include_script_020098.js
c:\program files\Family Toolbar\tbs_include_script_020109.js
c:\program files\Family Toolbar\tbs_include_script_020129.js
c:\program files\Family Toolbar\tbs_include_script_020859.js
c:\program files\Family Toolbar\tbs_include_script_022495.js
c:\program files\Family Toolbar\tbs_include_script_023942.js
c:\program files\Family Toolbar\tbs_include_script_024113.js
c:\program files\Family Toolbar\tbs_include_script_025757.js
c:\program files\Family Toolbar\tbs_include_script_025787.js
c:\program files\Family Toolbar\tbs_include_script_026799.js
c:\program files\Family Toolbar\tbs_include_script_026954.js
c:\program files\Family Toolbar\tbs_include_script_027482.js
c:\program files\Family Toolbar\tbs_include_script_027696.js
c:\program files\Family Toolbar\tbs_include_script_028246.js
c:\program files\Family Toolbar\tbs_include_script_028279.js
c:\program files\Family Toolbar\tbs_include_script_029390.js
c:\program files\Family Toolbar\tbs_include_script_030206.js
c:\program files\Family Toolbar\tbs_include_script_030277.js
c:\program files\Family Toolbar\tbs_include_script_030359.js
c:\program files\Family Toolbar\tbs_include_script_030760.js
c:\program files\Family Toolbar\tbs_include_script_030814.js
c:\program files\Family Toolbar\tbs_include_script_031331.js
c:\program files\Family Toolbar\tbs_include_script_031332.js
c:\program files\Family Toolbar\tbs_include_script_031711.js
c:\program files\Family Toolbar\tbs_include_script_032188.js
c:\program files\Family Toolbar\tbs_include_script_032423.js
c:\program files\Family Toolbar\tbs_include_script_032495.js
c:\program files\Family Toolbar\tellAFriend.gif
c:\program files\Family Toolbar\Thumbs.db
c:\program files\Family Toolbar\toolbarSetting.gif
c:\program files\Family Toolbar\ToolUninstall.exe
c:\program files\Family Toolbar\TR.gif
c:\program files\Family Toolbar\translations.js
c:\program files\Family Toolbar\UK.gif
c:\program files\Family Toolbar\uninstall.exe
c:\program files\Family Toolbar\uninstall.gif
c:\program files\Family Toolbar\update.exe
c:\program files\Family Toolbar\updateToolbar.gif
c:\program files\Family Toolbar\userSite.gif
c:\program files\Family Toolbar\version.txt
c:\program files\Family Toolbar\whatsNew.gif
c:\program files\Family Toolbar\xoff.jpg
c:\program files\Family Toolbar\xon.jpg
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\1001311815\config.xml
c:\program files\ICQ6Toolbar\1001311815\Icons.bmp
c:\program files\ICQ6Toolbar\1001311815\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\1001311815\ICQToolBar.dll
c:\program files\ICQ6Toolbar\1001311815\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\1001311815\logo_small.gif
c:\program files\ICQ6Toolbar\1001311815\short.wav
c:\program files\ICQ6Toolbar\1001311815\Version.txt
c:\program files\ICQ6Toolbar\100606920\config.xml
c:\program files\ICQ6Toolbar\100606920\Icons.bmp
c:\program files\ICQ6Toolbar\100606920\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\100606920\ICQToolBar.dll
c:\program files\ICQ6Toolbar\100606920\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\100606920\logo_small.gif
c:\program files\ICQ6Toolbar\100606920\short.wav
c:\program files\ICQ6Toolbar\100606920\Version.txt
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Thumbs.db
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\MyPlayCity\tbMyP1.dll
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\windows\Tasks\AdobeAAMUpdater-1.0-E2180-admin.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ASKSERVICE
-------\Legacy_ASKUPGRADE
-------\Legacy_ICQ_SERVICE
-------\Service_ASKService
-------\Service_ASKUpgrade
-------\Service_ICQ Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-19 do 2010-10-19 )))))))))))))))))))))))))))))))
.
2010-10-16 17:11 . 2010-10-16 17:11 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\SkinSoft
2010-10-16 14:38 . 2010-10-16 14:38 -------- d-----w- c:\program files\Drahokamovy mic - Davne legendy
2010-10-11 16:44 . 2010-10-11 16:44 -------- d-----w- c:\program files\AutocompletePro
2010-10-11 16:44 . 2010-10-11 16:44 -------- d-----w- c:\program files\Moo0
2010-10-10 07:17 . 2010-10-10 07:17 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\QuickStores
2010-10-09 15:59 . 2005-08-25 20:10 9804 ----a-w- c:\windows\system\vdremote.dll
2010-10-09 15:59 . 2005-08-25 20:09 7244 ----a-w- c:\windows\system\vdsvrlnk.dll
2010-10-09 15:57 . 2010-10-10 07:27 -------- d-----w- C:\Fraps
2010-10-05 16:03 . 2010-10-05 16:03 -------- d-----w- c:\program files\Ventrilo
2010-10-03 18:16 . 2010-10-04 18:05 -------- d-----w- c:\program files\Úžasná tajemství Mistra Leonarda
2010-09-30 15:49 . 2010-09-30 15:49 -------- d-----w- c:\program files\Counter-Strike
2010-09-23 17:37 . 2010-09-25 16:10 -------- d-----w- c:\program files\Brana svetu - cesta za horizont
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-07-29 1213680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2009-06-25 177152]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-28 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-28 118784]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 16125440]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 90112]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"SMail"="c:\program files\Seznam\Postak\Postak.exe" [2008-02-21 453936]
"Realtime Audio Engine"="mmrtkrnl.exe" [2005-01-20 53248]
"KB350e"="c:\program files\KB350e\MagicKey.exe" [2007-12-12 184320]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-27 393216]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Servant Salamander 2.0\\salamand.exe"=
"c:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"c:\\Program Files\\Microsoft Games\\Motocross Madness 2 Trial\\mcm2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Sega\\Universe At War Earth Assault (DEMO)\\UAWEA.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2.bin"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\World of Padman\\wop.exe"=
"c:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\TopCD\\GTR\\GTR.exe"=
"c:\\Program Files\\Namco\\Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\TomaWeb\\Simple FTP\\TWFTPCli.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\tip19\\counter-strike\\hl.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 1.0\\yct.exe"=
"c:\\Program Files\\Steam\\steamapps\\formulka\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\formulka\\condition zero\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27016:TCP"= 27016:TCP:89.111.96.58/255.255.255.255:Enabled:Dedicated Server
"27016:UDP"= 27016:UDP:89.111.96.58/255.255.255.255:Enabled:Dedicated Server
"27015:UDP"= 27015:UDP:89.111.96.58/255.255.255.255:Enabled:Dedicated Srver
"33737:UDP"= 33737:UDP:uTorrent 1.8
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.3.2010 21:50 165584]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [27.9.2005 23:29 13696]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.3.2010 21:50 17744]
R2 Iprip;Naslouchání RIP;c:\windows\System32\svchost.exe -k netsvcs [25.10.2001 14:00 14336]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R3 PAC207;Sweex Webcam USB;c:\windows\system32\drivers\PFC027.SYS [25.10.2007 19:31 616064]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [26.9.2009 19:25 133104]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [16.4.2009 16:22 13224]
S3 GT681x;%GrandTechICNameNT%;c:\windows\system32\DRIVERS\GT681x.SYS --> c:\windows\system32\DRIVERS\GT681x.SYS [?]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Crawler Search - tbr:iemenu
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: {BA833AAD-219A-4ABF-9CB4-671ADA4AFD54} = 62.84.128.6,62.84.132.6
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.myheritage.com/?orig=ds&q=
FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\nuek3xdj.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Picasa2\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
BHO-{7c5c0f58-e061-457d-9033-77307f5ed00c} - (no file)
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Family Toolbar - c:\program files\Family Toolbar\ToolUninstall.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(792)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3224)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\System32\inetsrv\inetinfo.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\System32\msdtc.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\rundll32.exe
c:\program files\ATI Technologies\ATI.ACE\CLI.EXE
c:\program files\ATI Technologies\ATI.ACE\cli.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Celkový čas: 2010-10-19 20:05:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-19 18:05
ComboFix2.txt 2010-10-19 15:44
Před spuštěním: Volných bajtů: 29 582 422 016
Po spuštění: Volných bajtů: 29 438 898 176
- - End Of File - - 13EB94671CAD5BC955CDF93B0C705A02
Chtěl bych jse zeptat jen zeptat proc jse skoro vse tyka ohledne icq Pritom vir je asi v skypu kdyz sam odepisuje vsem uzivatelum virove stranky . ale Odpovidat nemusite Moc dik Doufam ze poradite jak dat ten vir pryc Moc dykes.
Re: Skype virus
Odstranil jsem icq toolbar ne samotne icq - icq toolbar je taktez haveti... Log vypada cisty, PC si stale povida pres skype a posila havet dal "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Skype virus
Ted jsem zapnul skype a nic Moc dekuji ale kdyby zase zacalo dam vedet PS: Jste moc hodny .! Ja jdu na Pocitacovou skolu Kyberna do Hradce a budu jse ucit programovat jednou budu jako vy Pomahat lidem atd.. Dekuji dystak se ozvu. Muzu tento script poslat kamaradovy ? on ma take to same co jsem mel ja pak vam napisu jeho loog ok ?
Re: Skype virus
ne skript nikomu neposilejte, je potreba udelat na kazdy PC zvlast...A pozor na pouzivani ComboFixu - za prve je jeho svevolne pouzivani (bez doporuceni radce) zakazano a za druhe dokaze poslat pekne rychle system do kytek a pokud s nim neumite, tak to tezko ozivite At si kamarad zalozi nick a nove tema a da nejprve log z RSIT Ne jako vy hned ComboFix Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A je hotovo "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Skype virus
Dik
Přispějete na provoz fóra?