VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Vírus z FB?

https://forum.viry.cz:443/viewtopic.php?t=118687

Stránka 2 z 4

Re: Vírus z FB?

Napsal: 14 led 2012 11:31
od vyosek
Jeste jednou ale kliknete na Opravit - Fix It

Re: Vírus z FB?

Napsal: 14 led 2012 14:01
od shatterhand
All processes killed
========== OTL ==========
Service HidServ stopped successfully!
Service HidServ deleted successfully!
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
HKU\S-1-5-21-1417001333-1214440339-682003330-500\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
C:\Program Files\Crawler\Toolbar\ctbr.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
C:\Program Files\BS_Player\tbBS_P.dll moved successfully.
HKU\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "" removed from browser.search.order.1
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: BSToolbar@toolbarnet.com:1.0.0.5 removed from extensions.enabledItems
Prefs.js: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2 removed from extensions.enabledItems
Prefs.js: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 removed from extensions.enabledItems
Prefs.js: jqs@sun.com:1.0 removed from extensions.enabledItems
Prefs.js: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.4.0024 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.4.3&q=" removed from keyword.URL
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin not found.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local\modules scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\components scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\components\Resources scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\components scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\chrome scheduled to be moved on reboot.
Folder move failed. C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com scheduled to be moved on reboot.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\bsplayer-search.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\daemon-search.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-24.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-25.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-26.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-27.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-28.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-29.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-30.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-31.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-32.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-33.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-34.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-35.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-36.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-37.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-38.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-39.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-40.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-41.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\icqplugin.xml moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\searchplugins\winamp-search.xml moved successfully.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}\ not found.
File C:\Program Files\Crawler\Toolbar\ctbr.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\ConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File C:\Program Files\BS_Player\tbBS_P.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{259F616C-A300-44F5-B04A-ED001A26C85C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{259F616C-A300-44F5-B04A-ED001A26C85C}\ deleted successfully.
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\ConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
File C:\Program Files\BS_Player\tbBS_P.dll not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2C688203-7EB3-4327-9995-1CB417BA23F9} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2C688203-7EB3-4327-9995-1CB417BA23F9}\ not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-1417001333-1214440339-682003330-500\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ not found.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Search\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Winamp Search\ deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html moved successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search\ deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:364682BC deleted successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\"PWRISOVM.EXE"|C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224] /E :invalid edit format. Invalid data type.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\12Voip deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
========== FILES ==========
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
File\Folder C:\Program Files\MyWebSearch not found.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\Winamp Toolbar folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\5033400B097745AB94CECC135A8E1BBB.TMP folder moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 404599399 bytes
->Temporary Internet Files folder emptied: 37778461 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 86062513 bytes
->Google Chrome cache emptied: 75168005 bytes
->Flash cache emptied: 1164 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 583528 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 80405418 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 514435687 bytes

Total Files Cleaned = 1 144,00 mb


[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 01142012_135155

Files\Folders moved on Reboot...
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local\modules folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\local folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults\preferences folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\searchplugin folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\META-INF folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\defaults folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\components\Resources folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\components folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\chrome\content folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com\chrome folder moved successfully.
C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\DTToolbar@toolbarnet.com folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
File\Folder C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
C:\WINDOWS\temp\Perflib_Perfdata_5b4.dat moved successfully.

Registry entries deleted on Reboot...

Re: Vírus z FB?

Napsal: 14 led 2012 14:07
od vyosek
Jak se chova nas pacient :???:

Re: Vírus z FB?

Napsal: 14 led 2012 15:40
od shatterhand
Okno z FB už nevyskakuje a nezdá sa mi ani spomalený.

Re: Vírus z FB?

Napsal: 14 led 2012 16:12
od vyosek
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis)
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: Poprosim o novy log z RSIT a napiste co PC

Re: Vírus z FB?

Napsal: 14 led 2012 18:42
od shatterhand
Vyčistené. PC sa chová slušne. Vo firefoxe mi však pri písaní názvu stránky ponúka len niektoré záložky, niektoré musím zadať celý názov, ale pri zobrazení stránky je tam žltá hviezdička - znak záložky. Tu je log z RSITu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-01-14 18:36:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (6%) free of 50 GB
Total RAM: 895 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:36:41, on 14. 1. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.atlas.cz/?from=icqhp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - Default URLSearchHook is missing
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BA11B05-CB1D-43E5-8932-F95655A73F7D}: NameServer = 195.113.44.11,195.113.0.2
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

--
End of file - 7365 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\Toolbar\firefox\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"m3ffxtbr@mywebsearch.com"=C:\Program Files\MyWebSearch\bar\3.bin


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Musicnotes.com/Musicnotes Viewer,version=1.18.4]
"Description"=Musicnotes Viewer Plugin
"Path"=C:\Program Files\Musicnotes\npmusicn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin]
"Description"=My Web Search Plugin
"Path"=C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.1.5.22]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files\Musicnotes\npsibelius.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll


C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
npwachk.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
NPOFF12.DLL
nppdf32.dll
npwachk.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\a8lffkrb.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-06 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-06 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-06 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-07 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
"DisallowRun"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Administrator\Plocha\StrongDC.exe"="C:\Documents and Settings\Administrator\Plocha\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\12Voip.com\12Voip\12Voip.exe"="C:\Program Files\12Voip.com\12Voip\12Voip.exe:*:Enabled:12Voip"
"C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"="C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe:*:Disabled:Sentinel Protection Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\system32\drivers\svchost.exe"="%windir%\system32\drivers\svchost.exe:*:Enabled:svchost"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.VSPX"=vspxvfw.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

======List of files/folders created in the last 1 month======

2012-01-14 18:36:33 ----D---- C:\rsit
2012-01-14 18:05:03 ----SHD---- C:\Config.Msi
2012-01-13 19:33:37 ----D---- C:\ZHP
2012-01-13 19:33:17 ----D---- C:\Program Files\ZHPDiag
2012-01-11 12:40:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 12:39:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 12:37:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 12:37:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 12:37:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-07 20:08:07 ----D---- C:\Program Files\Conduit
2012-01-07 20:07:58 ----D---- C:\Program Files\ConduitEngine
2012-01-07 20:07:44 ----D---- C:\Program Files\BS_Player
2011-12-16 01:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-16 01:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-16 01:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-16 01:42:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-16 01:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-16 01:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2618444$
2011-12-16 01:42:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-16 01:41:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$

======List of files/folders modified in the last 1 month======

2012-01-14 18:36:39 ----D---- C:\WINDOWS\Prefetch
2012-01-14 18:36:35 ----D---- C:\Program Files\trend micro
2012-01-14 18:34:37 ----RD---- C:\Program Files
2012-01-14 18:31:22 ----SHD---- C:\WINDOWS\Installer
2012-01-14 18:29:13 ----D---- C:\WINDOWS\WinSxS
2012-01-14 18:29:13 ----AD---- C:\WINDOWS
2012-01-14 18:22:54 ----RSD---- C:\WINDOWS\assembly
2012-01-14 18:19:59 ----D---- C:\Program Files\Common Files
2012-01-14 18:16:58 ----D---- C:\Program Files\Common Files\ESRI
2012-01-14 18:12:56 ----D---- C:\WINDOWS\system32
2012-01-14 18:05:24 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ESRI
2012-01-14 17:46:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2012-01-14 17:46:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
2012-01-14 17:46:18 ----D---- C:\WINDOWS\Debug
2012-01-14 17:44:55 ----D---- C:\Program Files\CCleaner
2012-01-14 17:43:13 ----D---- C:\WINDOWS\temp
2012-01-14 17:42:38 ----D---- C:\flexlm
2012-01-14 17:41:13 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-01-14 13:59:32 ----D---- C:\Program Files\Mozilla Firefox
2012-01-14 13:54:08 ----D---- C:\WINDOWS\system32\drivers\etc
2012-01-12 00:54:07 ----D---- C:\Documents and Settings\Administrator\Data aplikací\SolidDocuments
2012-01-11 12:40:06 ----HD---- C:\WINDOWS\inf
2012-01-11 12:40:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-11 12:37:40 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 12:37:11 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-11 10:03:11 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-07 20:22:54 ----D---- C:\Documents and Settings\Administrator\Data aplikací\BSplayer
2012-01-03 19:25:11 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-03 03:04:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-16 20:36:23 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-24 218688]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 Sentinel;Sentinel; C:\WINDOWS\System32\Drivers\SENTINEL.SYS [2006-03-14 90176]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-07 1972736]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-10 4449280]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-01 697328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-07 446464]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 nlsX86cc;NLS Service; C:\WINDOWS\system32\NLSSRV32.EXE [2011-01-31 68928]
R2 ScReadSpool;SolidPDFConverterReadSpool; C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe [2006-11-02 184320]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2006-03-14 206400]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: Vírus z FB?

Napsal: 14 led 2012 19:42
od vyosek
:arrow: Stahnete SytemLook (viz muj podpis) a ulozte jej na plochu
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    :filefind
svchost.exe
  • Kliknete na Look
  • Tlacitko Look se zmeni na Scanning a zsedne
  • Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
  • Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

Re: Vírus z FB?

Napsal: 14 led 2012 20:37
od shatterhand
SystemLook 30.07.11 by jpshortstuff
Log created at 20:35 on 14/01/2012 by Administrator
Administrator - Elevation successful

========== filefind ==========

Searching for "svchost.exe"
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe -----c- 14336 bytes [10:06 09/03/2010] [13:49 17/08/2004] DFBA2915B0BF58ABB288CD4C9318CB3F
C:\WINDOWS\ERDNT\cache\svchost.exe --a---- 14336 bytes [17:40 11/10/2009] [07:52 14/04/2008] BE4A520E29B6391F49E79CCC52044D93
C:\WINDOWS\ServicePackFiles\i386\svchost.exe ------- 14336 bytes [10:16 09/03/2010] [07:52 14/04/2008] BE4A520E29B6391F49E79CCC52044D93
C:\WINDOWS\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\svchost.exe --a---- 14336 bytes [03:22 14/04/2008] [03:22 14/04/2008] BE4A520E29B6391F49E79CCC52044D93
C:\WINDOWS\system32\svchost.exe --a---- 14336 bytes [13:49 17/08/2004] [07:52 14/04/2008] BE4A520E29B6391F49E79CCC52044D93

-= EOF =-

Re: Vírus z FB?

Napsal: 15 led 2012 09:51
od vyosek
:arrow: Otevrete si poznamkovy blok
  • Start->spustit->notepad
  • Vlozte text nize

  • Kód: Vybrat vše

    REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"=-
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\drivers\svchost.exe"=-
  • Soubor ulozte jako oprava.reg
  • Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
  • Obrázek
  • Zavrit notepad a spustit dvojklikem oprava.reg
  • Pripadny dotaz na zmenu registru potvrdte
  • Okno jen problikne a opravi regsitry - soubor muzete smazat
:arrow: Jinak OK

Re: Vírus z FB?

Napsal: 15 led 2012 13:10
od shatterhand
Opravené. Ešte by som sa chcel spýtať, momentálne mi pri písaní vo firefoxe v okne vyhľadávača vyskakujú nielen adresy záložiek, ale aj z histórie, čo som čítal večer. Neviete, kde tento súkromie napádajúci nešvár odstránim? Prípadne neviete, čo s BS playerom, aby po dvojkliku nenabehla čierna obrazovka ale full screen video? Tiež titulky pri full screen alebo movie mode sú len uprostred v stĺpci. Ďakujem

Re: Vírus z FB?

Napsal: 15 led 2012 13:15
od vyosek
FF zkuste preinstalovat dle tohoto navodu kolegy http://www.viruskasino.com/2011/03/prob ... foxom.html

BSPlayer tez zkuste reinstalovat

Re: Vírus z FB?

Napsal: 16 led 2012 07:36
od shatterhand
BS player som preinštaloval, ale vôbec to nepomohlo

Firefox som ešte nestihol preinštalovať, pretože mi prestali rozumne fungovať internetové prehliadače. Momentálne píšem z iného PC. Na mojom PC prieskumník, word, acrobat atd. fungujú normálne, ale mozilla firefox, internet explorer a google chrome stránky nezobrazujú. Nie je to pripojením, sieťový kábel je ok. Vo firefoxe vyskočí prázdne okno, občas po opakovaní pokusu sa objaví domovská stránka. Po zadaní slova do vyhľadávača a enter sa nestane nič, občas po mnohých opakovaniach sa podarí niečo nájsť.
:(

Re: Vírus z FB?

Napsal: 16 led 2012 07:59
od shatterhand
Zvláštne. Po reštarte firefox funguje.

Re: Vírus z FB?

Napsal: 16 led 2012 08:03
od shatterhand
Ale je neskutočne pomalá, to sa nedá používať ani na čítanie stránok.

Re: Vírus z FB?

Napsal: 16 led 2012 08:54
od vyosek
:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost 2 a potvrte enterem
  • Utilita provede svou cinnost a da log - ten sem vlozte
  • Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
:arrow: A dejte novy log z RSIT
Všechny časy jsou v UTC+01:00
Stránka 2 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz