Babylon search

[Márty84]

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]

:services
JavaQuickStarterService
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
catchme

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Your File Updater.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{98889811-442D-49dd-99D7-DC866BE87DBC}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

[Nela_M]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 17276 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: PROCHAZKOVI
->Temp folder emptied: 278528 bytes
->Temporary Internet Files folder emptied: 580295 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 103807016 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 1047 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 130110 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 100,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: PROCHAZKOVI
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Your File Updater.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 08142012_090948

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\hlktmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Márty84]

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci



Az vse provedete, dejte vedet, jak je na tom pc.

[Nela_M]

Dobré ráno, tak jsem se radovala předčasně
PC funguje skvěle, Babylon z homepage zmizel, ale... Mám startovní stránku default od Mozilly s vyhledávačem, dala jsem vyhledat a stránka vyhledá, ale přesměruje to do vyhledávače Babylonu Co s tím?

[Márty84]

Tak jo, podle zkusenosti kolegy, tam pustime hrubou silu.


Pokud nemate, zazalohujte si dulezita data

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte ComboFix. Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

[Nela_M]

Takže vypnula jsem MSE i bránu firewall a zapnula Combofix. Hlásil mi, že mám zaplý antivir, přitom jsem ho měla vyplý a ani ve spuštěných procesech nebyl. Tak jsem zmáčkla křížek, abych ho zastavila a zeptala se vás co mám dělat, jenže CF se spustil. Tak jsem ho nechala být a po restartu hledala log, jenže v C: je jen ComboFix s ikonou Tento počítač a taky se tak chová. Takže log nikde... Co teď?

[vyosek]

Zdravim a pekny den preji

Omlouvam se kolegovi za vstup

Asi nema cenu nejak popisovat kdy tato chyba nastava a proc, kterou cast CF nemuze udelat a vetsinou proc, jelikoz na to je treba znat cely probeh skenu CF

ve zkratce tedy, je to znamka toho, ze CF neprobehl vsemi fazemi, resp. ze nektere nemohl vykonat (vetsinou fazi na zjisteni modifikovanych slozek\souboru)...

Reseni jsou tedy takova:

• Presvedcit se, ze nebyly aktivni rezidentni stity bezp.SW - ale pisete ze jste je vypnula
• Zkusit spustit CF v Safe Mode (nouzovem rezimu) - restart PC, mackat F8, zvolit Stav nouze s praci v siti
• Pouzit prepinac /F3M - pokud nezabere nouzovy rezim, tak dodama postu

[vyosek]

Jen mala perlicka z TSF fora kde se tento problem resil, jak to muze vypadat

[Nela_M]

Děkuji, jdu na to MSE jsem pro teď odinstalovala, tak snad se to povede.

[vyosek]

Ok, kdyztak napiste kdyby byl problem

[Nela_M]

ComboFix 12-08-14.05 - Administrator 15.08.2012 11:26:22.6.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1534.1189 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\PROCHAZKOVI\WINDOWS
C:\Install.exe
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Installr\3.bin\F3EZsetp.dll
c:\program files\FunWebProducts\Installr\3.bin\F3PLUGIN.DLL
c:\program files\FunWebProducts\Installr\3.bin\NPFUNWEB.DLL
c:\program files\iWin Games\iWinGamesHookIE.dll
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\drivers\tcpip.copy
c:\windows\system32\muzapp.exe
c:\windows\system32\scrnrdr.exe
c:\windows\system32\UNWISE.EXE
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\system32\VIRepair
c:\windows\system32\VIRepair\vi.sif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-15 do 2012-08-15 )))))))))))))))))))))))))))))))
.
.
2012-08-15 09:19 . 2012-08-15 09:19 -------- d-----w- c:\documents and settings\Administrator
2012-08-15 08:57 . 2012-06-29 08:44 6891424 ------w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3B2FCF29-2073-42C3-8EFD-4A929ADC8F1E}\mpengine.dll
2012-08-13 07:08 . 2012-08-13 07:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-08-13 07:08 . 2012-08-13 07:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-13 07:08 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-11 06:46 . 2012-08-11 06:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Browser Manager
2012-08-11 06:36 . 2012-08-11 10:16 -------- d-----w- c:\program files\Bejeweled Blitz
2012-07-27 20:33 . 2012-07-27 20:33 -------- d-----w- c:\program files\Fractalis Software
2012-07-19 16:28 . 2012-07-19 16:28 -------- d-----w- c:\program files\Teta
2012-07-17 08:45 . 2012-07-17 08:45 -------- d-----w- c:\windows\Logs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-03 08:07 . 2012-04-05 06:48 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 08:07 . 2011-05-20 04:45 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-13 13:55 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2008-04-14 03:21 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-18 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-18 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-04-10 11:23 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-04-10 11:23 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2009-04-08 09:03 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2009-04-08 09:03 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2009-04-08 09:03 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2009-04-10 11:23 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-04-10 11:23 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-04-10 11:23 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2009-04-08 09:03 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2009-04-08 09:03 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2004-08-18 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-04-08 09:03 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-04-08 09:03 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-04-12 17:03 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-04-12 17:03 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2008-10-16 12:07 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-28 22:38 . 2012-05-28 22:38 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-05-23 16:50 . 2011-10-07 17:59 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-05-23 16:49 . 2012-05-23 16:49 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-05-23 16:49 . 2012-05-23 16:49 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-05-23 16:49 . 2012-05-23 16:49 45320 ----a-w- c:\windows\system32\MAMACExtract.dll
2012-05-23 16:49 . 2012-06-19 20:10 821824 ----a-w- c:\windows\system32\dgderapi.dll
2012-05-23 16:49 . 2012-06-19 20:10 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2012-05-23 16:49 . 2012-06-16 19:03 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-02-02 14:33 . 2011-02-02 14:33 437 ----a-w- c:\program files\02.02.2011none.bat
2012-07-29 08:12 . 2011-03-25 19:45 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2008-07-25 08:31 . 2009-10-28 10:25 28672 ----a-w- c:\program files\mozilla firefox\components\flashgetXpi.dll
2009-06-19 11:27 . 2009-06-19 11:27 61440 ----a-w- c:\program files\mozilla firefox\components\gemgecko.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-07-27 1388544]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"PMBVolumeWatcher"="c:\program files\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-04-22 724536]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\PROCHAZKOVI\Nabídka Start\Programy\Po spuštění\
YoWindow.lnk - c:\program files\YoWindow\yowindow.exe [2012-4-26 875008]
.
c:\documents and settings\PROCHAZKOVI\Nabídka Start\Programy\Po spuštění\
YoWindow.lnk - c:\program files\YoWindow\yowindow.exe [2012-4-26 875008]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
c:\documents and settings\PROCHAZKOVI\Nabídka Start\Programy\Po spuštění\
YoWindow.lnk - c:\program files\YoWindow\yowindow.exe [2012-4-26 875008]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UpdateService\ISUSPM.exe -startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" /hide
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"PMBVolumeWatcher"=c:\program files\Sony\PMB\PMBVolumeWatcher.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\PROCHAZKOVI\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Sony\\Media Manager for WALKMAN\\MediaManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iWin Games\\iWinGames.exe"=
"c:\\Program Files\\iWin Games\\WebUpdater.exe"=
"c:\\Program Files\\Charles\\Charles.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [12.2.2010 10:43 10240]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.4.2009 19:49 691696]
S2 Browser Manager;Browser Manager;c:\documents and settings\All Users\Data aplikací\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [11.8.2012 8:46 1697312]
S2 DeviceFinderService;DeviceFinderService;c:\program files\Sony\PlayMemories Home\dfs.exe [22.4.2012 10:07 149048]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [16.2.2011 11:00 238952]
S2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [8.4.2011 17:17 176848]
S2 NSHE;Guardant Emulator Driver;c:\windows\system32\drivers\NSHE.SYS [21.12.2009 10:03 97792]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [22.4.2012 10:05 474168]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [19.6.2012 22:13 30312]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [7.10.2010 20:14 100368]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [19.6.2012 22:10 20032]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [16.2.2011 11:00 36608]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4.5.2012 11:29 113120]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.2.2012 16:05 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.2.2012 16:05 8576]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [19.6.2012 22:13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [19.6.2012 22:13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [19.6.2012 22:13 136808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 02:32 128512 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.21.0.1
TCP: Interfaces\{B273F3AE-59E5-43CE-8D72-C8CC45755686}: NameServer = 10.115.0.253,10.115.13.190
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\ravh89we.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Display Stix2.1.1 - c:\windows\iun6002.exe
AddRemove-Hardlock Device Drivers - c:\windows\system32\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-15 11:39
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
c:\windows\System32\Ati2evxx.dll
c:\windows\System32\atiadlxx.dll
.
Celkový čas: 2012-08-15 11:43:31
ComboFix-quarantined-files.txt 2012-08-15 09:43
.
Před spuštěním: Volných bajtů: 108 652 322 816
Po spuštění: Volných bajtů: 108 620 308 480
.
- - End Of File - - 556D5E7DD8A87B412CCB374FACFBBDBF

[vyosek]

Zkuste jeste spustit Mozillu a opet napsat do adresniho about:config, nasledne napsat babyloon a veskere nalezy smazat

[Nela_M]

Ale jak? Pravý myšítko mi nenabídne odstranění a delete taky nefunguje. A je tam toho požehnaně

[vyosek]

A co zkusit kompletni odinstalovani mozilly a jeji novou instalaci? nebo tam mate moc osobnich nastavenich (zalozek, hesel apod.)?

[Nela_M]

Tak to bylo ono Záložky jsem si zazálohovala a hesla si pak doplním.

Děkuji moc za pomoc a přeji hezký den.