VIRY.CZ

Dobrý den
Včera jsem si stáhla do pc program KMPlayer, ale po jeho instalaci se mi do pc spolu s ním nainstalovaly i nějaké prapodivné čínské programy. Jedna dobrá duše na jedné diskuzi mi sdělila, že se jedná o tzv. "reklamu" na ty programy, proto jsou zakomponovány do instalace zdarma stažitelných programů (Omlouvám se, pokud to zní chaoticky, nejsem IT expert). Na té samé diskuzi si jeden uživatel, který stáhl to samé co já, stěžoval, že ten program komunikoval s nějakou stránkou, načež mi bylo odpovězeno tím dotyčným rádcem, že stahoval nějaké reklamy, kterým firewall zabrání.
A teď k věci: V době instalace KMPlayeru jsem antivirus s firewallem neměla, pouze zdarma stažitelný antivir se základními funkcemi, který sloužil dobře, ale zrovna firewall neměl. I když jsem si poté stáhla antivir s firewallem, bojím se, zda ty programy mi nenatahaly do pc nějaké škůdce (viry, keyloggery atd.) a nebo zda se mi do pc někdo nenaboural. Po analýze antivirem (oběma, jak bez firewallu tak s ním) se žádné viry nenašly, ale přesto bych si chtěla být jistější a proto píšu sem. Mohli by jste mi pomoci?

P.S.: Jak KMPlayer, tak i ty čínské programy jsem si již odinstalovala z pc, jen se bojím, zda mi to nezanechalo v pc nějakej bordel
P.S.2: Pokud si vyžádáte log, tak se chci přiznat že jsem to nikdy nedělala a tudíž to neumím, proto prosím o přimhouření oka, pokud mi budete muset něco pracně dlouho vysvětlovat

Zdravim, pekne dopoledne preji a vitam Vas u nas na foru

Bohuzel ty doprovodne (nezadouci, reklamni) programy, jsou stale casteji vnucovany pri instalaci legitimnich programu - v 99% se da ta instalace nezaoducich zrusit, chce to cist co odklikavat

Mrknem na to, co se nam tam natahlo a bude potreba log, jelikoz z kristalove koule se spatne vesti

Takze mrknete na tento navod na RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Stahovala jsem KMPlayer poprvé, netroufala jsem si zasahovat do instalace, teď už vím že to byla chyba..

Jdu tedy na to

OK, pockam si na log, kdyby neco, tak se ptejte

Jen se poptám na takový hloupý dotaz, mezitím co mi jede Hijack
- Musí se vypínat prohlížeč před spuštěním?

Dodatečně děkuji za přivítání

Zde log


Logfile of random's system information tool 1.09 (written by random/random)
Run by Oliczech at 2013-01-30 11:56:01
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 60 GB (58%) free of 102 GB
Total RAM: 1014 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:56:31, on 30.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\Explorer.EXE
C:\Program Files\Asus\Eee Docking\Eee Docking.exe
C:\Users\Oliczech\Downloads\RSIT.exe
C:\Program Files\trend micro\Oliczech.exe
C:\windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/?rlz=1W4CHBA_csCZ520
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUSPRP] C:\Program Files\ASUS\APRP\APRP.EXE
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Google Update] "C:\Users\Oliczech\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\Windows\System32\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 8400 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865024019-3676417111-3808828307-1000Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865024019-3676417111-3808828307-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default

prefs.js - "browser.startup.homepage" - "http://start.icq.com/sk27211/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@kingsfot.com/npkws]
"Description"=npkws
"Path"=C:\Program Files\kingsoft\kingsoft antivirus\npkws.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\extensions\
ffxtlbr@babylon.com
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-01-14 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-23 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-01-14 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-02-28 1048888]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyMon"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\EeePC\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\EeePC\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\EeePC\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-06-10 414384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-27 9177632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"ASUSPRP"=C:\Program Files\ASUS\APRP\APRP.EXE [2010-12-22 2018032]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"ASUSWebStorage"=C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [2011-07-29 737104]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-04-19 142104]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-04-19 174360]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-04-19 150808]
"ROC_roc_ssl_v12"=C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe / /PROMPT /CMPID=roc_ssl_v12 []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe []
"Guard.Mail.ru.gui"=C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-01-11 1564368]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Oliczech\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 136176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\SYSTEM32\igfxdev.dll [2011-04-11 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-30 11:56:02 ----D---- C:\Program Files\trend micro
2013-01-30 11:03:40 ----D---- C:\rsit
2013-01-29 15:40:10 ----A---- C:\windows\system32\drivers\aswSP.sys
2013-01-29 15:40:10 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2013-01-29 15:40:03 ----A---- C:\windows\system32\drivers\aswFW.sys
2013-01-29 15:39:34 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2013-01-29 15:39:34 ----A---- C:\windows\system32\drivers\aswNdis2.sys
2013-01-29 15:39:33 ----A---- C:\windows\system32\drivers\aswTdi.sys
2013-01-29 15:39:33 ----A---- C:\windows\system32\drivers\aswKbd.sys
2013-01-29 15:39:32 ----A---- C:\windows\system32\drivers\aswSnx.sys
2013-01-29 15:39:31 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2013-01-29 15:38:36 ----A---- C:\windows\system32\drivers\aswNdis.sys
2013-01-29 15:38:34 ----A---- C:\windows\avastSS.scr
2013-01-29 15:38:32 ----A---- C:\windows\system32\aswBoot.exe
2013-01-29 15:37:51 ----D---- C:\ProgramData\AVAST Software
2013-01-29 15:37:51 ----D---- C:\Program Files\AVAST Software
2013-01-29 13:12:42 ----D---- C:\Users\Oliczech\AppData\Roaming\Wandoujia2
2013-01-29 13:00:09 ----D---- C:\Users\Oliczech\AppData\Roaming\Kingsoft
2013-01-29 12:59:51 ----D---- C:\ProgramData\kingsoft
2013-01-29 12:51:33 ----D---- C:\ProgramData\Youdao
2013-01-29 00:07:29 ----D---- C:\Users\Oliczech\AppData\Roaming\Media Player Classic
2013-01-26 10:08:45 ----D---- C:\Program Files\Free Opener
2013-01-26 09:58:22 ----A---- C:\windows\system32\unrar.dll
2013-01-26 09:57:53 ----SHD---- C:\windows\system32\AI_RecycleBin
2013-01-26 09:53:04 ----D---- C:\ProgramData\APN
2013-01-14 21:25:29 ----A---- C:\windows\system32\javaws.exe
2013-01-14 21:24:29 ----A---- C:\windows\system32\WindowsAccessBridge.dll
2013-01-14 21:24:27 ----A---- C:\windows\system32\javaw.exe
2013-01-14 21:24:24 ----A---- C:\windows\system32\java.exe
2013-01-11 15:22:04 ----D---- C:\Program Files\ICQ6Toolbar
2013-01-11 15:21:34 ----D---- C:\Program Files\Guard-ICQ
2013-01-11 15:18:51 ----D---- C:\Users\Oliczech\AppData\Roaming\ICQ
2013-01-11 15:18:13 ----D---- C:\Program Files\ICQ7M
2013-01-11 13:58:38 ----RD---- C:\Program Files\Skype
2013-01-11 13:58:38 ----D---- C:\Program Files\Common Files\Skype
2013-01-09 10:27:31 ----A---- C:\windows\system32\usp10.dll
2013-01-09 10:27:28 ----A---- C:\windows\system32\win32k.sys
2013-01-09 10:27:25 ----A---- C:\windows\system32\win32spl.dll
2013-01-09 10:26:57 ----A---- C:\windows\system32\msxml6.dll
2013-01-09 10:26:46 ----A---- C:\windows\system32\KernelBase.dll
2013-01-09 10:26:38 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 10:26:38 ----A---- C:\windows\system32\winsrv.dll
2013-01-09 10:26:38 ----A---- C:\windows\system32\kernel32.dll
2013-01-09 10:26:38 ----A---- C:\windows\system32\conhost.exe
2013-01-09 10:26:37 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 10:26:37 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 10:26:37 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 10:26:36 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 10:26:35 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 10:26:35 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 10:25:10 ----A---- C:\windows\system32\gameux.dll
2013-01-09 10:25:09 ----A---- C:\windows\system32\Wpc.dll
2013-01-09 10:24:32 ----A---- C:\windows\system32\ncrypt.dll
2013-01-09 10:24:30 ----A---- C:\windows\system32\taskhost.exe

======List of files/folders modified in the last 1 month======

2013-01-30 11:56:16 ----D---- C:\windows\Temp
2013-01-30 11:56:02 ----RD---- C:\Program Files
2013-01-30 11:51:18 ----D---- C:\windows\system32\config
2013-01-30 10:59:11 ----D---- C:\Users\Oliczech\AppData\Roaming\vlc
2013-01-29 15:40:10 ----D---- C:\windows\system32\drivers
2013-01-29 15:39:51 ----D---- C:\windows\inf
2013-01-29 15:39:46 ----D---- C:\windows\system32\catroot
2013-01-29 15:39:45 ----D---- C:\windows\system32\DriverStore
2013-01-29 15:39:27 ----D---- C:\windows\system32\Tasks
2013-01-29 15:39:16 ----SHD---- C:\windows\Installer
2013-01-29 15:38:34 ----D---- C:\Windows
2013-01-29 15:38:32 ----D---- C:\windows\System32
2013-01-29 15:37:51 ----HD---- C:\ProgramData
2013-01-29 15:37:44 ----SHD---- C:\System Volume Information
2013-01-29 15:32:28 ----D---- C:\ProgramData\MFAData
2013-01-29 15:24:41 ----D---- C:\Program Files\Common Files
2013-01-29 15:23:59 ----D---- C:\ProgramData\AVG Secure Search
2013-01-29 14:21:51 ----D---- C:\windows\system32\wfp
2013-01-29 14:21:47 ----D---- C:\windows\system32\wbem
2013-01-29 14:21:04 ----D---- C:\windows\Tasks
2013-01-29 14:21:04 ----D---- C:\windows\system32\catroot2
2013-01-29 14:21:02 ----D---- C:\windows\registration
2013-01-27 11:52:30 ----D---- C:\windows\Downloaded Program Files
2013-01-26 10:19:54 ----D---- C:\Program Files\Java
2013-01-26 10:16:08 ----RSD---- C:\windows\assembly
2013-01-22 20:03:52 ----D---- C:\windows\rescache
2013-01-14 21:23:40 ----A---- C:\windows\system32\npdeployJava1.dll
2013-01-14 21:23:40 ----A---- C:\windows\system32\deployJava1.dll
2013-01-12 14:41:48 ----D---- C:\windows\Microsoft.NET
2013-01-11 19:05:23 ----D---- C:\Users\Oliczech\AppData\Roaming\Skype
2013-01-11 15:44:55 ----D---- C:\ProgramData\ICQ
2013-01-11 15:22:00 ----D---- C:\Users\Oliczech\AppData\Roaming\ICQ Search
2013-01-11 13:59:16 ----D---- C:\ProgramData\Skype
2013-01-10 01:21:55 ----D---- C:\windows\system32\cs-CZ
2013-01-10 01:14:37 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-01-10 00:56:13 ----A---- C:\windows\system32\MRT.exe
2013-01-09 10:35:02 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-01-08 13:25:41 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\windows\system32\DRIVERS\aswNdis.sys [2012-09-21 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\windows\system32\drivers\aswNdis2.sys [2012-10-30 199320]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-06-08 435736]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 aswFW;avast! TDI Firewall driver; C:\windows\system32\drivers\aswFW.sys [2012-10-30 106560]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 irda;IrDA Protocol; C:\windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-04-11 4815872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2010-04-27 3084256]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2010-07-02 1015912]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys []
S3 EagleNT;EagleNT; \??\C:\windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 MosIrUsb;MosIrUsb.sys; C:\windows\system32\DRIVERS\MosIrUsb.sys [2007-10-11 22016]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TOO;TOO; \??\C:\Program Files\ASUS\LiveUpdate\genport.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AsusService;Asus Launcher Service; C:\Windows\System32\AsusService.exe [2009-08-19 219136]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
R2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files\Guard-ICQ\GuardICQ.exe [2013-01-11 1564368]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2011-02-28 247096]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-08 115168]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

A tak neni to uplne nejhorsi, ale neco se tam najde - jen zbytecnosti a blbiny typu reklamni programky. Zadne keyloggery nebo tak, muzete byt v klidu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Všemi programy máte na mysli i antivir, nebo ten nevadí?

Temi vsemi je to mysleno tak, at se pri techto krocich nedivate na film, na pozadi jede hudba a pritom jeste pisete ve wordu a hledate neco na google Antivir nevadi

Dobře, jdu na to

Zde log

# AdwCleaner v2.109 - Logfile created 01/30/2013 at 12:40:22
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Starter Service Pack 1 (32 bits)
# User : Oliczech - OLICZECH-PC
# Boot Mode : Normal
# Running from : C:\Users\Oliczech\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : ICQ Service

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\user.js
File Found : C:\Users\Oliczech\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\searchplugins\icqplugin.xml
File Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\searchplugins\icqplugin.xml
File Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Public\Desktop\eBay.lnk
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\ProgramData\APN
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\Users\Oliczech\AppData\Local\Babylon
Folder Found : C:\Users\Oliczech\AppData\Roaming\Babylon
Folder Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Found : HKU\S-1-5-21-3865024019-3676417111-3808828307-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3865024019-3676417111-3808828307-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-3865024019-3676417111-3808828307-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}

-\\ Mozilla Firefox v17.0.1 (cs)

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://start.icq.com/sk27211/");

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\prefs.js

Found : user_pref("browser.startup.homepage", "hxxp://start.icq.com/sk27211/");
Found : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=sk27211&tb_ver=1.4.3&q=[...]

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Oliczech\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : homepage = "hxxp://start.icq.com/",
Found [l.1627] : homepage = "hxxp://start.icq.com/",

*************************

AdwCleaner[R1].txt - [8974 octets] - [30/01/2013 12:40:22]

########## EOF - C:\AdwCleaner[R1].txt - [9034 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.109 - Logfile created 01/30/2013 at 12:51:53
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Starter Service Pack 1 (32 bits)
# User : Oliczech - OLICZECH-PC
# Boot Mode : Normal
# Running from : C:\Users\Oliczech\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : ICQ Service

***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Oliczech\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Public\Desktop\eBay.lnk
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Oliczech\AppData\Local\Babylon
Folder Deleted : C:\Users\Oliczech\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\extensions\ffxtlbr@babylon.com
Folder Deleted : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v17.0.1 (cs)

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\prefs.js

C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\nnd5zt8o.default\user.js ... Deleted !

Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/sk27211/");

File : C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\prefs.js

C:\Users\Oliczech\AppData\Roaming\Mozilla\Firefox\Profiles\tqlkqvrl.default\user.js ... Deleted !

Deleted : user_pref("browser.startup.homepage", "hxxp://start.icq.com/sk27211/");
Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=sk27211&tb_ver=1.4.3&q=[...]

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Oliczech\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.12] : homepage = "hxxp://start.icq.com/",
Deleted [l.1627] : homepage = "hxxp://start.icq.com/",

*************************

AdwCleaner[R1].txt - [9103 octets] - [30/01/2013 12:40:22]
AdwCleaner[S1].txt - [9016 octets] - [30/01/2013 12:51:53]

########## EOF - C:\AdwCleaner[S1].txt - [9076 octets] ##########

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :services
  Guard.Mail.ru
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "LiveUpdate"=-
  "ROC_roc_ssl_v12"=-
  "Adobe ARM"=-
  "Adobe Reader Speed Launcher"=-
  "DivXMediaServer"=-
  "Guard.Mail.ru.gui"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "Google Update"=-
  
  :files
  C:\Program Files\AVG Secure Search
  C:\ProgramData\AVG Secure Search
  C:\windows\tasks\Adobe Flash Player Updater.job
  C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865024019-3676417111-3808828307-1000Core.job
  C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865024019-3676417111-3808828307-1000UA.job
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zde je ten log

All processes killed
========== SERVICES/DRIVERS ==========
Service Guard.Mail.ru stopped successfully!
Service Guard.Mail.ru deleted successfully!
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LiveUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_roc_ssl_v12 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
========== FILES ==========
File\Folder C:\Program Files\AVG Secure Search not found.
File\Folder C:\ProgramData\AVG Secure Search not found.
C:\windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865024019-3676417111-3808828307-1000Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3865024019-3676417111-3808828307-1000UA.job moved successfully.
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
C:\windows\msdownld.tmp folder moved successfully.
========== COMMANDS ==========
C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 327974 bytes
->Flash cache emptied: 343 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Oliczech
->Temp folder emptied: 124358156 bytes
->Temporary Internet Files folder emptied: 447158718 bytes
->Java cache emptied: 459392590 bytes
->FireFox cache emptied: 158151043 bytes
->Google Chrome cache emptied: 399482943 bytes
->Flash cache emptied: 231007076 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 84150289 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 816,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Oliczech
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Oliczech
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01302013_130521

Files\Folders moved on Reboot...
File move failed. C:\windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
C:\windows\temp\HS.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...