VIRY.CZ

Logfile of random's system information tool 1.06 (written by random/random)
Run by petr at 2013-06-10 22:11:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (5%) free of 153 GB
Total RAM: 1535 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-362288127-839522115-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-583907252-362288127-839522115-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-362288127-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-362288127-839522115-1003UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-362288127-839522115-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-362288127-839522115-1003.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-09-01 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-01 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-03-31 1520776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-01 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-03-31 1520776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KeySpy"=C:\Documents and Settings\petr\Plocha\finest group\KeySpy\KeySpy.exe [2007-04-07 217088]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2013-03-31 1646216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON AL-C1900 Advanced"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_L10IC2.EXE [2001-07-04 66560]
"Google Update"=C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-11-28 116648]
"Facebook Update"=C:\Documents and Settings\petr\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-12-25 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
C:\WINDOWS\INSTAL~1\{AC76B~2\_SC_AC~1.EXE [2011-05-12 295606]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MDM"=2
"LVPrcSrv"=2
"btwdins"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
WgaLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSecurityTab"=1
"NoDriveAutoRun"=67108863
"HonorAutoRunSetting"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\dc++strong\sdc21\StrongDC.exe"="C:\dc++strong\sdc21\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\squid\ncftpput.exe"="C:\squid\ncftpput.exe:*:Enabled:TNSftp"
"C:\Casino\ParadiseCasino\casino.exe"="C:\Casino\ParadiseCasino\casino.exe:*:Enabled:casino"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe"="C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe:*:Enabled:eEBSvc"
"E:\HammerMT21.exe\MSS321.dll"="E:\HammerMT21.exe\MSS321.dll:*:Enabled:MSS321"
"C:\Documents and Settings\petr\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\petr\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

======List of files/folders created in the last 1 months======

2013-06-10 22:11:07 ----D---- C:\rsit
2013-05-16 21:43:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-16 21:36:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-14 21:36:07 ----D---- C:\Program Files\Mozilla Thunderbird

======List of files/folders modified in the last 1 months======

2013-06-10 22:11:10 ----D---- C:\Program Files\Trend Micro
2013-06-10 22:08:42 ----D---- C:\WINDOWS\temp
2013-06-10 21:59:52 ----D---- C:\WINDOWS\Prefetch
2013-06-10 21:59:22 ----D---- C:\WINDOWS\system32\ias
2013-06-10 21:58:08 ----D---- C:\WINDOWS
2013-06-10 20:03:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-31 15:04:18 ----SD---- C:\WINDOWS\Tasks
2013-05-22 18:50:16 ----SHD---- C:\WINDOWS\Installer
2013-05-22 18:49:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-05-22 18:49:48 ----RD---- C:\Program Files\Skype
2013-05-16 23:05:45 ----D---- C:\WINDOWS\system32
2013-05-16 22:57:42 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-16 22:13:08 ----RSD---- C:\WINDOWS\assembly
2013-05-16 21:56:57 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-16 21:55:37 ----HD---- C:\WINDOWS\inf
2013-05-16 21:55:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-05-16 21:55:24 ----D---- C:\WINDOWS\system32\cs-cz
2013-05-16 21:55:23 ----D---- C:\Program Files\Internet Explorer
2013-05-16 21:54:40 ----D---- C:\WINDOWS\ie7updates
2013-05-16 21:52:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-16 21:52:22 ----D---- C:\WINDOWS\WinSxS
2013-05-16 21:43:31 ----A---- C:\WINDOWS\imsins.BAK
2013-05-16 21:43:21 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-16 21:37:17 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-15 18:22:51 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-15 18:07:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-15 07:52:48 ----D---- C:\Program Files
2013-05-12 23:52:50 ----A---- C:\WINDOWS\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-05-09 765736]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-05-09 368944]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-04-01 10368]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
S3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TNET1130;802.11 b/g WLAN; C:\WINDOWS\system32\DRIVERS\tnet1130.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2005-06-14 104576]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Aladdin SQL Server;Aladdin SQL Server; C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe [2012-08-17 140736]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 EpsonBidirectionalAgent;EpsonBidirectionalAgent; C:\Program Files\Common Files\EPSON\EBAPI\eEBAgent.exe [2002-06-21 184320]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-05-01 181664]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-04-19 1050440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-16 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-12-17 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-16 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-14 117144]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-09 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
S4 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Děkuji za váš čas

Zdravím, stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo dole klikni na Search.

Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.


Stáhni a spusť HJT

v okně které se ti otevře klikni na Do a system scan and save a logfile.

Proběhne sken a log který na Tebe vypadne mi sem nakopíruj.

# AdwCleaner v2.303 - Log vytvooen 11/06/2013 v 19:56:59
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : petr - PETR-D455EAF4C9
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\petr\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\extensions\toolbar@ask.com
Složka Nalezeno : C:\Documents and Settings\petr\Data aplikací\OpenCandy
Složka Nalezeno : C:\Documents and Settings\petr\Local Settings\Data aplikací\APN
Složka Nalezeno : C:\Documents and Settings\petr\Local Settings\Data aplikací\AskToolbar
Složka Nalezeno : C:\Documents and Settings\petr\Local Settings\Data aplikací\Conduit
Složka Nalezeno : C:\Documents and Settings\petr\Local Settings\Data aplikací\PackageAware
Složka Nalezeno : C:\Program Files\Ask.com
Složka Nalezeno : C:\Program Files\Conduit
Složka Nalezeno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\Askcom.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-1.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-2.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-3.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-4.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-5.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-6.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-7.xml
Soubor Nalezeno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\web-search.xml
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Soubor Nalezeno : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Klíe Nalezeno : HKCU\Software\APN
Klíe Nalezeno : HKCU\Software\Ask.com
Klíe Nalezeno : HKCU\Software\AskToolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Nalezeno : HKCU\Software\SmartBar
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\APN
Klíe Nalezeno : HKLM\Software\AskToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKU\S-1-5-21-583907252-362288127-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-583907252-362288127-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v7.0.6000.21335

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd

-\\ Mozilla Firefox v7.0.1 (cs)

Soubor : C:\Documents and Settings\LocalService\Data aplikací\Mozilla\Firefox\Profiles\qrcyyckc.default\prefs.js

[OK] Soubor je eistý.

Soubor : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\prefs.js

Nalezeno : user_pref("browser.search.defaultengine", "Ask.com");
Nalezeno : user_pref("browser.search.order.1", "Ask.com");
Nalezeno : user_pref("browser.search.selectedEngine", "Ask.com");
Nalezeno : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Nalezeno : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Nalezeno : user_pref("extensions.asktb.cbid", "^U3");
Nalezeno : user_pref("extensions.asktb.config-updated", false);
Nalezeno : user_pref("extensions.asktb.crumb", "2013.05.02+13.16.26-toolbar004iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Nalezeno : user_pref("extensions.asktb.displaybehavior", "");
Nalezeno : user_pref("extensions.asktb.displaytext", "");
Nalezeno : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Nalezeno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Nalezeno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Nalezeno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Nalezeno : user_pref("extensions.asktb.ff-original-keyword-url", "");
Nalezeno : user_pref("extensions.asktb.first-restart-after-config-update", true);
Nalezeno : user_pref("extensions.asktb.fresh-install", false);
Nalezeno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Nalezeno : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Nalezeno : user_pref("extensions.asktb.l", "dis");
Nalezeno : user_pref("extensions.asktb.last-config-req", "1370900605675");
Nalezeno : user_pref("extensions.asktb.locale", "en_EU");
Nalezeno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Nalezeno : user_pref("extensions.asktb.lstation", "");
Nalezeno : user_pref("extensions.asktb.new-tab-opt-out", true);
Nalezeno : user_pref("extensions.asktb.news-native-on", true);
Nalezeno : user_pref("extensions.asktb.o", "100000027");
Nalezeno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Nalezeno : user_pref("extensions.asktb.pstate", "");
Nalezeno : user_pref("extensions.asktb.qsrc", "2871");
Nalezeno : user_pref("extensions.asktb.r", "20");
Nalezeno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Nalezeno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Nalezeno : user_pref("extensions.asktb.slwo", "1");
Nalezeno : user_pref("extensions.asktb.socialmini-first", true);
Nalezeno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Nalezeno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Nalezeno : user_pref("extensions.asktb.socialmini-max-items", "30");
Nalezeno : user_pref("extensions.asktb.socialmini-native-on", true);
Nalezeno : user_pref("extensions.asktb.socialmini-speed", "10000");
Nalezeno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Nalezeno : user_pref("extensions.asktb.to", "");
Nalezeno : user_pref("extensions.asktb.v", "3.15.23.100013");
Nalezeno : user_pref("extensions.asktb.volume", "");
Nalezeno : user_pref("extensions.enabledAddons", "{8675f4b3-2f19-11ed-2d6b-0800600c0a19}:1.0,{6236BA26-C117-400[...]

-\\ Google Chrome v27.0.1453.110

Soubor : C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [14719 octets] - [11/06/2013 19:56:59]

########## EOF - C:\AdwCleaner[R1].txt - [14780 octets] ##########

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:35, on 11.6.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21335)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBAgent.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Documents and Settings\petr\Plocha\finest group\KeySpy\KeySpy.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_L10IC2.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Documents and Settings\petr\Plocha\adwcleaner.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [KeySpy] "C:\Documents and Settings\petr\Plocha\finest group\KeySpy\KeySpy.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON AL-C1900 Advanced] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_L10IC2.EXE /A "C:\WINDOWS\system32\E_L58.tmp"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\petr\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Aladdin SQL Server - Unknown owner - C:\Program Files\Aladdin\Aladdin SQL Server\AladdinSQL.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EpsonBidirectionalAgent - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBAgent.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 11863 bytes

Znovu spusť AdwCleaner ale tentokrát klikni na Delete,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té na Tebe opět vypadne log který mi sem zkopíruj.


V HJT fixni :

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\petr\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Pokud tam některý řádek nebude nic se neděje.

# AdwCleaner v2.303 - Log vytvooen 11/06/2013 v 22:23:49
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : petr - PETR-D455EAF4C9
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\petr\Plocha\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Ask
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\extensions\toolbar@ask.com
Složka Vymazáno : C:\Documents and Settings\petr\Data aplikací\OpenCandy
Složka Vymazáno : C:\Documents and Settings\petr\Local Settings\Data aplikací\APN
Složka Vymazáno : C:\Documents and Settings\petr\Local Settings\Data aplikací\AskToolbar
Složka Vymazáno : C:\Documents and Settings\petr\Local Settings\Data aplikací\Conduit
Složka Vymazáno : C:\Documents and Settings\petr\Local Settings\Data aplikací\PackageAware
Složka Vymazáno : C:\Program Files\Ask.com
Složka Vymazáno : C:\Program Files\Conduit
Složka Vymazáno : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\Askcom.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-1.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-2.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-3.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-4.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-5.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-6.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\icqplugin-7.xml
Soubor Vymazáno : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\searchplugins\web-search.xml
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Soubor Vymazáno : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Klíe Vymazáno : HKCU\Software\APN
Klíe Vymazáno : HKCU\Software\Ask.com
Klíe Vymazáno : HKCU\Software\AskToolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\ICQToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Klíe Vymazáno : HKCU\Software\SmartBar
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKLM\Software\APN
Klíe Vymazáno : HKLM\Software\AskToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BDF3E992C0908741B7C11F4B4E0F775
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B3BC4CF5ECE1F54BBA174C13A1AB907
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEABAA33A5E68374DBF197F2A00CD011
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB61AF52AD64B6B45930BE969F316720
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v7.0.6000.21335

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v7.0.1 (cs)

Soubor : C:\Documents and Settings\LocalService\Data aplikací\Mozilla\Firefox\Profiles\qrcyyckc.default\prefs.js

[OK] Soubor je eistý.

Soubor : C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\prefs.js

C:\Documents and Settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\user.js ... Vymazáno !

Vymazáno : user_pref("browser.search.defaultengine", "Ask.com");
Vymazáno : user_pref("browser.search.order.1", "Ask.com");
Vymazáno : user_pref("browser.search.selectedEngine", "Ask.com");
Vymazáno : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
Vymazáno : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Vymazáno : user_pref("extensions.asktb.cbid", "^U3");
Vymazáno : user_pref("extensions.asktb.config-updated", false);
Vymazáno : user_pref("extensions.asktb.crumb", "2013.05.02+13.16.26-toolbar004iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibG[...]
Vymazáno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l[...]
Vymazáno : user_pref("extensions.asktb.displaybehavior", "");
Vymazáno : user_pref("extensions.asktb.displaytext", "");
Vymazáno : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^CZ");
Vymazáno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Vymazáno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
Vymazáno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Vymazáno : user_pref("extensions.asktb.ff-original-keyword-url", "");
Vymazáno : user_pref("extensions.asktb.fresh-install", false);
Vymazáno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Vymazáno : user_pref("extensions.asktb.keyword-toggled-in-session", false);
Vymazáno : user_pref("extensions.asktb.l", "dis");
Vymazáno : user_pref("extensions.asktb.last-config-req", "1370900605675");
Vymazáno : user_pref("extensions.asktb.locale", "en_EU");
Vymazáno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
Vymazáno : user_pref("extensions.asktb.lstation", "");
Vymazáno : user_pref("extensions.asktb.new-tab-opt-out", true);
Vymazáno : user_pref("extensions.asktb.news-native-on", true);
Vymazáno : user_pref("extensions.asktb.o", "100000027");
Vymazáno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Vymazáno : user_pref("extensions.asktb.pstate", "");
Vymazáno : user_pref("extensions.asktb.qsrc", "2871");
Vymazáno : user_pref("extensions.asktb.r", "20");
Vymazáno : user_pref("extensions.asktb.search-suggestions-enabled", true);
Vymazáno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Vymazáno : user_pref("extensions.asktb.slwo", "1");
Vymazáno : user_pref("extensions.asktb.socialmini-first", true);
Vymazáno : user_pref("extensions.asktb.socialmini-interval", "1200000");
Vymazáno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Vymazáno : user_pref("extensions.asktb.socialmini-max-items", "30");
Vymazáno : user_pref("extensions.asktb.socialmini-native-on", true);
Vymazáno : user_pref("extensions.asktb.socialmini-speed", "10000");
Vymazáno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Vymazáno : user_pref("extensions.asktb.to", "");
Vymazáno : user_pref("extensions.asktb.v", "3.15.23.100013");
Vymazáno : user_pref("extensions.asktb.volume", "");
Vymazáno : user_pref("extensions.enabledAddons", "{8675f4b3-2f19-11ed-2d6b-0800600c0a19}:1.0,{6236BA26-C117-400[...]

-\\ Google Chrome v27.0.1453.110

Soubor : C:\Documents and Settings\petr\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [14850 octets] - [11/06/2013 19:56:59]
AdwCleaner[S1].txt - [14537 octets] - [11/06/2013 22:23:49]

########## EOF - C:\AdwCleaner[S1].txt - [14598 octets] ##########

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

ComboFix 13-06-08.02 - petr 11.06.2013 22:42:44.11.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.1105 [GMT 2:00]
Spuštěný z: c:\documents and settings\petr\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\petr\ncftp
c:\windows\msmqinst.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-11 do 2013-06-11 )))))))))))))))))))))))))))))))
.
.
2013-06-11 18:03 . 2013-06-11 18:03 388096 ----a-r- c:\documents and settings\petr\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-10 20:11 . 2013-06-10 20:11 -------- d-----w- C:\rsit
2013-05-14 19:36 . 2013-05-15 05:53 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 16:22 . 2012-10-14 16:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 16:22 . 2012-10-14 16:21 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-09 08:59 . 2013-03-17 08:29 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-17 08:29 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2011-09-16 21:08 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2008-07-19 19:06 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2008-07-19 19:06 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-03-17 08:29 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2008-07-19 19:06 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2008-07-19 19:06 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2010-11-14 09:31 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2008-07-19 19:05 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-01 15:55 . 2013-05-01 15:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-01 15:55 . 2013-05-01 15:56 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-01 15:55 . 2010-09-12 10:25 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-01 15:55 . 2007-04-28 16:10 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-04-16 21:58 . 2004-08-17 13:49 841216 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 21:58 . 2004-08-17 13:49 1830912 ------w- c:\windows\system32\inetcpl.cpl
2013-04-16 21:58 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-04-16 21:58 . 2004-08-17 13:49 17408 ------w- c:\windows\system32\corpol.dll
2013-04-12 23:28 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2011-10-14 21:09 1876352 ----a-w- c:\windows\system32\win32k.sys
2011-09-30 22:37 . 2011-05-06 18:42 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EPSON AL-C1900 Advanced"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_L10IC2.EXE" [2001-07-04 66560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeySpy"="c:\documents and settings\petr\Plocha\finest group\KeySpy\KeySpy.exe" [2007-04-07 217088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
"NoSecurityTab"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSecurityTab"= 1 (0x1)
"HonorAutoRunSetting"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MDM"=2 (0x2)
"LVPrcSrv"=2 (0x2)
"btwdins"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
"<NO NAME>"=
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" /hide
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" /server
"igfxtray"=c:\windows\system32\igfxtray.exe
"igfxhkcmd"=c:\windows\system32\hkcmd.exe
"igfxpers"=c:\windows\system32\igfxpers.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\dc++strong\\sdc21\\StrongDC.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\squid\\ncftpput.exe"=
"c:\\Casino\\ParadiseCasino\\casino.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Program Files\\Common Files\\EPSON\\EBAPI\\eEBSvc.exe"=
"c:\\Documents and Settings\\petr\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [17.3.2013 10:29 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [17.3.2013 10:29 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16.9.2011 23:08 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19.7.2008 21:06 368944]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 10:28 85344]
R2 Aladdin SQL Server;Aladdin SQL Server;c:\program files\Aladdin\Aladdin SQL Server\AladdinSQL.exe [27.9.2011 8:40 140736]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19.7.2008 21:06 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [17.3.2013 10:29 66336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [19.4.2010 13:45 1050440]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25.2.2010 11:18 10064]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [14.5.2013 13:26 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 13:55 161536]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [11.6.2010 14:18 36608]
S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe -k nosGetPlusHelper [17.8.2004 15:49 14336]
S3 TNET1130;802.11 b/g WLAN;c:\windows\system32\DRIVERS\tnet1130.sys --> c:\windows\system32\DRIVERS\tnet1130.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-14 16:22]
.
2013-06-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-22 08:58]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-16 21:13]
.
2013-06-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-08-16 21:13]
.
2012-04-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-362288127-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2012-04-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-362288127-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.Google.com
mStart Page =
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:3128
uSearchAssistant = hxxp://www.Google.com/
uCustomizeSearch = hxxp://www.Google.com/
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 178.77.254.254 77.48.100.254
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-05-01 18:08; toolbar@ask.com; c:\documents and settings\petr\Data aplikací\Mozilla\Firefox\Profiles\0nzyy65t.default\extensions\toolbar@ask.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-11 22:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
EPSON AL-C1900 Advanced = c:\windows\System32\spool\DRIVERS\W32X86\3\E_L10IC2.EXE /A "c:\windows\system32\E_L58.tmp"?? ?7~??6~????????Z?6~????*?6~????????????????????????????????????????????????????????????<?????9~0?6~????*?6~??7~????w?8~????????????????? e???7~???????????????????? ??
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-583907252-362288127-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{379B3903-BA92-25B7-72F0-06C8089C2E90}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"ialhdmlbfjlfhojagb"=hex:69,61,6d,68,6a,69,6c,61,66,6c,68,64,63,6c,67,6a,70,6b,
00,00
"habnjpfkbondbmpn"=hex:6a,61,68,67,6f,67,6e,6a,68,68,70,64,6a,64,6b,6e,67,67,
6a,6a,00,fb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-06-11 22:56:42
ComboFix-quarantined-files.txt 2013-06-11 20:56
.
Před spuštěním: Volných bajtů: 10 327 314 432
Po spuštění: Volných bajtů: 10 791 723 008
.
- - End Of File - - B3D5DE2E0FD1B5F0F4982A050D17EF63
413FC2A0C716421B3158746D63736515

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Pak dej vědět jaký je stav PC.

Stav PC snad OK, uvidím jestli se sám od sebe zase restartuje.....
Můžu ještě něco udělat?
Co se mi kde povedlo chytit??

petatape píše:Stav PC snad OK, uvidím jestli se sám od sebe zase restartuje.....

Chvilku ho pozoruj a pak dej vědět než to tu zamknu.

petatape píše:Můžu ještě něco udělat?

No možná bys mohl otevřít skříň PC a stlačeným vzduchem odstranit případný prach ze všech komponent.

petatape píše:Co se mi kde povedlo chytit??

Nějaké drobné šmejdy, ale pokud jich je více bývá z toho slušný problém.

Tak se mi to zase samo restartovalo..... Při načítání hodně zvětšené mapy na google. Je něco co bych mohl ještě udělat???

Použij, WhoCrashed

po spuštění klikni na Analyze,

aplikace po chvilce vytvoří zprávu o příčině pádu, kterou mi sem nakopíruj.


Co ovladače od grafiky jsou aktuální ?

tohle mám zkopírovat?:
Crash dump directory: C:\WINDOWS\Minidump

Crash dumps are disabled for your computer.

On Fri 5.7.2013 17:59:16 GMT your computer crashed
crash dump file: C:\WINDOWS\memory.dmp
This was probably caused by the following module: Unknown ()
Bugcheck code: 0x0 (0x0, 0x0, 0x0, 0x0)
Error: CUSTOM_ERROR
A third party driver was identified as the probable root cause of this system error.
Google query: CUSTOM_ERROR

a ovladače? Netuším, jak to mám zjistit?

Hm tak to jsme si moc nepomohli

Zkusil bych ty ovladače grafiky, použij AIDU

Sice se jedná o trial ale náš účel splní.

Nainstaluj ji >> spusť >> klik na Počítač >> dále Přehled,

nahoře v aplikaci klikni na Zpráva vyber Rychlá zpráva >> Prostý text

a vše mi sem zkopíruj, koukneme se co se s tím dá dělat.