Vyskakování webových oken*

Laura · Příspěvekod **Laura** » 25 srp 2009 17:55

Ahoj, mám takový problém, že když spustím internet, tak se mi samo od sebe otevíraji nové webové stránky, co jsem vůbec nezadávala(travian, getiton, atd...); na spodní liště mám během půl hodiny 10 záložek, už nevím co s tím…
Prosím nějaký tip, jak se toho zbavit!

// 1) Nemusíš na nás KŘIČET VELKÝMI PÍSMENY, BLBĚ SE TO ČTE
// 2) Používej, prosím, interpunkci (doplnil jsem ti ji); zvýšíš tím čitelnost svých příspěvků.
// Myloš

Reklama

Damned · Příspěvekod **Damned** » 25 srp 2009 18:04

Vítám tě zde!

Z mého podpisu si stáhni HijackThis, podle návodu udělej log a vlož ho sem.

Laura · Příspěvekod **Laura** » 25 srp 2009 18:10

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:08:43, on 25.8.2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\Light Sensor Utility\Sensor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\explorer.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.5.900\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPIEAddOn.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [PowerManager] C:\Program Files\Power Manager\PM.exe
O4 - HKLM\..\Run: [Silent Mode] C:\Program Files\Light Sensor Utility\Sensor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [FreeCall] "C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe" -nosplash -minimized
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... YYYYYYYYCZ
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} (SeeTooControl Class) - http://www.seetoo.com/downloadAddon.php ... ersion=7.0
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E8ABBEBD-0B80-4091-B3B0-2C5AAD97A11A} (ScreenShooter Control) - http://tapety.mojelogo.cz/ScreenShooter.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{D0C4EE17-AE70-4625-A806-2B88A6EE50D4}: NameServer = 192.168.2.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1c9fd8f39457663) (gupdate1c9fd8f39457663) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 13085 bytes

Damned · Příspěvekod **Damned** » 25 srp 2009 18:30

Odinstaluj si:
MyWebSearch
ICQ6Toolbar
Media Access Startup
Internet Saving Optimizer
System Search Dispatcher
*****************************************************************************************************************************************
Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.5.900\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPIEAddOn.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi ... YYYYYYYYCZ
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} (SeeTooControl Class) - http://www.seetoo.com/downloadAddon.php ... ersion=7.0
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E8ABBEBD-0B80-4091-B3B0-2C5AAD97A11A} (ScreenShooter Control) - http://tapety.mojelogo.cz/ScreenShooter.ocx
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Laura · Příspěvekod **Laura** » 25 srp 2009 18:59

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2693
Windows 6.0.6000

25.8.2009 18:57:50
mbam-log-2009-08-25 (18-57-37).txt

Typ skenu: Rychlý sken
Objektu skenováno: 86572
Uplynulý cas: 6 minute(s), 4 second(s)

Infikované procesy pameti: 1
Infikované pametové moduly: 2
Infikované klíce registru: 47
Infikované hodnoty registru: 4
Infikované položky dat registru: 3
Infikované složky: 12
Infikované soubory: 10

Infikované procesy pameti:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.

Infikované pametové moduly:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll (Adware.DoubleD) -> No action taken.

Infikované klíce registru:
HKEY_CLASSES_ROOT\explorerbar.funredirector (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cdbfb47b-58a8-4111-bf95-06178dce326d} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\explorerbar.funredirector.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35b8d58c-b0cb-46b0-ba64-05b3804e4e86} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet AntiVirus Pro_is1 (Rogue.InternetAntiVirus) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b7d3e479-cc68-42b5-a338-938ece35f419} (Adware.SoftMate) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\prs (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\uniname (Trojan.FakeAlert) -> No action taken.

Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
C:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
C:\Program Files\DoubleD\GamingHarbor Toolbar (Adware.DoubleD) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960 (Adware.DoubleD) -> No action taken.

Infikované soubory:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.
C:\Program Files\Uninstall Fun Web Products.dll (Adware.MyWeb) -> No action taken.
C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll (Adware.DoubleD) -> No action taken.
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

Damned · Příspěvekod **Damned** » 25 srp 2009 19:05

Odinstaluj si i Firefox. Až skončíme, tak si nainstaluješ nový.

Potom spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Laura · Příspěvekod **Laura** » 26 srp 2009 15:17

od te doby co jsem to spustila se mi restartovl pc....a nejde připojit k internetu přes wifi co s tím?

Damned · Příspěvekod **Damned** » 26 srp 2009 16:12

Spustila mazání MbAM nebo sken ComboFix? Nakonfiguruj si znovu připojení.

Laura · Příspěvekod **Laura** » 26 srp 2009 16:19

combo fix,

Laura · Příspěvekod **Laura** » 26 srp 2009 16:31

ať dělám co dělám pořád to nejde pc je připojeno k wifi výborné spojení ale wifi nefunguje s modemem

Damned · Příspěvekod **Damned** » 26 srp 2009 16:33

Zkus najít soubor C:\ComboFix.txt a zkopíruj mi ho sem.

Laura · Příspěvekod **Laura** » 26 srp 2009 16:43

jedíný dokument co mám od combo fix

ComboFix 09-08-24.06 - Pavel 25.08.2009 19:31.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.1022.359 [GMT 2:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1377262600-3082784189-856956775-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\users\Default\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
c:\windows\system32\config\systemprofile\ntuser.dat{e3d09277-6d1d-11dc-be69-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
c:\users\Pavel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms . . . . nemohl být smazán
c:\windows\ServiceProfiles\LocalService\NTUSER.DAT{3a539869-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms . . . . nemohl být smazán
c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT{3a539865-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-07-25 do 2009-08-25 )))))))))))))))))))))))))))))))
.

2009-08-25 17:43 . 2009-08-25 17:47 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2009-08-25 17:43 . 2009-08-25 17:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-25 16:49 . 2009-08-25 16:49 -------- d-----w- c:\users\Pavel\AppData\Roaming\Malwarebytes
2009-08-25 16:49 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-25 16:49 . 2009-08-25 16:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-25 16:49 . 2009-08-25 16:49 -------- d-----w- c:\programdata\Malwarebytes
2009-08-25 16:49 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-25 16:08 . 2009-08-25 16:08 -------- d-----w- c:\program files\Trend Micro
2009-08-22 08:29 . 2009-08-22 08:29 -------- d-----w- c:\program files\Alwil Software
2009-08-21 12:44 . 2009-08-21 12:53 -------- d-----w- c:\program files\PowerArchiver
2009-08-19 17:28 . 2009-08-13 19:43 49152 ----a-w- c:\programdata\Sukoku\sukoku113.exe
2009-08-19 17:26 . 2009-08-21 08:21 -------- d-----w- c:\programdata\Sukoku
2009-08-19 17:26 . 2009-08-21 08:21 -------- d-----w- c:\program files\Sukoku
2009-08-15 11:42 . 2009-07-17 14:52 71680 ----a-w- c:\windows\system32\atl.dll
2009-08-15 11:42 . 2009-06-10 12:16 156160 ----a-w- c:\windows\system32\wkssvc.dll
2009-08-15 11:42 . 2009-06-04 12:43 1871872 ----a-w- c:\windows\system32\mstscax.dll
2009-08-15 11:42 . 2009-06-04 12:36 116736 ----a-w- c:\windows\system32\aaclient.dll
2009-08-15 11:42 . 2009-06-04 12:47 36352 ----a-w- c:\windows\system32\tsgqec.dll
2009-08-15 11:42 . 2009-06-10 12:10 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-08-15 11:42 . 2009-06-10 12:07 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-08-15 11:42 . 2009-06-10 12:04 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-08-15 11:42 . 2009-06-10 12:04 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-08-15 11:42 . 2009-06-10 12:10 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-08-15 11:42 . 2009-06-10 12:09 12800 ----a-w- c:\windows\system32\msrle32.dll
2009-08-15 11:41 . 2009-07-14 13:02 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-08-15 11:41 . 2009-07-14 13:00 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-08-15 11:41 . 2009-07-14 13:01 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-08-15 11:41 . 2009-07-14 11:11 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-08-06 18:24 . 2009-08-06 18:24 -------- d-----w- c:\program files\iPod
2009-08-06 18:24 . 2009-08-06 18:24 -------- d-----w- c:\program files\iTunes
2009-08-06 18:22 . 2009-08-06 18:22 -------- d-----w- c:\program files\QuickTime
2009-08-06 18:16 . 2009-08-06 18:16 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-29 15:13 . 2009-08-19 17:26 -------- d-----w- c:\users\Pavel\Tracing

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-25 12:45 . 2008-11-23 02:18 27335 ----a-w- c:\users\Pavel\AppData\Roaming\nvModes.dat
2009-08-24 19:14 . 2007-01-08 21:09 81404 ----a-w- c:\windows\system32\perfc005.dat
2009-08-24 19:14 . 2007-01-08 21:09 473598 ----a-w- c:\windows\system32\perfh005.dat
2009-08-21 12:35 . 2008-11-23 13:16 960 ----a-w- c:\users\Pavel\AppData\Roaming\wklnhst.dat
2009-08-15 14:54 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-08-06 18:24 . 2009-03-21 13:52 -------- d-----w- c:\program files\Common Files\Apple
2009-08-06 18:24 . 2009-03-21 13:56 -------- d-----w- c:\programdata\Apple Computer
2009-08-06 18:03 . 2007-09-27 18:39 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-06 18:01 . 2007-09-27 18:39 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-29 19:33 . 2009-07-03 10:33 -------- d-----w- c:\users\Pavel\AppData\Roaming\Skype
2009-07-29 19:20 . 2009-07-03 10:55 -------- d-----w- c:\users\Pavel\AppData\Roaming\skypePM
2009-07-24 14:18 . 2009-07-23 07:59 -------- d-----w- c:\program files\CamSpace
2009-07-21 21:52 . 2009-07-29 10:54 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 10:54 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 10:54 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 10:54 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-15 20:45 . 2008-11-18 12:58 -------- d-----w- c:\program files\ICQ6Toolbar
2009-07-15 16:46 . 2009-07-15 16:39 -------- d-----w- c:\program files\ICQ6.5
2009-07-15 16:42 . 2008-11-18 12:58 -------- d-----w- c:\programdata\ICQ
2009-07-15 16:41 . 2009-07-07 10:27 -------- d-----w- c:\program files\ICQ6
2009-07-13 12:19 . 2009-07-08 13:57 -------- d-----w- c:\users\Pavel\AppData\Roaming\aHisoft
2009-07-13 10:57 . 2009-07-08 11:29 -------- d-----w- c:\program files\Common Files\Real
2009-07-13 10:55 . 2008-12-06 12:56 -------- d-----w- c:\program files\Google
2009-07-13 09:29 . 2009-07-13 09:29 -------- d-----w- c:\program files\Common Files\xing shared
2009-07-08 18:15 . 2009-07-08 14:36 -------- d-----w- c:\programdata\Norton
2009-07-08 18:15 . 2009-07-08 14:36 -------- d-----w- c:\programdata\Symantec
2009-07-08 18:03 . 2009-07-08 18:03 -------- d-----w- c:\program files\CENZURA
2009-07-08 17:26 . 2009-07-08 17:26 -------- d-----w- c:\program files\FDRLab
2009-07-08 17:19 . 2009-07-08 17:03 -------- d-----w- c:\program files\YouTube Video Downloader
2009-07-08 16:00 . 2009-07-08 16:00 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-07-08 14:36 . 2009-07-08 14:36 -------- d-----w- c:\programdata\NortonInstaller
2009-07-08 13:14 . 2009-07-08 13:14 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2009-07-08 13:14 . 2009-07-08 13:14 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2009-07-08 13:14 . 2009-07-08 13:14 44944 ------w- c:\windows\system32\drivers\PxHelp20.sys
2009-07-08 13:14 . 2009-07-08 13:14 158192 ------w- c:\windows\system32\pxwma.dll
2009-07-08 11:31 . 2009-07-08 11:31 -------- d-----w- c:\program files\Real
2009-07-08 11:25 . 2009-07-08 11:25 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-08 11:25 . 2009-07-08 11:25 -------- d-----w- c:\program files\Java
2009-07-08 10:18 . 2008-11-18 12:39 72568 ----a-w- c:\users\Pavel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-07 17:22 . 2009-07-07 17:22 -------- d-----w- c:\program files\Dostihy 3000 Deluxe
2009-07-07 15:55 . 2009-03-09 15:53 -------- d-----w- c:\users\Pavel\AppData\Roaming\uTorrent
2009-07-07 15:54 . 2009-07-07 15:02 -------- d-----w- c:\program files\BitComet
2009-07-07 10:03 . 2009-07-07 10:02 -------- d-----w- c:\program files\ICQ612_18_53
2009-07-04 16:48 . 2009-07-03 15:23 -------- d-----w- c:\programdata\NOS
2009-07-04 16:48 . 2009-07-03 15:23 -------- d-----w- c:\program files\NOS
2009-07-03 15:28 . 2009-07-03 15:28 -------- d-----w- c:\users\Pavel\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-07-03 15:24 . 2009-07-03 15:24 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2009-07-03 10:56 . 2009-07-03 10:56 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-07-03 10:32 . 2009-07-03 10:32 -------- d-----r- c:\program files\Skype
2009-07-03 10:32 . 2009-07-03 10:32 -------- d-----w- c:\program files\Common Files\Skype
2009-07-03 10:32 . 2009-07-03 10:31 -------- d-----w- c:\programdata\Skype
2009-07-03 10:26 . 2009-07-03 10:26 -------- d-----w- c:\programdata\WLInstaller
2009-07-03 10:14 . 2009-06-24 17:12 -------- d-----w- c:\program files\Microsoft
2009-06-29 17:18 . 2008-12-14 20:54 5021800 ----a-w- c:\programdata\SweetIM\Messenger\update\sweetimsetup.exe
2009-06-15 15:29 . 2009-07-15 08:01 156160 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:23 . 2009-07-15 08:01 24064 ----a-w- c:\windows\system32\lpk.dll
2009-06-15 15:22 . 2009-07-15 08:01 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:21 . 2009-07-15 08:01 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-06-15 15:20 . 2009-07-15 08:01 34304 ----a-w- c:\windows\system32\atmlib.dll
2009-06-15 13:03 . 2009-07-15 08:01 289792 ----a-w- c:\windows\system32\atmfd.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-11-18 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-09-27 1006264]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-18 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-18 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-18 81920]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-05-25 159744]
"FIC HotKey"="c:\program files\Hotkey Utility\tray.exe" [2007-07-13 561152]
"PowerManager"="c:\program files\Power Manager\PM.exe" [2007-05-16 29696]
"Silent Mode"="c:\program files\Light Sensor Utility\Sensor.exe" [2007-06-27 253952]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-02-15 111928]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-13 177472]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-08 148888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-04-10 4431872]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{036086D6-D8D4-4F50-BBFC-36BAA721BE98}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F8233662-31AC-4E20-8055-6A0DCDA07D59}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{390FB746-2F67-4BFE-89B9-51F8DA78814F}"= c:\program files\CyberLink\PowerDV\PowerDV.exe:CyberLink PowerDV
"TCP Query User{26333BC4-11CA-4810-AA0D-C8A3E36487C1}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{75835C4E-8184-4AF4-8594-D333C8C4479E}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{22BCD39C-AC99-41FE-8BBE-F5C28B93AB1F}c:\\program files\\intervideo\\dvd8\\windvd.exe"= UDP:c:\program files\intervideo\dvd8\windvd.exe:WinDVD
"UDP Query User{8D5CB441-4B31-48F1-86FB-DD8187BA20B2}c:\\program files\\intervideo\\dvd8\\windvd.exe"= TCP:c:\program files\intervideo\dvd8\windvd.exe:WinDVD
"{6CD70C68-881D-46F2-8096-D35A034FE099}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{E9868E79-5BC4-4933-821B-FB5138F784D1}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{27DF2707-ED89-4C19-9759-7FB733E38E17}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{748FBC18-7AEF-4C41-9A36-C397DC066CDB}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{58DBE216-991D-400F-B1E2-A612CBE70087}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{E06571CB-1D2B-45F4-8D22-8F155110AEE3}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{EC3C20BA-45B1-42C9-AB22-8FBFB6711CCC}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{96700F41-A457-44D6-8060-D45FB72AE727}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{2EEF8D1B-4FEE-4D53-8FF4-CBA032F88519}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{02845245-B043-46C6-B895-623BBFE9DE46}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{24D1780A-1E10-46BC-A767-670584B04DBF}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{CDA8DD95-9CF4-4BC4-803B-0834438BB0F2}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{B95D7A7E-4EB3-411B-97FF-399BE383BBD5}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{0E8BCBA7-00A5-470E-B2EB-D32E4DA2D0B2}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{CB277E73-BC8F-4662-AF48-B035048DFFF5}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{72041D47-8EC5-4151-93E1-E8F70709D6F7}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{5DB30E8C-BA74-47FC-B569-D35D306F84CD}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{FF767278-156E-44C4-ACB0-14E005DE8E0F}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"TCP Query User{75272E91-6109-4501-A584-77AF57B24463}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{039651CD-E957-4F2D-ABF4-9B567D61FF5E}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{962A01E2-7827-4F21-9428-09F06189DF42}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{476DF6C1-8F01-4590-9A08-58111959D86F}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{84B7904B-F1DD-4FC3-8877-AE91850CF67B}"= UDP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{596C7A25-643D-40EC-8589-704EE5E9E945}"= TCP:c:\program files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{E84584B0-2DE3-4D6B-A814-1BB062E4B05F}"= UDP:c:\program files\iMesh Applications\iMesh\iMesh.exe:iMesh
"{87F097BC-2622-409C-8B22-3804D39AED09}"= TCP:c:\program files\iMesh Applications\iMesh\iMesh.exe:iMesh
"TCP Query User{FE0AAB3B-9679-4B0D-BE16-641178FB0B6B}c:\\program files\\icq6.5\\icq.exe"= UDP:c:\program files\icq6.5\icq.exe:ICQ Library
"UDP Query User{3370BC8E-907B-4498-BDF4-A4C270448349}c:\\program files\\icq6.5\\icq.exe"= TCP:c:\program files\icq6.5\icq.exe:ICQ Library
"{4362A59E-6680-492A-B3FC-40F141A56D5A}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{8EDE9FDC-7A51-4E30-947A-7CCF17C7B3F7}"= c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{36C1D30F-059A-41F2-86F5-C995276D4520}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{7D9FB8DD-E114-4469-A6CC-8BE243B81BF4}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"TCP Query User{DDDA6CC9-F68A-4244-A141-DCFAEE78E9F3}c:\\program files\\icq6.5\\icq.exe"= UDP:c:\program files\icq6.5\icq.exe:ICQ Library
"UDP Query User{635104F0-B094-48D9-BD67-F3192B612B63}c:\\program files\\icq6.5\\icq.exe"= TCP:c:\program files\icq6.5\icq.exe:ICQ Library
"TCP Query User{C3620A2C-4590-4B33-9E5D-31248AD11A61}c:\\users\\pavel\\appdata\\local\\aptana studio 1.2\\jre\\bin\\javaw.exe"= UDP:c:\users\pavel\appdata\local\aptana studio 1.2\jre\bin\javaw.exe:javaw.exe
"UDP Query User{15D44B4D-8C44-4E0B-B1F9-42B81C9BAB90}c:\\users\\pavel\\appdata\\local\\aptana studio 1.2\\jre\\bin\\javaw.exe"= TCP:c:\users\pavel\appdata\local\aptana studio 1.2\jre\bin\javaw.exe:javaw.exe
"{E22AC23B-104A-49E3-9934-5705CD421AA0}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{51222537-3D44-43EB-8B73-DA81DE774519}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{B84B4A28-B3AE-465A-B06F-779987869DC8}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{551E6FD7-90A3-4784-B178-FB60ED070394}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{7B08A54A-B145-4883-9142-D691AD8F69B8}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{B1CAF773-34B2-41D6-878D-051FC55EE7AB}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{75AE0A7E-D617-462A-B4C6-1B144BC39194}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{09C8EE0A-74B9-44A2-BC99-58C442920FCC}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{F9A5F055-45E2-4EF4-AD08-6CEA64BC8FCE}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{C4059982-9F24-4819-B390-5E8D0C785AF7}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{ECBFD35E-76FF-41F1-B2F8-A7D33607883F}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{94C5F237-AEB2-4AF9-AF29-D68B2A1F8005}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{E0AF68F6-023D-4C5D-88D8-6D554CDC250F}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{216E0C20-5A05-4691-9C85-41758D827E8E}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{67D0B863-EF76-44B3-82C8-E4CAEE90101E}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{7C15EDF9-68BF-4B31-905A-244DF7A200E5}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{4CD5B547-6249-4223-A3AB-1BBDB69FC06A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{D278D5DB-0067-4FDD-BAE2-9A205113F6F3}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{0C21DE14-505B-4177-AEF8-7002C510FD12}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8F680CBA-60FC-44D1-8CB1-667C25A97757}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{57056C9E-E787-4A44-83EF-D36BAF0DCAAE}"= UDP:c:\program files\FreeCall.com\FreeCall\FreeCall.exe:FreeCall
"{35459AD9-5AE5-467E-8DDF-D9F2A093F085}"= TCP:c:\program files\FreeCall.com\FreeCall\FreeCall.exe:FreeCall
"{FD04BACB-1C18-4CB2-94B7-5699C57FB85D}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{55DE4E88-4782-455F-AFB9-EAF825F30D68}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{91472F71-7686-4402-A622-749F10F3CE60}"= UDP:c:\program files\BitComet\BitComet.exe:BitComet.exe
"{BF1F871C-512F-49BD-A2CA-B8EBA8BBBC20}"= TCP:c:\program files\BitComet\BitComet.exe:BitComet.exe
"{8C331E26-4B8D-4CDA-B37F-EA41BE4382EC}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{ED0E3212-7C66-4F3A-B45B-43E22A7803BD}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2.11.2006 10:35 22016]
S2 gupdate1c9fd8f39457663;Google Update Service (gupdate1c9fd8f39457663);c:\program files\Google\Update\GoogleUpdate.exe [5.7.2009 18:39 133104]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [24.6.2009 19:16 55280]
S3 fsssvc;Windows Live Zabezpečení rodiny;c:\program files\Windows Live\Family Safety\fsssvc.exe [6.2.2009 18:08 533360]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\System32\drivers\s0016bus.sys [4.12.2008 20:56 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\System32\drivers\s0016mdfl.sys [4.12.2008 20:56 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\System32\drivers\s0016mdm.sys [4.12.2008 20:56 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0016mgmt.sys [4.12.2008 20:56 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\System32\drivers\s0016nd5.sys [4.12.2008 20:56 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\System32\drivers\s0016obex.sys [4.12.2008 20:56 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\System32\drivers\s0016unic.sys [4.12.2008 20:56 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\System32\drivers\s0017bus.sys [4.12.2008 20:56 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\System32\drivers\s0017mdfl.sys [4.12.2008 20:56 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\System32\drivers\s0017mdm.sys [4.12.2008 20:56 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\System32\drivers\s0017mgmt.sys [4.12.2008 20:56 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\System32\drivers\s0017nd5.sys [4.12.2008 20:56 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\System32\drivers\s0017obex.sys [4.12.2008 20:56 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\System32\drivers\s0017unic.sys [4.12.2008 20:56 117672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HsfXAudioService REG_MULTI_SZ HsfXAudioService
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-05 16:39]

2009-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-05 16:39]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-FreeCall - c:\program files\FreeCall.com\FreeCall\FreeCall.exe
HKCU-Run-BitComet - c:\program files\BitComet\BitComet.exe

.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {D0C4EE17-AE70-4625-A806-2B88A6EE50D4} = 192.168.2.1
DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} - hxxp://www.seetoo.com/downloadAddon.php ... ersion=7.0
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E8ABBEBD-0B80-4091-B3B0-2C5AAD97A11A} - hxxp://tapety.mojelogo.cz/ScreenShooter.ocx
.

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3252)
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\audiodg.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
c:\windows\System32\drivers\XAudio.exe
c:\windows\System32\rundll32.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2009-08-25 19:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-08-25 17:55

Před spuštěním: Volných bajtů: 27 363 721 216
Po spuštění: Volných bajtů: 29 002 706 944

356 --- E O F --- 2009-08-24 18:46

Vyskakování webových oken*

Vyskakování webových oken*

Re: VYSKAKOVÁNÍ WEBOVÝCH OKEN

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Re: Vyskakování webových oken*

Kdo je online