Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

miklop1 · Příspěvekod **miklop1** » 20 srp 2009 18:59

Prosím o preventivní kontrolu (dlouho načítá s emi zdá)...
Kód máte tady:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:40, on 20.8.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\sttray.exe
C:\WINDOWS\system32\DNHlp32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.triline.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DNHelper32] C:\WINDOWS\system32\DNHlp32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.triline.cz
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0417729557
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3434595250
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.155.225.179:6240/activex/AMC.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 8926 bytes

Reklama

miklop1 · Příspěvekod **miklop1** » 29 srp 2009 17:57

Nekouknete mi n ato?

Damned · Příspěvekod **Damned** » 29 srp 2009 18:07

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
*****************************************************************************************************************************************
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

C:\WINDOWS\system32\DNHlp32.exe
*****************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

miklop1 · Příspěvekod **miklop1** » 30 srp 2009 11:38

Zatím jsem vse prodedl, odkaz na ten vysledek je tady.. http://research.sunbelt-software.com/pa ... 24776...Te djdu instalovat ten programek

a tady je log s toho programku...

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2717
Windows 5.1.2600 Service Pack 2

30.8.2009 11:47:03
mbam-log-2009-08-30 (11-46-59).txt

Typ skenu: Rychlý sken
Objektu skenováno: 133805
Uplynulý cas: 6 minute(s), 19 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 1
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
C:\Documents and Settings\Taťka\Nabídka Start\AntiVirus (Rogue.AntiVirus2008) -> No action taken.

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

Damned · Příspěvekod **Damned** » 30 srp 2009 11:56

Tak ještě jednou:
Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

C:\WINDOWS\system32\DNHlp32.exe

To znamená, že tu bude odkaz z Virustotalu a z tvého souboru. Nechci žádný stálý odkaz, ani sunbelt ani nic jiné,chci Virustotal. Proč? Zajímá mě nyní pouze tvůj PC a tento tvůj soubor.
*****************************************************************************************************************************************
Takže spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

miklop1 · Příspěvekod **miklop1** » 30 srp 2009 12:05

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.24 2009.08.30 -
AhnLab-V3 5.0.0.2 2009.08.29 -
AntiVir 7.9.1.7 2009.08.28 -
Antiy-AVL 2.0.3.7 2009.08.24 -
Authentium 5.1.2.4 2009.08.29 -
Avast 4.8.1335.0 2009.08.29 -
AVG 8.5.0.406 2009.08.30 -
BitDefender 7.2 2009.08.30 -
CAT-QuickHeal 10.00 2009.08.29 -
ClamAV 0.94.1 2009.08.30 -
Comodo 2124 2009.08.30 -
DrWeb 5.0.0.12182 2009.08.30 -
eSafe 7.0.17.0 2009.08.27 -
eTrust-Vet 31.6.6707 2009.08.28 -
F-Prot 4.5.1.85 2009.08.29 -
F-Secure 8.0.14470.0 2009.08.29 -
Fortinet 3.120.0.0 2009.08.30 -
GData 19 2009.08.30 -
Ikarus T3.1.1.68.0 2009.08.30 -
Jiangmin 11.0.800 2009.08.30 -
K7AntiVirus 7.10.831 2009.08.29 -
Kaspersky 7.0.0.125 2009.08.30 -
McAfee 5724 2009.08.29 -
McAfee+Artemis 5724 2009.08.29 -
McAfee-GW-Edition 6.8.5 2009.08.30 -
Microsoft 1.5005 2009.08.30 -
NOD32 4380 2009.08.30 -
Norman 2009.08.29 -
nProtect 2009.1.8.0 2009.08.30 -
Panda 10.0.2.2 2009.08.30 -
PCTools 4.4.2.0 2009.08.29 -
Prevx 3.0 2009.08.30 -
Rising 21.44.61.00 2009.08.30 -
Sophos 4.45.0 2009.08.30 -
Sunbelt 3.2.1858.2 2009.08.29 -
Symantec 1.4.4.12 2009.08.30 -
TheHacker 6.3.4.3.391 2009.08.29 -
TrendMicro 8.950.0.1094 2009.08.30 -
VBA32 3.12.10.10 2009.08.30 -
ViRobot 2009.8.28.1907 2009.08.28 -
VirusBuster 4.6.5.0 2009.08.29 -
Rozšiřující informace
File size: 45056 bytes
MD5...: 75be86547cc058bf7efb1b944de24776
SHA1..: 771ae966b716b21c1e7fdf8b2aed467d0f85669b
SHA256: 188f63d8030a7fa348a481605d4ddee40dacd117f1250ebe75ee5049ba26874d
ssdeep: 384:QrG6m7ShBUVgusX8/8YSCd5gRscKq6X03vY/yxOFXDnF9rRoZbLfiPczu:Mq
uyi9X89FASV/KOFXDFVRotU
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x2170
timedatestamp.....: 0x3c73df66 (Wed Feb 20 17:39:50 2002)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x454e 0x5000 6.08 a6bb7fdfbcdc6cbbfe46e9f5df634b56
.rdata 0x6000 0xdd4 0x1000 4.84 1093e4aee94731ab94b9e268ac1f9392
.data 0x7000 0x2f3c 0x3000 0.64 f3a3eb714c9e7b576a7751613b48b985
.rsrc 0xa000 0xe20 0x1000 2.54 c69eb8e4f646881e75594060a57acbbc

( 5 imports )
> USER32.dll: TranslateMessage, DispatchMessageA, GetMessageA, DefWindowProcA, DestroyWindow, PostMessageA, PostQuitMessage, RegisterWindowMessageA, wsprintfA, LoadCursorA, RegisterClassA, GetDesktopWindow, CreateWindowExA, UnregisterClassA
> ADVAPI32.dll: RegCreateKeyExA, RegSetValueExA, RegCloseKey
> RPCRT4.dll: RpcBindingFromStringBindingA, NdrClientInitializeNew, NdrConformantArrayBufferSize, NdrGetBuffer, NdrConformantArrayMarshall, NdrSendReceive, NdrConvert, NdrConformantArrayUnmarshall, NdrFreeBuffer, RpcBindingFree
> SHELL32.dll: Shell_NotifyIconA
> KERNEL32.dll: GlobalAlloc, HeapFree, GetProcessHeap, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, MultiByteToWideChar, LoadLibraryA, GetProcAddress, HeapReAlloc, VirtualAlloc, GetOEMCP, GetACP, HeapAlloc, GetCPInfo, HeapDestroy, GetVersionExA, GetEnvironmentVariableA, GetFileType, GetStdHandle, SetHandleCount, GetEnvironmentStringsW, GetEnvironmentStrings, WideCharToMultiByte, WriteFile, VirtualFree, GetLastError, CloseHandle, WriteProcessMemory, ReadProcessMemory, OpenProcess, GlobalFree, GlobalUnlock, GlobalHandle, GlobalLock, HeapCreate, GetTickCount, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetCommandLineA, GetCurrentProcessId, CreateMutexA, RtlUnwind, GetModuleHandleA, GetStartupInfoA, GetVersion, ExitProcess, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, GetModuleFileNameA

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=75be86547cc058bf7efb1b944de24776' target='_blank'>http://www.threatexpert.com/report.aspx?md5=75be86547cc058bf7efb1b944de24776</a>

miklop1 · Příspěvekod **miklop1** » 30 srp 2009 12:31

ComboFix 09-08-29.01 - Martin 30.08.2009 12:11.1.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1269.714 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090829-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\1360434.msi
c:\windows\Installer\74826a.msi
c:\windows\Installer\74826b.msp
c:\windows\Installer\74826c.msp
c:\windows\Installer\74826d.msp
c:\windows\Installer\74826e.msp
c:\windows\Installer\74826f.msp
c:\windows\Installer\748270.msp
c:\windows\Installer\748271.msp
c:\windows\Installer\748272.msp
c:\windows\Installer\748273.msp
c:\windows\Installer\748274.msp
c:\windows\sslzdlt.dll
c:\windows\system32\_004613_.tmp.dll
c:\windows\system32\_004614_.tmp.dll
c:\windows\system32\_004615_.tmp.dll
c:\windows\system32\_004616_.tmp.dll
c:\windows\system32\_004617_.tmp.dll
c:\windows\system32\_004618_.tmp.dll
c:\windows\system32\_004619_.tmp.dll
c:\windows\system32\_004620_.tmp.dll
c:\windows\system32\_004623_.tmp.dll
c:\windows\system32\_004624_.tmp.dll
c:\windows\system32\_004625_.tmp.dll
c:\windows\system32\_004627_.tmp.dll
c:\windows\system32\_004628_.tmp.dll
c:\windows\system32\_004631_.tmp.dll
c:\windows\system32\_004632_.tmp.dll
c:\windows\system32\_004634_.tmp.dll
c:\windows\system32\_004635_.tmp.dll
c:\windows\system32\_004636_.tmp.dll
c:\windows\system32\_004637_.tmp.dll
c:\windows\system32\_004638_.tmp.dll
c:\windows\system32\_004639_.tmp.dll
c:\windows\system32\_004640_.tmp.dll
c:\windows\system32\_004641_.tmp.dll
c:\windows\system32\_004642_.tmp.dll
c:\windows\system32\_004644_.tmp.dll
c:\windows\system32\_004645_.tmp.dll
c:\windows\system32\_004646_.tmp.dll
c:\windows\system32\_004647_.tmp.dll
c:\windows\system32\_004649_.tmp.dll
c:\windows\system32\_004651_.tmp.dll
c:\windows\system32\_004652_.tmp.dll
c:\windows\system32\_004653_.tmp.dll
c:\windows\system32\_004654_.tmp.dll
c:\windows\system32\_004655_.tmp.dll
c:\windows\system32\_004656_.tmp.dll
c:\windows\system32\_004657_.tmp.dll
c:\windows\system32\_004659_.tmp.dll
c:\windows\system32\_004660_.tmp.dll
c:\windows\system32\_004661_.tmp.dll
c:\windows\system32\_004662_.tmp.dll
c:\windows\system32\_004663_.tmp.dll
c:\windows\system32\_004664_.tmp.dll
c:\windows\system32\_004665_.tmp.dll
c:\windows\system32\_004666_.tmp.dll
c:\windows\system32\_004667_.tmp.dll
c:\windows\system32\_004668_.tmp.dll
c:\windows\system32\_004669_.tmp.dll
c:\windows\system32\_004670_.tmp.dll
c:\windows\system32\_004672_.tmp.dll
c:\windows\system32\_004673_.tmp.dll
c:\windows\system32\_004675_.tmp.dll
c:\windows\system32\_004676_.tmp.dll
c:\windows\system32\_004677_.tmp.dll
c:\windows\system32\_004678_.tmp.dll
c:\windows\system32\_004679_.tmp.dll
c:\windows\system32\_004680_.tmp.dll
c:\windows\system32\_004681_.tmp.dll
c:\windows\system32\_004682_.tmp.dll
c:\windows\system32\_004683_.tmp.dll
c:\windows\system32\_004684_.tmp.dll
c:\windows\system32\_004685_.tmp.dll
c:\windows\system32\_004686_.tmp.dll
c:\windows\system32\_004687_.tmp.dll
c:\windows\system32\_004688_.tmp.dll
c:\windows\system32\_004689_.tmp.dll
c:\windows\system32\_004691_.tmp.dll
c:\windows\system32\_004694_.tmp.dll
c:\windows\system32\_004695_.tmp.dll
c:\windows\system32\_004696_.tmp.dll
c:\windows\system32\_004697_.tmp.dll
c:\windows\system32\_004699_.tmp.dll
c:\windows\system32\_004700_.tmp.dll
c:\windows\system32\_004701_.tmp.dll
c:\windows\system32\_004702_.tmp.dll
c:\windows\system32\_004705_.tmp.dll
c:\windows\system32\_004706_.tmp.dll
c:\windows\system32\_004707_.tmp.dll
c:\windows\system32\_004708_.tmp.dll
c:\windows\system32\_004709_.tmp.dll
c:\windows\system32\_004710_.tmp.dll
c:\windows\system32\_004711_.tmp.dll
c:\windows\system32\_004713_.tmp.dll
c:\windows\system32\_004714_.tmp.dll
c:\windows\system32\_004715_.tmp.dll
c:\windows\system32\_004716_.tmp.dll
c:\windows\system32\_004717_.tmp.dll
c:\windows\system32\_004718_.tmp.dll
c:\windows\system32\_004719_.tmp.dll
c:\windows\system32\_004720_.tmp.dll
c:\windows\system32\_004721_.tmp.dll
c:\windows\system32\_004723_.tmp.dll
c:\windows\system32\_004725_.tmp.dll
c:\windows\system32\_004726_.tmp.dll
c:\windows\system32\_004727_.tmp.dll
c:\windows\system32\_004728_.tmp.dll
c:\windows\system32\_004729_.tmp.dll
c:\windows\system32\_004730_.tmp.dll
c:\windows\system32\_004735_.tmp.dll
c:\windows\system32\_004737_.tmp.dll
c:\windows\system32\skinboxer43.dll
E:\autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF

((((((((((((((((((((((((( Soubory vytvořené od 2009-07-28 do 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-30 09:38 . 2009-08-03 11:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-30 09:38 . 2009-08-30 09:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-30 09:38 . 2009-08-03 11:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-27 10:02 . 2009-08-27 10:02 -------- d-----w- c:\windows\system32\languages
2009-08-20 20:03 . 2009-08-30 10:08 -------- d-----w- c:\program files\QIP Infium bz™Pack
2009-08-20 16:15 . 2009-08-20 16:15 -------- d-----w- c:\program files\Trend Micro
2009-08-20 09:20 . 2009-08-20 09:24 -------- d-----w- c:\program files\Multi Cam Pro Demo
2009-08-20 08:56 . 2009-08-20 08:56 -------- d-----w- c:\program files\Common Files\Skype
2009-08-20 08:56 . 2009-08-20 08:56 -------- d-----r- c:\program files\Skype
2009-08-18 19:52 . 2009-08-18 19:53 -------- d-----w- c:\program files\Cyklotrasy
2009-08-17 18:28 . 2009-08-17 18:28 -------- d-----w- c:\program files\TagScanner
2009-08-16 16:31 . 2009-08-16 16:31 115 ----a-w- c:\windows\amapro.dat
2009-08-16 07:19 . 2009-08-16 07:19 -------- d-----w- c:\program files\uTorrent
2009-08-16 07:05 . 2009-08-16 07:05 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-08-16 07:05 . 2008-12-11 11:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-16 07:05 . 2009-08-16 07:05 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-16 07:04 . 2009-08-16 12:42 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-08-15 21:58 . 2009-08-15 21:59 -------- d-----w- c:\program files\Java
2009-08-15 21:30 . 2009-08-15 21:30 -------- d-----w- c:\program files\CCleaner
2009-08-15 19:57 . 2009-08-15 19:57 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-08-15 17:44 . 2009-08-15 17:45 -------- d-----w- C:\7588fef8c178591acd23f085c845
2009-08-15 17:44 . 2009-08-15 17:53 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-15 17:39 . 2009-08-15 17:39 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-12 14:58 . 2009-08-12 14:58 -------- d-----w- c:\windows\ServicePackFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-27 10:04 . 2007-02-05 07:51 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-08-27 10:03 . 2007-02-05 07:51 737280 ----a-w- c:\windows\iun6002.exe
2009-08-20 19:52 . 2009-07-22 19:09 -------- d-----w- c:\program files\QIP Infium JadrisPack
2009-08-20 10:57 . 2007-05-27 10:58 -------- d-----w- c:\program files\Microsoft Works
2009-08-18 17:22 . 2007-12-30 19:03 -------- d-----w- c:\program files\VisualConnection
2009-08-18 16:38 . 2008-07-15 19:06 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-15 22:22 . 1979-12-31 23:00 77782 ----a-w- c:\windows\system32\perfc005.dat
2009-08-15 22:22 . 1979-12-31 23:00 429246 ----a-w- c:\windows\system32\perfh005.dat
2009-08-15 22:15 . 2007-02-05 07:26 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-15 21:59 . 2008-11-30 12:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-15 21:54 . 2007-01-30 08:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-15 21:26 . 2007-02-05 07:54 -------- d-----w- c:\program files\Lavasoft
2009-08-05 09:07 . 1979-12-31 23:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-22 17:39 . 2009-07-22 17:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-22 17:39 . 2009-07-22 17:39 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-07-22 17:24 . 2009-07-22 17:24 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-17 18:57 . 1979-12-31 23:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 1979-12-31 23:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:59 . 1979-12-31 23:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 18:37 . 1979-12-31 23:00 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:37 . 1979-12-31 23:00 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:37 . 1979-12-31 23:00 489472 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:37 . 1979-12-31 23:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:37 . 1979-12-31 23:00 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:37 . 1979-12-31 23:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 18:37 . 1979-12-31 23:00 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:37 . 1979-12-31 23:00 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:37 . 1979-12-31 23:00 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:37 . 1979-12-31 23:00 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:37 . 1979-12-31 23:00 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:37 . 1979-12-31 23:00 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-25 08:48 . 2009-03-01 15:27 723456 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:48 . 2009-03-01 15:27 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:48 . 2009-03-01 15:27 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:48 . 1979-12-31 23:00 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:48 . 1979-12-31 23:00 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:48 . 1979-12-31 23:00 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-22 11:49 . 1979-12-31 23:00 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 1979-12-31 23:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 1979-12-31 23:00 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 1979-12-31 23:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-22 11:34 . 2009-03-01 15:27 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:55 . 1979-12-31 23:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:55 . 1979-12-31 23:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 11:33 . 1979-12-31 23:00 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 11:33 . 1979-12-31 23:00 81408 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:24 . 1979-12-31 23:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:31 . 2009-03-01 15:27 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-05 07:46 . 2007-01-30 08:32 655872 ----a-w- c:\windows\system32\mstscax.dll
2009-06-03 19:27 . 1979-12-31 23:00 1293312 ----a-w- c:\windows\system32\quartz.dll
2007-07-30 13:43 . 2007-06-15 17:46 848 --sha-w- c:\windows\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-09-15 2048000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-09-29 49152]
"DNHelper32"="c:\windows\system32\DNHlp32.exe" [2005-10-20 45056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2006-05-26 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\QIP Infium JadrisPack\\infium.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\QIP Infium bz™Pack\\inf.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7.9.2008 12:31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.9.2008 12:31 20560]
R2 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [6.10.2007 16:04 42624]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [16.8.2009 9:05 603904]
S1 DK12DRV;DK12 WindowsNT Driver;c:\windows\system32\DRIVERS\DK12DRV.SYS --> c:\windows\system32\DRIVERS\DK12DRV.SYS [?]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [29.12.2007 13:48 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [29.12.2007 13:48 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [29.12.2007 13:48 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [29.12.2007 13:48 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [29.12.2007 13:48 86368]
S3 UnlockerDriver4;UnlockerDriver4 Driver;\??\c:\program files\Unlocker\UnlockerDriver4.sys --> c:\program files\Unlocker\UnlockerDriver4.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-08-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2009-08-30 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Notify-dimsntfy - (no file)

.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.triline.cz
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\CoreFTP\pftpns.dll
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://213.155.225.179:6240/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\ngx6ob85.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npstar.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-30 12:19
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3068)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Photodex\ProShowProducer\scsiaccess.exe
c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2009-08-30 12:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-08-30 10:25

Před spuštěním: Volných bajtů: 54 066 747 392
Po spuštění: Volných bajtů: 54 035 078 144

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
391 --- E O F --- 2009-08-26 06:21

Damned · Příspěvekod **Damned** » 30 srp 2009 12:53

Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

c:\windows\system32\DRIVERS\DK12DRV.SYS
*****************************************************************************************************************************************
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\amapro.dat
c:\windows\system32\KGyGaAvL.sys
c:\program files\Unlocker\UnlockerDriver4.sys

FileLook::
c:\windows\system32\DRIVERS\DK12DRV.SYS

Folder::
c:\windows\SxsCaPendDel
C:\Documents and Settings\Taťka\Nabídka Start\AntiVirus

Driver::
KGyGaAvL
UnlockerDriver4;UnlockerDriver4 Driver
UnlockerDriver4

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

miklop1 · Příspěvekod **miklop1** » 31 srp 2009 08:28

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:27:39, on 31.8.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\sttray.exe
C:\WINDOWS\system32\DNHlp32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.triline.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DNHelper32] C:\WINDOWS\system32\DNHlp32.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.triline.cz
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://a1540.g.akamai.net/7/1540/52/200 ... plugin.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0417729557
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3434595250
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://213.155.225.179:6240/activex/AMC.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 7953 bytes

-------------------------------------------
ComboFix 09-08-30.01 - Martin 31.08.2009 8:09.2.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1269.862 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1351 [VPS 090830-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\program files\Unlocker\UnlockerDriver4.sys"
"c:\windows\amapro.dat"
"c:\windows\system32\KGyGaAvL.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Taťka\Nabídka Start\AntiVirus
c:\windows\amapro.dat
c:\windows\SxsCaPendDel
c:\windows\system32\KGyGaAvL.sys
E:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_UNLOCKERDRIVER4
-------\Service_UnlockerDriver4

((((((((((((((((((((((((( Soubory vytvořené od 2009-07-28 do 2009-08-31 )))))))))))))))))))))))))))))))
.

2009-08-27 10:02 . 2009-08-27 10:02 -------- d-----w- c:\windows\system32\languages
2009-08-20 20:03 . 2009-08-30 19:01 -------- d-----w- c:\program files\QIP Infium bz™Pack
2009-08-20 16:15 . 2009-08-20 16:15 -------- d-----w- c:\program files\Trend Micro
2009-08-20 09:20 . 2009-08-20 09:24 -------- d-----w- c:\program files\Multi Cam Pro Demo
2009-08-20 08:56 . 2009-08-20 08:56 -------- d-----w- c:\program files\Common Files\Skype
2009-08-20 08:56 . 2009-08-20 08:56 -------- d-----r- c:\program files\Skype
2009-08-18 19:52 . 2009-08-18 19:53 -------- d-----w- c:\program files\Cyklotrasy
2009-08-17 18:28 . 2009-08-17 18:28 -------- d-----w- c:\program files\TagScanner
2009-08-16 07:19 . 2009-08-16 07:19 -------- d-----w- c:\program files\uTorrent
2009-08-16 07:05 . 2009-08-16 07:05 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-08-16 07:05 . 2008-12-11 11:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-16 07:05 . 2009-08-16 07:05 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-16 07:04 . 2009-08-16 12:42 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-08-15 21:58 . 2009-08-15 21:59 -------- d-----w- c:\program files\Java
2009-08-15 21:30 . 2009-08-15 21:30 -------- d-----w- c:\program files\CCleaner
2009-08-15 19:57 . 2009-08-15 19:57 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-08-15 17:44 . 2009-08-15 17:45 -------- d-----w- C:\7588fef8c178591acd23f085c845
2009-08-15 17:39 . 2009-08-15 17:39 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-12 14:58 . 2009-08-12 14:58 -------- d-----w- c:\windows\ServicePackFiles

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-27 10:04 . 2007-02-05 07:51 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-08-27 10:03 . 2007-02-05 07:51 737280 ----a-w- c:\windows\iun6002.exe
2009-08-20 19:52 . 2009-07-22 19:09 -------- d-----w- c:\program files\QIP Infium JadrisPack
2009-08-20 10:57 . 2007-05-27 10:58 -------- d-----w- c:\program files\Microsoft Works
2009-08-18 17:22 . 2007-12-30 19:03 -------- d-----w- c:\program files\VisualConnection
2009-08-18 16:38 . 2008-07-15 19:06 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-17 16:10 . 2008-09-07 10:30 1279456 ----a-w- c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2008-09-07 10:31 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:06 . 2008-09-07 10:31 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-08-17 16:05 . 2008-09-07 10:31 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-08-17 16:05 . 2008-09-07 10:31 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-08-17 16:04 . 2008-09-07 10:31 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-08-17 16:04 . 2008-09-07 10:31 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:03 . 2008-09-07 10:31 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-08-17 16:02 . 2008-09-07 10:31 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-08-15 22:22 . 1979-12-31 23:00 77782 ----a-w- c:\windows\system32\perfc005.dat
2009-08-15 22:22 . 1979-12-31 23:00 429246 ----a-w- c:\windows\system32\perfh005.dat
2009-08-15 22:15 . 2007-02-05 07:26 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-15 21:59 . 2008-11-30 12:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-15 21:54 . 2007-01-30 08:45 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-15 21:26 . 2007-02-05 07:54 -------- d-----w- c:\program files\Lavasoft
2009-08-05 09:07 . 1979-12-31 23:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-22 17:39 . 2009-07-22 17:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2009-07-22 17:39 . 2009-07-22 17:39 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2009-07-22 17:24 . 2009-07-22 17:24 -------- d-----w- c:\program files\PC Connectivity Solution
2009-07-17 18:57 . 1979-12-31 23:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-13 21:43 . 1979-12-31 23:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 16:59 . 1979-12-31 23:00 915456 ------w- c:\windows\system32\wininet.dll
2009-06-25 18:37 . 1979-12-31 23:00 95744 ----a-w- c:\windows\system32\mqsec.dll
2009-06-25 18:37 . 1979-12-31 23:00 517120 ----a-w- c:\windows\system32\mqsnap.dll
2009-06-25 18:37 . 1979-12-31 23:00 489472 ----a-w- c:\windows\system32\mqutil.dll
2009-06-25 18:37 . 1979-12-31 23:00 48640 ----a-w- c:\windows\system32\mqupgrd.dll
2009-06-25 18:37 . 1979-12-31 23:00 186880 ----a-w- c:\windows\system32\mqtrig.dll
2009-06-25 18:37 . 1979-12-31 23:00 123392 ----a-w- c:\windows\system32\mqrtdep.dll
2009-06-25 18:37 . 1979-12-31 23:00 661504 ----a-w- c:\windows\system32\mqqm.dll
2009-06-25 18:37 . 1979-12-31 23:00 47104 ----a-w- c:\windows\system32\mqdscli.dll
2009-06-25 18:37 . 1979-12-31 23:00 225280 ----a-w- c:\windows\system32\mqoa.dll
2009-06-25 18:37 . 1979-12-31 23:00 177152 ----a-w- c:\windows\system32\mqrt.dll
2009-06-25 18:37 . 1979-12-31 23:00 16896 ----a-w- c:\windows\system32\mqise.dll
2009-06-25 18:37 . 1979-12-31 23:00 138240 ----a-w- c:\windows\system32\mqad.dll
2009-06-25 08:48 . 2009-03-01 15:27 723456 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:48 . 2009-03-01 15:27 133632 ----a-w- c:\windows\system32\msv1_0.dll
2009-06-25 08:48 . 2009-03-01 15:27 168448 ----a-w- c:\windows\system32\schannel.dll
2009-06-25 08:48 . 1979-12-31 23:00 59392 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:48 . 1979-12-31 23:00 56320 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:48 . 1979-12-31 23:00 298496 ----a-w- c:\windows\system32\kerberos.dll
2009-06-22 11:49 . 1979-12-31 23:00 19968 ----a-w- c:\windows\system32\mqbkup.exe
2009-06-22 11:49 . 1979-12-31 23:00 117248 ----a-w- c:\windows\system32\mqtgsvc.exe
2009-06-22 11:49 . 1979-12-31 23:00 4608 ----a-w- c:\windows\system32\mqsvc.exe
2009-06-22 11:48 . 1979-12-31 23:00 91776 ----a-w- c:\windows\system32\drivers\mqac.sys
2009-06-22 11:34 . 2009-03-01 15:27 92544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-16 14:55 . 1979-12-31 23:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:55 . 1979-12-31 23:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-15 11:33 . 1979-12-31 23:00 78336 ----a-w- c:\windows\system32\telnet.exe
2009-06-15 11:33 . 1979-12-31 23:00 81408 ----a-w- c:\windows\system32\tlntsess.exe
2009-06-10 14:24 . 1979-12-31 23:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 06:31 . 2009-03-01 15:27 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-05 07:46 . 2007-01-30 08:32 655872 ----a-w- c:\windows\system32\mstscax.dll
2009-06-03 19:27 . 1979-12-31 23:00 1293312 ----a-w- c:\windows\system32\quartz.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-08-30_10.19.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-31 06:16 . 2009-08-31 06:16 16384 c:\windows\Temp\Perflib_Perfdata_7e4.dat
+ 2009-08-31 06:16 . 2009-08-31 06:16 16384 c:\windows\Temp\Perflib_Perfdata_5cc.dat
- 2009-08-30 10:17 . 2009-08-30 10:17 16384 c:\windows\Temp\Perflib_Perfdata_5cc.dat
+ 2009-08-31 05:18 . 2009-08-31 05:18 16384 c:\windows\Temp\Perflib_Perfdata_5a4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-09-15 2048000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-09-29 49152]
"DNHelper32"="c:\windows\system32\DNHlp32.exe" [2005-10-20 45056]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2006-05-26 282624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"hpqSRMon"=c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\QIP Infium JadrisPack\\infium.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\QIP Infium bz™Pack\\inf.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7.9.2008 12:31 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.9.2008 12:31 20560]
R2 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [6.10.2007 16:04 42624]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [16.8.2009 9:05 603904]
S1 DK12DRV;DK12 WindowsNT Driver;c:\windows\system32\DRIVERS\DK12DRV.SYS --> c:\windows\system32\DRIVERS\DK12DRV.SYS [?]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [29.12.2007 13:48 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [29.12.2007 13:48 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [29.12.2007 13:48 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [29.12.2007 13:48 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [29.12.2007 13:48 86368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-08-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2009-08-31 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.triline.cz
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Name-Space Handler: ftp\* - {419A0123-4312-1122-A0C0-434FDA6DA542} - c:\program files\CoreFTP\pftpns.dll
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://213.155.225.179:6240/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\ngx6ob85.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npstar.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-31 08:18
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1504)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\browselc.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\program files\Zoner\Photo Studio 11\Program\SHELLEXT.DLL
c:\program files\WinRAR\rarext.dll
c:\program files\WinRAR\rarlng.dll
c:\program files\TuneUp Utilities 2009\SDShelEx-win32.dll
c:\program files\TuneUp Utilities 2009\DseShExt-x86.dll
c:\progra~1\AIMP2\System\AIMP_S~1.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Photodex\ProShowProducer\scsiaccess.exe
c:\program files\SigmaTel\C-Major Audio\WDM\stacsv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2009-08-31 8:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-08-31 06:24
ComboFix2.txt 2009-08-30 10:25

Před spuštěním: Volných bajtů: 54 286 742 016
Po spuštění: Volných bajtů: 54 242 584 576

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
295 --- E O F --- 2009-08-26 06:21

Damned · Příspěvekod **Damned** » 31 srp 2009 10:19

Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se. :bigups:

Prosím o preventivní kontrolu (dlouho načítá s emi zdá) Vyřešeno

Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá)

Re: Prosím o preventivní kontrolu (dlouho načítá s emi zdá) Vyřešeno

Kdo je online