Prosím o kontrolu logu

[valkys27]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:04, on 10.12.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Users\valko\AppData\Roaming\cacaoweb\cacaoweb.exe
C:\Program Files\FlashGet Network\FlashGet 3\Flashget3.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.astroburn-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O1 - Hosts: ::1 localhost
O2 - BHO: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files\GameBox\gamebox_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\valko\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: IEHlprObj Class - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Program Files\NetSoftware\IEHelper.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files\GameBox\gamebox_toolbar.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [Livestation] C:\Program Files\Livestation\Livestation.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\valko\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [cacaoweb] "C:\Users\valko\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer
O4 - HKCU\..\Run: [FlashGet 3] "C:\Program Files\FlashGet Network\FlashGet 3\flashget3.exe" -minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stahnou vse FlashGet3 - C:\Users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Stahnout FlashGet3 - C:\Users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O18 - Protocol: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Program Files\GameBox\gamebox_toolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 12130 bytes

[Reklama]

[memphisto]

Vítej na fóru PC-HELP.CZ

Jak můžeš fungovat s tolika toolbary?

odinstaluj:
Wimamp Toolbar
Softonic-Eng7 Toolbar
GameBox Toolbar
Astroburn Toolbar

fixni:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.astroburn-search.com/startpage
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O1 - Hosts: ::1 localhost
O2 - BHO: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files\GameBox\gamebox_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - C:\Program Files\Astroburn Toolbar\ABToolbar.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: GameBox Toolbar - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - C:\Program Files\GameBox\gamebox_toolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: gameboxchrome - {494D4E3B-FA53-4487-8AF6-3F50FE1167A9} - C:\Program Files\GameBox\gamebox_toolbar.dll


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[valkys27]

Díky za rychlou odpověď. Všechno jsem provedl. Tady ten log:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5287

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

10.12.2010 15:41:18
mbam-log-2010-12-10 (15-41-10).txt

Typ kontroly: Rychlý test
Testované objekty: 142715
Uplynulý čas: 6 minut, 46 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\Windows\System32\secushr.dat (Malware.Trace) -> No action taken.

[memphisto]

Odinstaluj AVG. Pak použij AVG Remover a pak:

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[valkys27]

ComboFix 10-12-09.04 - valko 10.12.2010 19:32:16.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3263.1572 [GMT 1:00]
Spuštěný z: c:\users\valko\Downloads\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db
c:\users\valko\AppData\Local\Temp\RecycleBinDLL[0].dll
c:\users\valko\AppData\Local\Temp\ScreenPickerHelper[0].dll
c:\users\valko\AppData\Roaming\cacaoweb
c:\users\valko\AppData\Roaming\cacaoweb\ad96D9145E8C867A23E1125CAAA9681BE1.ad
c:\users\valko\AppData\Roaming\cacaoweb\adstorage.db
c:\users\valko\AppData\Roaming\cacaoweb\cacaoweb.exe
c:\users\valko\AppData\Roaming\cacaoweb\storage.db
c:\users\valko\AppData\Roaming\inst.exe
c:\windows\ST6UNST.000
c:\windows\system32\Thumbs.db

Nakažená kopie c:\windows\explorer.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_monitor


((((((((((((((((((((((((( Soubory vytvořené od 2010-11-10 do 2010-12-10 )))))))))))))))))))))))))))))))
.

2010-12-10 18:41 . 2010-12-10 18:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-10 14:32 . 2010-12-10 14:32 -------- d-----w- c:\users\valko\AppData\Roaming\Malwarebytes
2010-12-10 14:32 . 2010-12-10 14:32 -------- d-----w- c:\programdata\Malwarebytes
2010-12-10 14:32 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-10 14:32 . 2010-12-10 14:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-10 14:32 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-10 14:28 . 2010-12-10 14:28 -------- d-----w- c:\users\valko\DoctorWeb
2010-12-10 13:18 . 2010-12-10 13:18 388096 ----a-r- c:\users\valko\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-10 13:18 . 2010-12-10 13:18 -------- d-----w- c:\program files\Trend Micro
2010-12-10 12:16 . 2010-12-10 12:16 -------- d-----w- c:\program files\Winamp Detect
2010-12-10 12:15 . 2010-12-10 12:47 -------- d-----w- c:\users\valko\AppData\Roaming\Winamp
2010-12-10 09:11 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C91B6834-D846-4315-AC0B-331172389F06}\mpengine.dll
2010-12-09 10:47 . 2010-12-09 10:47 12800 ----a-w- c:\program files\Mozilla Firefox\plugins\npwachk.dll
2010-12-08 18:20 . 2010-12-08 20:24 -------- d-----w- c:\users\valko\AppData\Roaming\kikin
2010-12-08 18:20 . 2010-12-08 20:26 -------- d-----w- c:\program files\kikin
2010-12-08 18:20 . 2010-12-08 20:17 -------- d-----w- c:\program files\JDownloader
2010-12-08 16:03 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2010-12-08 16:03 . 2010-12-08 16:03 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-11-30 12:38 . 2010-11-30 12:41 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-11-24 07:37 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-13 08:27 . 2010-11-13 08:27 -------- d-----w- c:\program files\Common Files\Apple
2010-11-13 08:27 . 2010-11-13 08:27 -------- d-----w- c:\program files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-02 15:59 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-08 13:57 . 2010-10-23 09:15 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-10-08 13:57 . 2010-10-23 09:15 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-10-08 13:57 . 2010-10-08 13:57 111568 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-10-08 13:57 . 2010-10-08 13:57 100560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-10-08 13:57 . 2010-10-08 13:57 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 22:21 . 2010-10-23 07:31 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-22 09:52 . 2010-10-08 17:20 183240 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys
2010-09-15 02:50 . 2010-05-02 12:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-14 11:41 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2010-08-30 14:40 . 2010-08-30 14:40 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2010-08-16 19:35 799472 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\valko\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-30 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-30 30192]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]

c:\users\valko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe,c:\program files\Soluto\soluto.exe /userinit"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-30 30192]
R3 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 PAC207;Webcam 1200;c:\windows\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 PCGenFAM;PCGenFAM;c:\windows\system32\DRIVERS\PCGenFAM.sys [2010-09-22 183240]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-26 691696]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-10-08 143184]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2010-10-08 41936]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2010-09-22 330784]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-10-08 111568]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 12:01]

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 12:01]

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140048672-1542963481-2778217829-1000Core.job
- c:\users\valko\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 18:23]

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140048672-1542963481-2778217829-1000UA.job
- c:\users\valko\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 18:23]

2010-12-09 c:\windows\Tasks\User_Feed_Synchronization-{0D112D73-ECFE-42E6-9A77-AD1DBF0E8641}.job
- c:\windows\system32\msfeedssync.exe [2010-10-14 04:25]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all by FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stahnou vse FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
FF - ProfilePath - c:\users\valko\AppData\Roaming\Mozilla\Firefox\Profiles\6le9shel.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.astroburn-search.com/startpa ... google.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Veetle\Player\npvlc.dll
FF - plugin: c:\program files\Veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\valko\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\valko\AppData\Roaming\Mozilla\Firefox\Profiles\6le9shel.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\valko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\valko\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\TVUAx\npTVUAx.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
HKCU-Run-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
HKCU-Run-Livestation - c:\program files\Livestation\Livestation.exe
HKCU-Run-cacaoweb - c:\users\valko\AppData\Roaming\cacaoweb\cacaoweb.exe
HKLM-Run-hpqSRMon - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-HP Solution Center & Imaging Support Tools - c:\program files\HP\Digital Imaging\eSupport\hpzscr01.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-10 19:44
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
cacaoweb = "c:\users\valko\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer?abled:cacaoweb?ng????N????v???????? ?N???N???????????N???????N?tz?v`??v????????????r???????Service Pack 2??????????????????????????????????????????????????????????????????????????????????O??

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\valko\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\valko\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2868)
c:\windows\system32\ieframe.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\progra~1\ArcSoft\PHOTOI~1\share\pihook.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\conime.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\WUDFHost.exe
.
**************************************************************************
.
Celkový čas: 2010-12-10 19:47:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-10 18:47

Před spuštěním: Volných bajtů: 195 767 205 888
Po spuštění: Volných bajtů: 195 310 145 536

- - End Of File - - 2D12C55F08076AE583BC026C2132905F

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"=-
"EnableUIADesktopToggle"=-

Firefox::
FF - ProfilePath - c:\users\valko\AppData\Roaming\Mozilla\Firefox\Profiles\6le9shel.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.startup.homepage - hxxp://www.astroburn-search.com/startpa ... google.cz/
FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=

Folder::
c:\users\valko\AppData\Roaming\cacaoweb

RegLock::
[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\system32\DRIVERS\PCGenFAM.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[valkys27]

http://www.virustotal.com/file-scan/report.html?id=137a7ff4ffa28546cf1080ab31616474ee83c6c8c0bd99709661aa13f02b1536-1292012800

ComboFix 10-12-09.04 - valko 10.12.2010 21:10:25.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3263.2402 [GMT 1:00]
Spuštěný z: c:\users\valko\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\valko\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-11-10 do 2010-12-10 )))))))))))))))))))))))))))))))
.

2010-12-10 20:14 . 2010-12-10 20:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-10 14:32 . 2010-12-10 14:32 -------- d-----w- c:\users\valko\AppData\Roaming\Malwarebytes
2010-12-10 14:32 . 2010-12-10 14:32 -------- d-----w- c:\programdata\Malwarebytes
2010-12-10 14:32 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-10 14:32 . 2010-12-10 14:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-10 14:32 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-10 14:28 . 2010-12-10 14:28 -------- d-----w- c:\users\valko\DoctorWeb
2010-12-10 13:18 . 2010-12-10 13:18 388096 ----a-r- c:\users\valko\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-12-10 13:18 . 2010-12-10 13:18 -------- d-----w- c:\program files\Trend Micro
2010-12-10 12:16 . 2010-12-10 12:16 -------- d-----w- c:\program files\Winamp Detect
2010-12-10 12:15 . 2010-12-10 12:47 -------- d-----w- c:\users\valko\AppData\Roaming\Winamp
2010-12-10 09:11 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C91B6834-D846-4315-AC0B-331172389F06}\mpengine.dll
2010-12-09 10:47 . 2010-12-09 10:47 12800 ----a-w- c:\program files\Mozilla Firefox\plugins\npwachk.dll
2010-12-08 18:20 . 2010-12-08 20:24 -------- d-----w- c:\users\valko\AppData\Roaming\kikin
2010-12-08 18:20 . 2010-12-08 20:26 -------- d-----w- c:\program files\kikin
2010-12-08 18:20 . 2010-12-08 20:17 -------- d-----w- c:\program files\JDownloader
2010-12-08 16:03 . 2009-03-18 15:35 26176 ---ha-w- c:\windows\system32\hamachi.sys
2010-12-08 16:03 . 2010-12-08 16:03 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-11-30 12:38 . 2010-11-30 12:41 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-11-24 07:37 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-13 08:27 . 2010-11-13 08:27 -------- d-----w- c:\program files\Common Files\Apple
2010-11-13 08:27 . 2010-11-13 08:27 -------- d-----w- c:\program files\Apple Software Update

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-10-02 15:59 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-08 13:57 . 2010-10-23 09:15 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-10-08 13:57 . 2010-10-23 09:15 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-10-08 13:57 . 2010-10-08 13:57 111568 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-10-08 13:57 . 2010-10-08 13:57 100560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-10-08 13:57 . 2010-10-08 13:57 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-22 22:21 . 2010-10-23 07:31 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-22 09:52 . 2010-10-08 17:20 183240 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys
2010-09-15 02:50 . 2010-05-02 12:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-13 13:56 . 2010-10-14 11:41 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
2010-08-30 14:40 . 2010-08-30 14:40 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2010-08-16 19:35 799472 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\valko\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-30 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-30 7289376]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-30 30192]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]

c:\users\valko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2008-12-07 30088]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-30 30192]
R3 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 133104]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 PAC207;Webcam 1200;c:\windows\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 PCGenFAM;PCGenFAM;c:\windows\system32\DRIVERS\PCGenFAM.sys [2010-09-22 183240]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-26 691696]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-10-08 143184]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2010-10-08 41936]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2010-09-22 330784]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-10-08 111568]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 12:01]

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 12:01]

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140048672-1542963481-2778217829-1000Core.job
- c:\users\valko\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 18:23]

2010-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140048672-1542963481-2778217829-1000UA.job
- c:\users\valko\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-30 18:23]

2010-12-10 c:\windows\Tasks\User_Feed_Synchronization-{0D112D73-ECFE-42E6-9A77-AD1DBF0E8641}.job
- c:\windows\system32\msfeedssync.exe [2010-10-14 04:25]
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all by FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Stahnou vse FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Stahnout FlashGet3 - c:\users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?? - c:\users\valko\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\valko\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
FF - ProfilePath - c:\users\valko\AppData\Roaming\Mozilla\Firefox\Profiles\6le9shel.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-10 21:15
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\valko\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@Allowed: (Read) (RestrictedCode)
@="c:\\Users\\valko\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"

[HKEY_USERS\S-1-5-21-1140048672-1542963481-2778217829-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
Celkový čas: 2010-12-10 21:16:25
ComboFix-quarantined-files.txt 2010-12-10 20:16
ComboFix2.txt 2010-12-10 18:47

Před spuštěním: Volných bajtů: 195 311 943 680
Po spuštění: Volných bajtů: 195 283 791 872

- - End Of File - - 90B3FFE9E559E624484C44352ADDE954

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials


+ HJT

Jak se chová PC?

[valkys27]

moc dík, vše funguje daleko rychleji :-)

jen se mi stejně jako předtím nechce otevřít winamp. nevíš jak tomu pomoct?

[memphisto]

Není zač

Přeinstaluj a nedávej instalovat jeho toolbar

[valkys27]

Dík. A poslední dotaz. Nevíš jak v prohlížeči zprovoznit VMP video? Vždycky když dám play, tak se chvíli něco načítá, ale pak se to vypne a objeví se znovu jen "připraven"...

[memphisto]

Tohle nemusí být chyba prohlížeče. Stává se mi to u online TV docela často. Vyzkoušej i nainstalovat VLC a uvidíš, po jeho instalaci mi některé videa začala jít. Je na to také plugin do prohlížeče