Prosím o kontrolu Logu

Hellfik · Příspěvekod **Hellfik** » 25 bře 2011 18:36

V počítači mám vir NOD32 (který jsem dnes smazal) mi to začal hlásit přiblizně před 3 dny a začalo to hlásit ve firefox.exe tak jsem firefox a vše co s ním mělo dělat ale teďka to skáče všude...zkoušel jsem ho najít v nouzovém režimu ale nepodařilo se někam se asi schoval :(

Díky :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:32:06, on 25.3.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe
C:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe
C:\Program Files\TrojanHunter 5.3\THGuard.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\helppane.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AV Vcs 7.0 DIAMOND\VcsCore.exe
C:\Program Files\DarkSteam\DarkSteam.exe
C:\Program Files\DarkSteam\Steam.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\BoReC\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: &Crawler Toolbar Helper - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: everyflv - {7b5f691b-c51e-5778-ec7e-ea0c7689199f} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (file missing)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {B71B15CF-3093-459C-B764-AEB2486F2273} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (file missing)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HKLM] C:\Users\Admin\AppData\Roaming\install\server.exe
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 5.3\THGuard.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [HKCU] C:\Users\Admin\AppData\Roaming\install\server.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Registrace Need for Speed™ Undercover.lnk = C:\Program Files\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 16213 bytes

Reklama

Damned · Příspěvekod **Damned** » 25 bře 2011 18:55

Odinstaluj si:
ICQ6Toolbar
Crawler Toolbar
Spyware Terminator
TrojanHunter 5.3
vShare Toolbar
WormRadar
AVG Security Toolbar
Bing Bar Helper
free-downloads.net Toolbar
SMTTB2009 Toolbar (Hyper Cam)

Až to budeš mít, vlož sem nový (zkontroluj čas v logu) log z HJT

Hellfik · Příspěvekod **Hellfik** » 25 bře 2011 19:15

vShare Toolbar
WormRadar
AVG Security Toolbar
Bing Bar Helper
free-downloads.net Toolbar
SMTTB2009 Toolbar (Hyper Cam)

Todle už v počítači nemám
Zbytek je odstraněn :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:15:07, on 25.3.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Multimedia Combo Set Driver\MouseDrv.exe
C:\Program Files\Multimedia Combo Set Driver\PS2USBKbdDrv.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\DarkSteam\DarkSteam.exe
C:\Program Files\DarkSteam\Steam.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\BoReC\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: everyflv - {7b5f691b-c51e-5778-ec7e-ea0c7689199f} - (no file)
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (file missing)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {B71B15CF-3093-459C-B764-AEB2486F2273} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (file missing)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Combo Set Driver\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [HKCU] C:\Users\Admin\AppData\Roaming\install\server.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Registrace Need for Speed™ Undercover.lnk = C:\Program Files\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Plánovač automatické aktualizace LiveUpdate (Automatic LiveUpdate Scheduler) - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 14611 bytes

Damned · Příspěvekod **Damned** » 25 bře 2011 19:24

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vshare.toolbarhome.com/?hp=df
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: everyflv - {7b5f691b-c51e-5778-ec7e-ea0c7689199f} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (file missing)
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: (no name) - {B71B15CF-3093-459C-B764-AEB2486F2273} - (no file)
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll (file missing)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [HKCU] C:\Users\Admin\AppData\Roaming\install\server.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
*************************************************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti: Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko Konec.
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje a poté kliknutím na OK spusť program
- nech vybranou možnost Rychlá kontrola a klikni na tlačítko Prohledat

Bude-li nalezen problém:
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost Uložit protokol a ulož si log na Plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
- výsledný log mi sem zkopíruj
(zatím nic nemaž!).

Nebude-li nalezen problém:
- Klikni na tlačítko "OK" a sděl mi to

Hellfik · Příspěvekod **Hellfik** » 25 bře 2011 20:20

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6170

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8080.16413

25.3.2011 20:12:54
mbam-log-2011-03-25 (20-12-47).txt

Typ kontroly: Rychlý test
Testované objekty: 162328
Uplynulý èas: 13 minut, 22 sekund

Infikované procesy v pamìti: 0
Infikované moduly v pamìti: 0
Infikované klíèe v registru: 24
Infikované hodnoty v registru: 7
Infikované datové položky v registru: 1
Infikované složky: 22
Infikované soubory: 49

Infikované procesy v pamìti:
(Žádné škodlivé položky nebyly zjištìny)

Infikované moduly v pamìti:
(Žádné škodlivé položky nebyly zjištìny)

Infikované klíèe v registru:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160F76A-1992-4B17-A32D-0C706D159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDBFB47B-58A8-4111-BF95-06178DCE326D} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\Software\FLV Direct Player (Adware.FLVPlayer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Direct Player (Adware.FLVPlayer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 (Adware.DoubleD) -> No action taken.

Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Value: {5617ECA9-488D-4BA2-8562-9710B9AB78D2} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Value: {5617ECA9-488D-4BA2-8562-9710B9AB78D2} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224E955-00E9-4613-A844-CE69FCCAAE91} (Adware.DoubleD) -> Value: {2224E955-00E9-4613-A844-CE69FCCAAE91} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224E955-00E9-4613-A844-CE69FCCAAE91} (Adware.DoubleD) -> Value: {2224E955-00E9-4613-A844-CE69FCCAAE91} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} (Adware.DoubleD) -> Value: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} (Adware.DoubleD) -> Value: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\DRam prosessor (Trojan.Agent) -> Value: DRam prosessor -> No action taken.

Infikované datové položky v registru:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Infikované složky:
c:\program files\DoubleD (Adware.DoubleD) -> No action taken.
c:\program files\flv direct player (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv (Adware.BHO.FL) -> No action taken.
c:\program files\internet saving optimizer (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340 (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\Data (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\chrome (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\chrome\content (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\components (Adware.DoubleD) -> No action taken.
c:\program files\media access startup (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850 (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\Data (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\content (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840 (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840\Data (Adware.DoubleD) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\flv direct player (Adware.FLVPlayer) -> No action taken.

Infikované soubory:
c:\Users\Admin\AppData\Roaming\sndvol32.exe (Trojan.Downloader) -> No action taken.
c:\Users\Admin\AppData\Roaming\logs.dat (Bifrose.Trace) -> No action taken.
c:\program files\Core.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\dbg.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\demoplayer.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\filesystem_stdio.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\filesystem_steam.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\vgui.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\vgui2.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\voice_miles.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\voice_speex.dll (Spyware.OnlineGames) -> No action taken.
c:\program files\flv direct player\downloading.swf (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\flvplayer.exe (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\preload.swf (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\uninstall.exe (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\Button.bmp (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\Logo.bmp (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\skin.xml (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\sysclosebutton.bmp (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\sysmaxbutton.bmp (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\sysminbutton.bmp (Adware.BHO.FL) -> No action taken.
c:\program files\flv direct player\Skin\directflv\Window.bmp (Adware.BHO.FL) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\unins000.dat (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\unins000.exe (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\Data\config.md (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\install.rdf (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\components\npffaddon.xpt (Adware.DoubleD) -> No action taken.
c:\program files\internet saving optimizer\3.4.0.4340\FF\components\npffhelpercomponent.js (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\unins000.dat (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\unins000.exe (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\Data\config.md (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome.manifest (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\install.rdf (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components\hpffaddon.xpt (Adware.DoubleD) -> No action taken.
c:\program files\media access startup\1.5.0.850\FF\components\hpffhelpercomponent.js (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840\unins000.dat (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840\unins000.exe (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840\Data\eacore.mx (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840\Data\urldynamic.mx (Adware.DoubleD) -> No action taken.
c:\program files\system search dispatcher\1.3.0.840\Data\urlstatic.mx (Adware.DoubleD) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> No action taken.
c:\programdata\microsoft\Windows\start menu\Programs\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> No action taken.

Damned · Příspěvekod **Damned** » 25 bře 2011 20:26

Jejdáá

Spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec
*************************************************************************************************************************************************************************
Potom:
Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs) nebo ComboFix (subs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Hellfik · Příspěvekod **Hellfik** » 26 bře 2011 08:17

Takže část 1:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6170

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8080.16413

26.3.2011 8:16
mbam-log-2011-03-26 (08-16-12).txt

Typ kontroly: Úplný test (C:\|)
Testované objekty: 350486
Uplynulý čas: 2 hodin, 16 minut, 12 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 12
Infikované hodnoty v registru: 6
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6160F76A-1992-4B17-A32D-0C706D159105} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer.1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ExplorerBar.FunExplorer (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDBFB47B-58A8-4111-BF95-06178DCE326D} (Adware.DoubleD) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Value: {5617ECA9-488D-4BA2-8562-9710B9AB78D2} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Value: {5617ECA9-488D-4BA2-8562-9710B9AB78D2} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224E955-00E9-4613-A844-CE69FCCAAE91} (Adware.DoubleD) -> Value: {2224E955-00E9-4613-A844-CE69FCCAAE91} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224E955-00E9-4613-A844-CE69FCCAAE91} (Adware.DoubleD) -> Value: {2224E955-00E9-4613-A844-CE69FCCAAE91} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} (Adware.DoubleD) -> Value: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} (Adware.DoubleD) -> Value: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC} -> Quarantined and deleted successfully.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Hellfik · Příspěvekod **Hellfik** » 26 bře 2011 08:47

Hotovo :)

ComboFix 11-03-25.01 - Admin 26.03.2011 8:26.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2046.1080 [GMT 1:00]
Spuštěný z: c:\users\Admin\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
C:\Install.exe
c:\program files\DoubleD
c:\program files\FLV Direct Player
c:\program files\FLV Direct Player\downloading.swf
c:\program files\FLV Direct Player\FLVPlayer.exe
c:\program files\FLV Direct Player\preload.swf
c:\program files\FLV Direct Player\Skin\DirectFLV\Button.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\Logo.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\skin.xml
c:\program files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp
c:\program files\FLV Direct Player\Skin\DirectFLV\Window.bmp
c:\program files\FLV Direct Player\uninstall.exe
c:\program files\Golden\Golden.exe
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
c:\program files\System Search Dispatcher
c:\program files\System Search Dispatcher\1.3.0.840\Data\eacore.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLDynamic.mx
c:\program files\System Search Dispatcher\1.3.0.840\Data\URLStatic.mx
c:\program files\System Search Dispatcher\1.3.0.840\unins000.dat
c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\FLV Direct Player
c:\programdata\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk
c:\users\Admin\AppData\Roaming\Admin3SQLite3.dll
c:\users\Admin\AppData\Roaming\Adminlog.dat
c:\users\Admin\AppData\Roaming\Autorun.vbs
c:\users\Admin\AppData\Roaming\inst.exe
c:\users\Admin\AppData\Roaming\logs.dat
c:\users\Admin\AppData\Roaming\sndvol32.exe
c:\users\Admin\AppData\Roaming\Sysutils_Update
c:\windows\system32\KBL.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-26 do 2011-03-26 )))))))))))))))))))))))))))))))
.
.
2011-03-26 07:41 . 2011-03-26 07:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-25 18:57 . 2011-03-25 18:57 -------- d-----w- c:\users\Admin\AppData\Roaming\Malwarebytes
2011-03-25 18:57 . 2011-03-25 18:57 -------- d-----w- c:\programdata\Malwarebytes
2011-03-25 18:57 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-03-25 18:57 . 2011-03-25 18:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-03-25 18:57 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-03-25 17:10 . 2011-02-23 14:56 301528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-03-25 17:10 . 2011-02-23 14:54 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-03-25 17:10 . 2011-02-23 14:56 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-03-25 17:10 . 2011-02-23 14:55 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-03-25 17:10 . 2011-02-23 14:55 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-03-25 17:10 . 2011-02-23 14:55 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-03-25 17:09 . 2011-02-23 15:04 40648 ----a-w- c:\windows\avastSS.scr
2011-03-25 17:09 . 2011-02-23 15:04 190016 ----a-w- c:\windows\system32\aswBoot.exe
2011-03-25 17:09 . 2011-03-25 17:09 -------- d-----w- c:\programdata\AVAST Software
2011-03-25 17:09 . 2011-03-25 17:09 -------- d-----w- c:\program files\AVAST Software
2011-03-25 17:01 . 2011-03-25 17:01 388096 ----a-r- c:\users\Admin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-03-25 17:01 . 2011-03-25 17:01 -------- d-----w- c:\program files\BoReC
2011-03-25 16:37 . 2011-03-25 16:37 -------- d-----w- c:\program files\TeamViewer
2011-03-25 14:24 . 2011-03-25 14:24 -------- d-----w- c:\users\Admin\AppData\Roaming\TrojanHunter
2011-03-25 14:15 . 2011-03-25 14:15 1587242 ----a-w- c:\windows\DarkSteam Uninstaller.exe
2011-03-25 12:45 . 2011-03-25 18:00 -------- d-----w- c:\program files\TrojanHunter 5.3
2011-03-25 12:36 . 2011-03-25 12:36 -------- d-----w- c:\users\Admin\AppData\Local\UCL
2011-03-25 05:53 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2011-03-25 05:53 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2011-03-25 05:53 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2011-03-25 05:53 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2011-03-25 05:53 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2011-03-24 16:36 . 2011-03-26 06:39 -------- d-----w- c:\program files\DarkSteam
2011-03-24 05:39 . 2011-03-24 05:39 -------- d-----w- c:\program files\Microsoft
2011-03-23 18:24 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 18:24 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 18:24 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 18:03 . 2011-03-23 18:14 -------- d-----w- c:\users\Admin\AppData\Roaming\winupdate-0016765
2011-03-23 17:29 . 2011-03-25 16:02 -------- d-----w- c:\program files\ESET
2011-03-21 06:24 . 2011-03-21 06:24 -------- d-----w- c:\users\Admin\AppData\Roaming\Auslogics
2011-03-20 22:47 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\system32\mstscax.dll
2011-03-20 22:47 . 2010-12-17 13:54 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-03-20 22:47 . 2010-12-29 18:28 322560 ----a-w- c:\windows\system32\sbe.dll
2011-03-20 22:47 . 2010-12-29 18:28 153088 ----a-w- c:\windows\system32\sbeio.dll
2011-03-20 22:47 . 2010-12-29 18:28 429056 ----a-w- c:\windows\system32\EncDec.dll
2011-03-20 22:47 . 2010-12-29 18:26 177664 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-20 11:30 . 2011-03-20 11:30 -------- d-----w- c:\program files\Auslogics
2011-03-18 19:21 . 2011-03-18 19:37 -------- d-----w- c:\program files\Counter-Strike Source
2011-03-15 16:58 . 2011-03-15 16:58 -------- d-----w- c:\program files\VTFEdit
2011-03-12 11:28 . 2011-03-12 11:28 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2011-03-10 18:57 . 2011-03-10 18:57 -------- d-----w- c:\users\Admin\AppData\Roaming\Cakewalk
2011-03-10 18:55 . 2006-02-24 08:00 487424 ----a-w- c:\windows\system32\msvcp70.dll
2011-03-10 18:55 . 2011-03-25 16:15 -------- d-----w- c:\programdata\Cakewalk
2011-03-10 18:55 . 2011-03-25 16:15 -------- d-----w- C:\Cakewalk Projects
2011-03-10 18:55 . 2011-03-10 18:55 -------- d-----w- c:\program files\Cakewalk
2011-03-10 18:41 . 2011-03-25 17:16 -------- d-----w- c:\users\Admin\AppData\Roaming\BSplayer
2011-03-10 18:41 . 2011-03-10 18:41 -------- d-----w- c:\users\Admin\AppData\Roaming\BSplayer Pro
2011-03-10 18:41 . 2011-03-10 18:41 -------- d-----w- c:\program files\Webteh
2011-03-04 15:18 . 2011-03-26 07:40 -------- d-----w- c:\program files\Golden
2011-02-28 15:21 . 2011-02-28 15:23 -------- d-----w- c:\users\Admin\AppData\Roaming\Notepad++
2011-02-28 15:21 . 2011-02-28 15:21 -------- d-----w- c:\program files\Notepad++
2011-02-27 19:43 . 2011-03-25 16:11 -------- d-----w- c:\program files\HTML editor Yugie-shareware
2011-02-27 19:38 . 2003-01-26 13:41 40960 ----a-w- c:\windows\system32\SSubTmr6.dll
2011-02-27 19:38 . 2011-02-27 19:38 -------- d-----w- c:\program files\Dynamic HTML Editor
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-14 20:13 . 2008-08-14 08:42 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-14 20:13 . 2008-08-14 08:42 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-14 04:51 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-13 17:45 . 2008-08-14 08:42 103736 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-03-13 16:56 . 2009-03-03 18:16 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-02-16 05:46 . 2011-02-16 05:46 161280 ----a-w- c:\windows\system32\msls31.dll
2011-02-16 05:46 . 2011-02-16 05:46 1125376 ----a-w- c:\windows\system32\wininet.dll
2011-02-16 05:46 . 2011-02-16 05:46 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-02-16 05:46 . 2011-02-16 05:46 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-02-16 05:46 . 2011-02-16 05:46 1426432 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-16 05:46 . 2011-02-16 05:46 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-02-16 05:46 . 2011-02-16 05:46 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-16 05:46 . 2011-02-16 05:46 152064 ----a-w- c:\windows\system32\wextract.exe
2011-02-16 05:46 . 2011-02-16 05:46 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-02-16 05:46 . 2011-02-16 05:46 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-02-16 05:46 . 2011-02-16 05:46 2382336 ----a-w- c:\windows\system32\mshtml.tlb
2011-02-16 05:46 . 2011-02-16 05:46 1791488 ----a-w- c:\windows\system32\jscript9.dll
2011-02-16 05:46 . 2011-02-16 05:46 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-02-16 05:46 . 2011-02-16 05:46 11776 ----a-w- c:\windows\system32\mshta.exe
2011-02-16 05:46 . 2011-02-16 05:46 101888 ----a-w- c:\windows\system32\admparse.dll
2011-02-16 05:46 . 2011-02-16 05:46 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-02-16 05:46 . 2011-02-16 05:46 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-02-16 05:46 . 2011-02-16 05:46 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-02-16 05:46 . 2011-02-16 05:46 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-02-16 05:46 . 2011-02-16 05:46 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-02-16 05:46 . 2011-02-16 05:46 367104 ----a-w- c:\windows\system32\html.iec
2011-02-02 20:40 . 2010-08-15 05:42 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-01-20 16:37 . 2011-02-09 05:41 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 05:41 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 05:41 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 05:41 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 05:41 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:08 . 2011-02-09 05:41 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:07 . 2011-02-09 05:41 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 05:41 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 05:41 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 05:41 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 05:41 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 05:41 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 05:41 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 05:41 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 05:41 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 05:41 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 05:41 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 05:41 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 05:41 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 05:41 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 05:41 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 05:41 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 05:41 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 05:41 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 05:41 683008 ----a-w- c:\windows\system32\d2d1.dll
2011-01-14 23:02 . 2011-01-14 23:02 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-01-10 14:51 . 2011-01-10 14:51 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-01-08 08:47 . 2011-02-09 05:39 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 06:28 . 2011-02-09 05:39 292352 ----a-w- c:\windows\system32\atmfd.dll
2011-01-01 19:32 . 2008-07-15 19:26 495616 ----a-w- c:\users\Admin\AppData\Roaming\pohoda.sys
2010-12-31 13:57 . 2011-02-09 05:40 2039808 ----a-w- c:\windows\system32\win32k.sys
2010-12-28 15:55 . 2011-01-12 06:14 413696 ----a-w- c:\windows\system32\odbc32.dll
2010-12-26 15:04 . 2008-08-14 08:41 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2004-05-15 06:08 . 2004-05-15 06:08 53248 ----a-w- c:\program files\voice_miles.dll
2004-05-15 06:08 . 2004-05-15 06:08 352256 ----a-w- c:\program files\vgui.dll
2004-05-15 06:08 . 2004-05-15 06:08 249921 ----a-w- c:\program files\vgui2.dll
2004-05-15 06:08 . 2004-05-15 06:08 1917469 ----a-w- c:\program files\sw.dll
2004-05-15 06:08 . 2004-05-15 06:08 139264 ----a-w- c:\program files\voice_speex.dll
2004-05-15 06:08 . 2004-05-15 06:08 351744 ----a-w- c:\program files\Mss32.dll
2004-05-15 06:08 . 2004-05-15 06:08 2032938 ----a-w- c:\program files\hw.dll
2004-05-15 06:08 . 2004-05-15 06:08 161792 ----a-w- c:\program files\Mssv29.asi
2004-05-15 06:08 . 2004-05-15 06:08 142848 ----a-w- c:\program files\Mssv12.asi
2004-05-15 06:08 . 2004-05-15 06:08 125952 ----a-w- c:\program files\Mp3dec.asi
2004-05-15 06:08 . 2004-05-15 06:08 90112 ----a-w- c:\program files\DemoPlayer.dll
2004-05-15 06:08 . 2004-05-15 06:08 81920 ----a-w- c:\program files\hl.exe
2004-05-15 06:08 . 2004-05-15 06:08 393216 ----a-w- c:\program files\hlds.exe
2004-05-15 06:08 . 2004-05-15 06:08 221184 ----a-w- c:\program files\hltv.exe
2004-05-15 06:08 . 2004-05-15 06:08 122974 ----a-w- c:\program files\FileSystem_Steam.dll
2004-05-15 06:08 . 2004-05-15 06:08 69632 ----a-w- c:\program files\dbg.dll
2004-05-15 06:08 . 2004-05-15 06:08 225280 ----a-w- c:\program files\Core.dll
2004-05-15 06:08 . 2004-05-15 06:08 211456 ----a-w- c:\program files\a3dapi.dll
2004-05-03 17:47 . 2004-05-03 17:47 3575808 ----a-w- c:\program files\Steam.dll
2004-04-16 03:15 . 2004-04-16 03:15 118872 ----a-w- c:\program files\FileSystem_Stdio.dll
1999-11-12 04:11 . 2008-11-16 17:02 989176 ----a-w- c:\program files\BDEADMIN.EXE
1999-11-12 04:11 . 2008-11-16 17:02 647168 ----a-w- c:\program files\IDDAO32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 601600 ----a-w- c:\program files\IDDA3532.DLL
1999-11-12 04:11 . 2008-11-16 17:02 589312 ----a-w- c:\program files\IDAPI32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 464896 ----a-w- c:\program files\IDSQL32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 45568 ----a-w- c:\program files\BLW32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 454144 ----a-w- c:\program files\IDDBAS32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 436224 ----a-w- c:\program files\IDODBC32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 422400 ----a-w- c:\program files\IDQBE32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 255488 ----a-w- c:\program files\IDPDX32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 167936 ----a-w- c:\program files\IDDR32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 139264 ----a-w- c:\program files\IDBAT32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 116736 ----a-w- c:\program files\IDR20009.DLL
1999-11-12 04:11 . 2008-11-16 17:02 116224 ----a-w- c:\program files\IDASCI32.DLL
1999-11-12 04:11 . 2008-11-16 17:02 101376 ----a-w- c:\program files\bantam.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-05-05 1466368]
"RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"WireLessMouse"="c:\program files\Multimedia Combo Set Driver\StartAutorun.exe" [2005-11-30 94208]
"WireLessKeyboard"="c:\program files\Multimedia Combo Set Driver\StartAutorun.exe" [2005-11-30 94208]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Registrace Need for Speedt Undercover.lnk - c:\program files\EA Games\Need for Speed Undercover\Support\EAregister.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-9-5 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2458478064-1835581987-2625973861-1000]
"EnableNotificationsRef"=dword:00000002
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-10 135664]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2006-02-17 58288]
R3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2006-02-17 8336]
R3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2006-02-17 94064]
R3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2006-02-17 85408]
R3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2006-02-17 83344]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-10-16 721904]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 GS In-Game Service;GS In-Game Service;c:\program files\GameTracker\GSInGameService.exe [2010-11-09 1677096]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2007-01-17 5120]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-10 18:21]
.
2011-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-10 18:21]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
HKLM-Run-QlbCtrl - %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSConfigStartUp-LogMeIn Hamachi Ui - c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Games Bind Generator - c:\program files\Games Bind Generator\odinstalovat.exe
AddRemove-IL Download Manager - c:\program files\Image-Line\Downloader\uninstall.exe
AddRemove-Native Instruments Service Center - c:\progra~1\NATIVE~1\SERVIC~1\UNWISE.EXE
AddRemove-r-NiUci0AVm6 - c:\windows\system32\r-NiUci0AVm6.exe
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - c:\program files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe
AddRemove-{C5096216-7703-409E-B85A-8A6EE7395128}}_is1 - c:\program files\System Search Dispatcher\1.3.0.840\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-26 08:42
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2458478064-1835581987-2625973861-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:19,c7,d3,da,bd,f1,b4,04,0f,73,13,38,90,50,be,58,56,d9,95,b2,fa,b7,ac,
0f,6f,fd,96,7d,9f,af,9c,ab,42,8c,af,2c,11,32,1b,1a,88,cd,c8,b6,eb,18,13,a6,\
"??"=hex:9a,6e,eb,33,0f,93,2c,a4,65,d4,e3,56,0b,f1,9d,35
.
[HKEY_USERS\S-1-5-21-2458478064-1835581987-2625973861-1000\Software\SecuROM\License information*]
"datasecu"=hex:de,50,41,2f,41,5e,22,f8,4e,e6,cd,b7,64,1f,c0,41,b8,eb,94,68,aa,
c9,57,24,5e,d2,4b,c6,ba,6c,43,ba,cb,db,e4,d3,91,98,a4,c5,c7,02,f5,fd,ff,a7,\
"rkeysecu"=hex:09,13,a3,9e,9c,02,1d,93,d1,67,22,2e,45,7c,cd,aa
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-03-26 08:45:50
ComboFix-quarantined-files.txt 2011-03-26 07:45
.
Před spuštěním: Volných bajtů: 111 318 421 504
Po spuštění: Volných bajtů: 119 390 134 272
.
- - End Of File - - AA21C92758F9FD4E2251766715E0A30C

Damned · Příspěvekod **Damned** » 26 bře 2011 11:41

Vidím tam složku po Esetu. Antivir máš avast? Pokud ano, přeinstaluj ho.

Damned · Příspěvekod **Damned** » 26 bře 2011 12:09

Pokud si přeinstaloval tak:

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

Folder::
c:\program files\ESET
c:\users\Admin\AppData\Roaming\TrojanHunter
c:\program files\TrojanHunter 5.3

DirLook::
c:\users\Admin\AppData\Roaming\winupdate-0016765

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DivXUpdate"=-

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

Hellfik · Příspěvekod **Hellfik** » 28 bře 2011 06:46

Ahoj,musel jsem reinstall windows protože se mi nenahodil ani PC

Prosím o kontrolu Logu Vyřešeno

Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu

Re: Prosím o kontrolu Logu Vyřešeno

Kdo je online