Avatar uživatele
mikecka

seká se mi pc včechny hry i iínternet pc zčerná a zamrzne a při restartu znova cca po 12 min a nevím co stím

ahojte nevím jestli to tu patří ale mám problem a nevím co stím v ponděli sem si stáhl patch do hry ale když sem ho nainstaloval tak se brutalně začal sekat pc sčerna obrazvka a kdomu takovy zvuk a když sem ho restartoval a samzal raději hru s patchem ale neustaloto a ted cca 12min jedu hru asekne se a třeba 30 min internet a seknese cely ( i v pípadě včech her ) a neustaloto ani dnes nevíte někdo pls co stím je ? nbo radu dík. e

Uzamčená otázka

ohodnoťte nejlepší odpověď symbolem palce

Zajímavá 0 před 4343 dny Sledovat Nahlásit



Nejlepší odpověď
Avatar uživatele
badisko

pache do her jsou viry nabouravaj se do systemu …skontrolovat antivirem …pak necim podobnym jako spybot …a nestahovat kraviny …!! take je moznost to znova prekontrolovat timto http://www.eset­.cz/cz/domacnos­ti/produkty/on­line-scanner/ a pockat na uzivatele bedy …co dal…
Doplňuji:
no nerikal jsem to ?…je tady a problem je skoro vyresen …:-))…

Upravil/a: badisko

0 Nominace Nahlásit

Další odpovědi
Avatar uživatele
Bedy

Doporučuju projet počítač online kontrolorem ESEt Online Scanner – http://www.eset­.cz/cz/domacnos­ti/produkty/on­line-scanner/
Zaškrtněte i sken na potenciálně nebezpečné i nechtěné apliakce. Pro jistotu.

Po dokončení kontroly Vás porposím o vložení výpisu z programů Hijackthis a Security Check.
Hijackthis stáhnete zde: http://source­forge.net/pro­jects/hjt/files/la­test/download
Program uložte, spusťte, klikněte na Do a system scan and save logfile. Po kontrole se objeví okno s výpisem – ten zkopírujte a vložte sem.

Security Check stáhnete zde: http://screen317­.spywareinfofo­rum.org/Securi­tyCheck.exe
Po spuštění stiskněte Enter, chvilinku počkejte (kontrola by neměla trvat déle, jak minutu) a poté se objeví okno s výpisem – ten zkopírujte a vložte sem.

Z toho budeme vycházet, to bude důležité. Nedoporučuji kdejaké čarování s kdejakými zázračnými čističi typu Advanced Systemcare, apod. Podle výpisů z Hijackthisu a Security Checku stanovím přímo co a jak, ne žádné čarování.
Doplňuji:
No ještě že jste mi sem ten výpis z logu dal – máte tam pěkný brodel. Tak to půjdeme uklidit. Spusťte si Hijackthis, klikněte na Do a system scan only a zaškrtejte tam následující položky:
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main,De­fault_Page_URL = http://search­.qip.ru
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main, Default_Search_URL = http://search­.certified-toolba r.com…
R0 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main,Start Page = http://safese­archr.lavasof­t.co m…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Se­arch Bar = http://search­.certified-toolba r.com…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Se­arch Page = http://search­.certified-toolba r.com…
R0 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Start Page = http://search­.chatzum.com/
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Search, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Search, SearchAssistant = http://search­.qip.ru
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Search, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Sear­chURL,(Default) = Root: HKCU; Subkey: Software\Micro­soft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueif­doesntexist noerror; Tasks: AddSearchQip
R3 – URLSearchHook: ICQToolBar – {855F3B16– 6D32– 4fe6– 8A56– BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar. dll
R3 – URLSearchHook: (no name) – {A55F9C95– 2BB1– 4EA2– BC77– DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e- 4397– 4ba8– bb50– e19fb66890f4} – C:\Program Files\MyAsham­poo\prxtbMyA1­.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876– df18– 411f- 9d34– a9dd7a197bc5} – C:\Program Files\Brother­Soft_Extreme3\prx tbBrot. dll
R3 – URLSearchHook: SweetIM ToolbarURLSear­chHook Class – {EEE6C35D- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgHel­per.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O2 – BHO: uTorrentControl2 – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
O2 – BHO: Google Toolbar Helper – {AA58ED58– 01DD- 4d91– 8333– CF10577473F7} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43– 7D58– 4638– B6FA- CE66B5AD205D} – C:\Program Files\Google\Go­ogleToolbarNo­ti fier\5. 7. 7529. 1424\swg. dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB- 68DD- 40F0– B4AC- B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgTo­olbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F- 081B- 4404– 994D- C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16– 6D32– 4FE6– 8A56– BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar. dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgTo­olbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1– 4965– 11d4– 9B18– 009027A5CD4F} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLin­k\PowerDVD\PDVDS erv. exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gamefor­ge4D\4Story_CZ\Pr ePatch. exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask. com\Updater\Up­dater. exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\sys­tem32.bat – nahrajte tento soubor na www.virustotal.com. Pokud to ohlásí, že bylk soubor již analyzován, klikněte na reanalyse. Pokud tam najdou antiviry vir, tak tu položky taky zaškrtněte a soubor smažte.
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Mes­senger\SweetI M. exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Com­municator\Swe etPacksUpdate­Manager. exe
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\ada­warebp.exe“ – to je úplně k ničmeu, to zrovna odinstalujte pak přes Start-ovládací panely-přidta nebo odebrat programy
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run­.bat – podezřelé zaškrtnout a nahrát na virustotal.com – pokud tam antiviry najdou vir, tak smazat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdA­wareLauncher“ –windows-run – mizerný antivir, nainstalujte si radši něco jiného
O9 – Extra button: (no name) – {BFC32E1D- EE75– 4A48– BC60– 104E11EE2431} – (no file)
O16 – DPF: {D0C0F75C- 683A- 4390– A791– 1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com
O18 – Protocol: base64 – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: chrome – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: prox – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O20 – AppInit_DLLs: c: \progra~1\win­dow~4\datamngr\da tamngr. dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolba r\apnmcp. exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\To­olbars\Skype C2C Service\c2c_ser­vice.exe

Pak klikněte na Fix checked. Nezapomeňte předtím zavřít všechny spuštěné programy.

Poté si stáhněte a spusťte program AdwCleaner. V okně klikněte na tlačítko Search a po dokončení skenu rovnou na tlačítko Delete. Ten Adwcleaner odstraní ty toolbary a ostaní bordel. Po smazání toho brodelu se restartuje počítač (kdyžtak ho restartujte ručně). Ke stažení: http://general-changelog-team.fr/fr/dow­nloads/finish/20-outils-de-xplode/2-adwcleaner
Výpis z Adwcleaneru mi sem pak hoďte pro kontrolu.
Doporučím odinstalovat to Ad-Aware, to je opravdu na nic, zbytečně brzdí počítač. zrovna odinstalujte i toho Nortona – pěkně se to tam tluče mezi sebou.
Místo toho si nainstalujte třeba Aviru Free, která je zdarma a kvalitní. Výhodou je i to, že je úsporná na výkon počítače. Nevýhodou je to, že je v angličtině. Pokud by to byl velký problém, tak doporučím Microsoft Security Essentials nebo AVG Free (při instalaci odmítněte Security toolbar). Ale určitě tam mějte jen jeden jediný antivir.

Dále pomocí CCleaneru vyčistěte disk a registr CCleanerem.

Pak si prosím pro jistotu stáhněte a nainstalujte program Malware Byte's Anti-Malware. Po dokončení instalace proveďte aktualizaci (stačí mít zaškrtnuté na konci instalace Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware). Postačí udělat rychlou kontrolu. Po dokončení této kontroly se objeví výpis. ten mi sem hoďte, pokud to najde nějakou potvoru.

No a to bude prozatím všechno, ještě nezapomeňte na aktualizaci Javy – máte ji prošlou – novou stáhnete zde: http://www.sta­huj.centrum.cz/u­tility_a_ostat­ni/ostatni/ja­va-2-runtime-environment/

Určitě si zaktualizujte i Adobe reader, stačí ho spustit, kliknout na Nápověda-Zkontrolovat aktualizace.

Doporučím i defragmentovat disk, a to buď pomocí programu Defragmentace disku, který najdete v Start-Programy-Příslušenství-systémové nástroje nebo pomocí programu Defraggler – ke stažení: http://www.slu­necnice.cz/sw/de­fraggler (při instalaci odmítněte instalaci Google Chrome/toolbaru).
Mimochodem – víte, že Google sleduje aktivitu svých uživatelů skrz své produkty (zejména přes Google Updater, ale i samotný Google Chrome – například to co napíšete do adresního řádku se odešle na servery Google). Místo toho dopourčím používat jiný prohlížeč, napříkad Firefox, který tam máte a nebo když chcete Googel Chrome, tka zkuste fork Iron, který tyhle pšehovací funkce neobsahuje. Ke stažení: http://www.sta­huj.centrum.cz/in­ternet_a_site/proh­lizece_a_rozsi­reni/on-line/srware-iron/

Upravil/a: Bedy

0 Nominace Nahlásit


Avatar uživatele
kurec

je to vir mozna takovy problemy sem mel taky tam sem si od avastu nechal skontrolovat pc a naslo to vir!!

0 Nominace Nahlásit


Diskuze k otázce
Avatar uživatele
mikecka

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:22, on 15.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\Sys­tem32\smss.exe
C:\WINDOWS\sys­tem32\winlogon­.exe
C:\WINDOWS\sys­tem32\services­.exe
C:\WINDOWS\sys­tem32\lsass.e­xe
C:\WINDOWS\sys­tem32\svchost­.exe
C:\WINDOWS\Sys­tem32\svchost­.exe
C:\WINDOWS\sys­tem32\spoolsv­.exe
C:\Program Files\AskPartner­Network\Toolbar\ap­nmcp.exe
C:\Program Files\Java\jre6\bin\­jqs.exe
C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
C:\WINDOWS\sys­tem32\svchost­.exe
C:\WINDOWS\sys­tem32\wbem\wmi­apsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
C:\WINDOWS\Ex­plorer.EXE
C:\WINDOWS\RTHDCPL­.EXE
C:\Program Files\Priviti­zeVPN\Priviti­zeVPN.exe
C:\WINDOWS\sys­tem32\ctfmon.e­xe
C:\WINDOWS\OET­RN.EXE
C:\Program Files\Ubisoft\u­Torrent\uTorren­t.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Dokumenty\Dow­nloads\HijackThis­.exe

O2 – BHO: Norton Vulnerability Protection – {6D53EC84–6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\IP­S\IPSBHO.DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB-D6F0–462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\­ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869–2E5C-4ED4–8F7B-F1F7851A4497} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044-A445–435b-BC74–9C25C1C588A9} – C:\Program Files\Java\jre6\bin\­jp2ssv.dll
O2 – BHO: JQSIEStartDetec­torImpl – {E7E6F031–17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\­deploy\jqs\ie\jqs_plu­gin.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\AR­M\1.0\AdobeAR­M.exe“
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\Priviti­zeVPN\Priviti­zeVPN.exe /autorun
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\ctfmon.e­xe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OET­RN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\u­Torrent\uTorren­t.exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživa­tel\Local Settings\Data aplikací\Face­book\Update\Fa­cebookUpdate.e­xe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_chec­ker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S-1–5–21–583907252–436374069–682003330–1006\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\­..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res://C:\PROG­RA~1\MICROS~2\OF­FICE11\EXCEL.E­XE/3000
O9 – Extra button: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25–18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MIC­ROS~2\OFFICE11\RE­FIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8–444553540000} (Shockwave Flash Object) – http://fpdownlo­ad2.macromedi­a.com/pub/shoc­kwave/cabs/flash/swfl­ash.cab
O18 – Protocol: skype4com – {FFC8B962–9B40–4DFF-9458–1830C7DD7F5D} – C:\PROGRA~1\COM­MON~1\Skype\SKY­PE4~1.DLL
O22 – SharedTaskSche­duler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\sys­tem32\browseu­i.dll
O22 – SharedTaskSche­duler: Proces mezipaměti kategorií součástí – {8C7461EF-2B13–11d2-BE35–3078302C2030} – C:\WINDOWS\sys­tem32\browseu­i.dll
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPla­yerUpdateSvc) – Adobe Systems Incorporated – C:\WINDOWS\sys­tem32\Macromed\Flash\Fl­ashPlayerUpda­teService.exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolbar\ap­nmcp.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­date.exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­date.exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Com­mon\Google Updater\Google­UpdaterService­.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShi­eld\Driver\11\In­tel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStar­terService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\­jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMainte­nance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\mainte­nanceservice.e­xe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\sys­tem32\nvsvc32­.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C:\WINDOWS\sys­tem32\sfrem01­.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Up­dater\Updater­.exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtr­l.exe

--
End of file – 6554 bytes
tady

před 4342 dny Odpovědět Nahlásit
Avatar uživatele
Bedy

Ještě spusťte Hijackthis a klikněte na Do a system scan only a fixněte tam
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolba r\apnmcp. exe – to tam ještě zůstalo po ASKu
a jsou tam O23 po Googlu – pokud žádný program od Googlu tam nemáte, tak to fixněte taky.

Jinak nevím, kde se stala chyba – ale nevidím v logu položky Rx. Zkuste vložit log znovu, možná to bylo kopírované, že se to nechtěně nevybralo(nez­modralo).
A pro jistotu skočte do Start-Ovládací panely-přidat nebo odebrat programy a zkontrolujte tam, jestli tam nejsou nainstalované nějaké toolbary. A taky zrovna můžete odinstalovta ty programy, které nepoužíváte 🙂

před 4342 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:12, on 15.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\Sys­tem32\smss.exe
C:\WINDOWS\sys­tem32\winlogon­.exe
C:\WINDOWS\sys­tem32\services­.exe
C:\WINDOWS\sys­tem32\lsass.e­xe
C:\WINDOWS\sys­tem32\svchost­.exe
C:\WINDOWS\Sys­tem32\svchost­.exe
C:\WINDOWS\sys­tem32\spoolsv­.exe
C:\Program Files\AskPartner­Network\Toolbar\ap­nmcp.exe
C:\Program Files\Java\jre6\bin\­jqs.exe
C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
C:\WINDOWS\sys­tem32\svchost­.exe
C:\WINDOWS\sys­tem32\wbem\wmi­apsrv.exe
C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
C:\WINDOWS\Ex­plorer.EXE
C:\WINDOWS\RTHDCPL­.EXE
C:\Program Files\Priviti­zeVPN\Priviti­zeVPN.exe
C:\WINDOWS\sys­tem32\ctfmon.e­xe
C:\WINDOWS\OET­RN.EXE
C:\Program Files\Ubisoft\u­Torrent\uTorren­t.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Skype\Pho­ne\Skype.exe
D:\Dokumenty\Dow­nloads\HijackThis­.exe

O2 – BHO: Norton Vulnerability Protection – {6D53EC84–6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\IP­S\IPSBHO.DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB-D6F0–462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\­ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869–2E5C-4ED4–8F7B-F1F7851A4497} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044-A445–435b-BC74–9C25C1C588A9} – C:\Program Files\Java\jre6\bin\­jp2ssv.dll
O2 – BHO: JQSIEStartDetec­torImpl – {E7E6F031–17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\­deploy\jqs\ie\jqs_plu­gin.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\AR­M\1.0\AdobeAR­M.exe“
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\Priviti­zeVPN\Priviti­zeVPN.exe /autorun
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\ctfmon.e­xe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OET­RN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\u­Torrent\uTorren­t.exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživa­tel\Local Settings\Data aplikací\Face­book\Update\Fa­cebookUpdate.e­xe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_chec­ker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S-1–5–21–583907252–436374069–682003330–1006\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\­..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res://C:\PROG­RA~1\MICROS~2\OF­FICE11\EXCEL.E­XE/3000
O9 – Extra button: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25–18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MIC­ROS~2\OFFICE11\RE­FIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8–444553540000} (Shockwave Flash Object) – http://fpdownlo­ad2.macromedi­a.com/pub/shoc­kwave/cabs/flash/swfl­ash.cab
O18 – Protocol: skype4com – {FFC8B962–9B40–4DFF-9458–1830C7DD7F5D} – C:\PROGRA~1\COM­MON~1\Skype\SKY­PE4~1.DLL
O22 – SharedTaskSche­duler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\sys­tem32\browseu­i.dll
O22 – SharedTaskSche­duler: Proces mezipaměti kategorií součástí – {8C7461EF-2B13–11d2-BE35–3078302C2030} – C:\WINDOWS\sys­tem32\browseu­i.dll
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPla­yerUpdateSvc) – Adobe Systems Incorporated – C:\WINDOWS\sys­tem32\Macromed\Flash\Fl­ashPlayerUpda­teService.exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolbar\ap­nmcp.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­date.exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­date.exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Com­mon\Google Updater\Google­UpdaterService­.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShi­eld\Driver\11\In­tel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStar­terService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\­jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMainte­nance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\mainte­nanceservice.e­xe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\sys­tem32\nvsvc32­.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C:\WINDOWS\sys­tem32\sfrem01­.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Up­dater\Updater­.exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtr­l.exe

--
End of file – 6524 bytes

před 4342 dny Odpovědět Nahlásit
Avatar uživatele
Bedy

Ty jo ještě tam furt straší ten ASK. Mrkněte se do Start-Ovládací panely-Přidat nebo odebrat programy, zda-li tam je. Pokud ano, odinstalovat. Pokud ne, zkuste znovu použít AdwCleaner.

Jinak si ještě prosím zaktualizujte tu Javu – starou odinstalujte přes to Přidat nebo odebrat programy a nainstalujte si novou odsud: http://www.sta­huj.centrum.cz/u­tility_a_ostat­ni/ostatni/ja­va-2-runtime-environment/

před 4342 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

Malwarebytes Anti-Malware 1.65.1.1000
www.malwareby­tes.org

Verze databáze: v2012.12.14.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
uživatel :: U-6874365FD5234 [administrátor]

14.12.2012 21:27:03
mbam-log-2012–12–14 (21–33–13).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 241440
Uplynulý čas: 4 minut, 56 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\Op­timizerPro1 (Trojan.Dropper) → Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Documents and Settings\All Users\Nabídka Start\Programy\Pro­tected Search (PUP.Protected­Search) → Žádná instrukce nebyla provedena.

Nalezené soubory: 5
C:\Documents and Settings\All Users\Data aplikací\Opti­mizerPro\ix_up­dater.exe (Trojan.Dropper.H) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Data aplikací\Opti­mizerPro1\Opti­mizerPro1.exe (Trojan.Dropper) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\uživa­tel\Local Settings\Temp\jin­qgpcv.exe.part (PUP.Adware.Me­diaGet) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Plocha\MP3 Downloader.lnk (Rogue.Link) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Pro­tected Search\Protected Search Settings.lnk (PUP.Protected­Search) → Žádná instrukce nebyla provedena.

(konec)

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
Bedy

Dobře, tak to co našel ten MBAM, smažte ať je to z počítače pryč.
Co se týká AdwCleaneru, vypadá to dobře.
Jinak tu defragmentaci nezapomeňte udělat.
Na závěr bych poprosil ještě jeden výpis z Hijackthisu – pro kontrolu, zda-li je vše ok.

Kdyby byl nějaký problém, napište.

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

# AdwCleaner v2.100 – Logfile created 12/14/2012 at 20:33:18
# Updated 09/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uživatel – U-6874365FD5234
# Boot Mode : Normal
# Running from : D:\Dokumenty\Dow­nloads\adwcle­aner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : ICQ Service

***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\U­IVATE~1\LOCAL­S~1\Temp\Unin­stall.exe
File Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\Micro­soft\Internet Explorer\qipse­archbar.dll
File Deleted : C:\Program Files\Mozilla FireFox\Compo­nents\AskHPRFF­.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplu­gins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplu­gins\babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplu­gins\Searchqu­WebSearch.xml
File Deleted : C:\user.js
File Deleted : C:\WINDOWS\sys­tem32\conduitEn­gine.tmp
File Deleted : C:\WINDOWS\Tas­ks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\DOCUME~1\U­IVATE~1\LOCAL­S~1\Temp\APN
Folder Deleted : C:\DOCUME~1\U­IVATE~1\LOCAL­S~1\Temp\Baby­lonToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\APN
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\IC­QToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Insta­llMate
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Premium
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\search protection
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\Patrik\Da­ta aplikací\Dealio
Folder Deleted : C:\Documents and Settings\Patrik\Da­ta aplikací\Search Settings
Folder Deleted : C:\Documents and Settings\Patrik\Da­ta aplikací\Toolbar4
Folder Deleted : C:\Documents and Settings\uživa­tel\AppData\Lo­calLow\bbrs002­.tb
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\Baby­lonToolbar
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\Brow­serCompanion
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\DownTan­goLauncherTool­bar
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\Search Settings
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\Toolbar4
Folder Deleted : C:\Documents and Settings\uživa­tel\Data aplikací\yourfi­ledownloader
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Bandoo
Folder Deleted : C:\Program Files\Brother­Soft_Extreme3
Folder Deleted : C:\Program Files\Browser­Companion
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DownTan­goLauncherTool­bar
Folder Deleted : C:\Program Files\FilesFrog Update Checker
Folder Deleted : C:\Program Files\ChatZum Toolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\MyAshampoo
Folder Deleted : C:\Program Files\Search Settings
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\uTorren­tControl2
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\yourfile­downloader
Folder Deleted : C:\WINDOWS\In­staller\{86D4B8­2A-ABED-442A-BE86–96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\{AD­FA33FD-16F5–4355–8504-DF4D664CFE83}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Ap­pDataLow\Softwa­re\Conduit
Key Deleted : HKCU\Software\Ap­pDataLow\Softwa­re\SmartBar
Key Deleted : HKCU\Software\As­k.com
Key Deleted : HKCU\Software\As­kToolbar
Key Deleted : HKCU\Software\Ba­bylonToolbar
Key Deleted : HKCU\Software\Brot­herSoft_Extre­me3
Key Deleted : HKCU\Software\Con­duit
Key Deleted : HKCU\Software\Con­duitSearchSco­pes
Key Deleted : HKCU\Software\Cros­srider
Key Deleted : HKCU\Software\Chat­Zum Toolbar
Key Deleted : HKCU\Software\I­GearSettings
Key Deleted : HKCU\Software\i­livid
Key Deleted : HKCU\Software\in­credibar.com
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{A5A­A24EA-11B8–4113–95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{0EC­DF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{3BD44F0E-0596–4008-AEE0–45D47E3A8F0E}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{6552C7DD-90A4–4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{8A96AF9E-4074–43B7-BEA3–87217BDA74C8}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{95B7759C-8C7F-4BF1-B163–73684A933233}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{EEE6C360–6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\{79A765E1-C399–405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\PreAppro­ved\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{00CBB66B-1D3B-46D3–9577–323A336ACB50}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{01398B87–61AF-4FFB-9AB5–1A1C5FB39A9C}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{1BB22D38-A411–4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{2EECD738–5844–4A99-B4B6–146BF802613B}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{338B4DFE-2E2C-4338–9E41-E176D497299E}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{62D40876-DF18–411F-9D34-A9DD7A197BC5}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{687578B9–7132–4A7A-80E4–30EE31099E03}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{98889811–442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{B52D0735-EC19–448A-ABDE-E01B5BD275D2}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{E312764E-7706–43F1–8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{EEE6C35B-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{EEE6C35C-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{FCBCCB87–9224–4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Settin­gs\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{00000000–6E41–4FD3–8538–502F5495E5FC}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{00CBB66B-1D3B-46D3–9577–323A336ACB50}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{01398B87–61AF-4FFB-9AB5–1A1C5FB39A9C}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{1BB22D38-A411–4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{2E­ECD738–5844–4A99-B4B6–146BF802613B}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{338B4DFE-2E2C-4338–9E41-E176D497299E}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{62D40876-DF18–411F-9D34-A9DD7A197BC5}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{687578B9–7132–4A7A-80E4–30EE31099E03}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{7FF99715–3016–4381–84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{98889811–442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{B52D0735-EC19–448A-ABDE-E01B5BD275D2}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{D4A­AF2A6-F6D1–49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{DF7770F7–832F-4BDF-B144–100EDDD0C3AE}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{E312764E-7706–43F1–8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{E­EE6C35B-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{E­EE6C35C-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{E­EE6C35D-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{FCBCCB87–9224–4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\{79A765E1-C399–405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\My­Ashampoo
Key Deleted : HKCU\Software\Pri­ceGong
Key Deleted : HKCU\Software\Se­arch Settings
Key Deleted : HKCU\Software\Smar­tBar
Key Deleted : HKCU\Software\Sof­tonic
Key Deleted : HKCU\Software\So­moto
Key Deleted : HKCU\Software\So­moto Toolbar
Key Deleted : HKCU\Software\Star­tSearch
Key Deleted : HKCU\Software\Swe­etIM
Key Deleted : HKCU\Software\TBSB00001
Key Deleted : HKCU\Software\u­TorrentControl2
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Ap­plication Updater
Key Deleted : HKLM\Software\As­kToolbar
Key Deleted : HKLM\Software\Ba­bylon
Key Deleted : HKLM\Software\Ba­bylonToolbar
Key Deleted : HKLM\Software\Ban­doo
Key Deleted : HKLM\Software\Brot­herSoft_Extre­me3
Key Deleted : HKLM\Software\Brow­serCompanion
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{09C554C3–109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{1301A8A5–3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{35C1605E-438B-4D64-AAB1–8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{4CE516A7-F7AC-4628-B411–8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{4E1E9D45–8BF9–4139–915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{5B1881D1-D9C7–46DF-B041–1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{5D723752–5899–47E8–99B4–62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{628F3201–34D0–49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{BDB69379–802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{CFDA­FE39–20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{D7E­E8177-D51E-4F89–92B6–83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{EA28B360–05E0–4F93–8150–02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\{ED6535E7-F778–48A5-A060–549D30024511}
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\Ban­dooCore.EXE
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\escor­t.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\escor­tApp.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\escor­tEng.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\escor­Tlbr.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\esrv­.EXE
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\TbCom­monUtils.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\TbHel­per.EXE
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\tda­taprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\AppID\Yon­tooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Clas­ses\b
Key Deleted : HKLM\SOFTWARE\Clas­ses\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Clas­ses\Babylon.dskBnd­.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.BandooCore
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.ResourcesMngr­.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.SettingsMngr­.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Clas­ses\BandooCore­.StatisticMngr­.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\bbylnApp.ap­pCore
Key Deleted : HKLM\SOFTWARE\Clas­ses\bbylnApp.ap­pCore.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{1BB22D38-A411–4B13-A746-C2A4F4EC7344}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{1C950DE5-D31E-42FB-AFB9–91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{291BCCC1–6890–484A-89D3–318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{2BCCDF1E-F77E-42A8–8219-AD1552A3820F}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{2E­ECD738–5844–4A99-B4B6–146BF802613B}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{3C471948-F874–49F5-B338–4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{5A­CE96C0-C70A-4A4D-AF14–2E7B869345E1}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{62D40876-DF18–411F-9D34-A9DD7A197BC5}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{6DB604FB-131C-4B50–95E8–95CD1C0C08E7}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{7E84186E-B5DE-4226–8A66–6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{80922E­E0–8A76–46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{82AC53B4–164C-4B07-A016–437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{98889811–442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{99066096–8989–4612–841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{A4A0CB15–8465–4F58-A7E5–73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{A9A56B8E-2DEB-4ED3-BC92–1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{B8276A94–891D-453C-9FF3–715C042A2575}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{CC5AD34C-6F10–4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{D433A9D0–8267–40CB-8AD5–24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{D4A­AF2A6-F6D1–49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{D89031C2–10DA-4C90–9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{E46C8196-B634–44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{E7DF6BFF-55A5–4EB7-A673–4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{EE­E6C35B-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{EE­E6C35D-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{FE9271F2–6EFD-44B0-A826–84C829536E93}
Key Deleted : HKLM\SOFTWARE\Clas­ses\CLSID\{FFB9AD­CB-8C79–4C29–81D3–74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Conduit.En­gine
Key Deleted : HKLM\SOFTWARE\Clas­ses\escort.es­cortIEPane
Key Deleted : HKLM\SOFTWARE\Clas­ses\escort.es­cortIEPane.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\escort.es­crtBtn.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\esrv.Baby­lonESrvc
Key Deleted : HKLM\SOFTWARE\Clas­ses\esrv.Baby­lonESrvc.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\ICQToolBar­.IEHook
Key Deleted : HKLM\SOFTWARE\Clas­ses\ICQToolBar­.IEHook.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\Installer\Fe­atures\A28B4D68­DEBAA244EB686953­B7074FEF
Key Deleted : HKLM\SOFTWARE\Clas­ses\Installer\Pro­ducts\A28B4D68D­EBAA244EB686953­B7074FEF
Key Deleted : HKLM\SOFTWARE\Clas­ses\Installer\Up­gradeCodes\F928123A­039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{03E2A1F3–4402–4121–8B35–733216D61217}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{06DE5702–44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{10DE7085–6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{1AD27395–1659–4DFF-A319–2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{44C3C1DB-2127–433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{452A­E416–9A97–44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{45CDA4F7–594C-49A0-AAD1–8224517FE979}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{477F210A-2A86–4666–9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{6E4C89CF-3061–4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{706D4A4B-184A-4434-B331–296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{81E852CC-1FD5–4004–8761–79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{8BE10F21–185F-4CA0-B789–9921674C3993}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{94C0B25D-3359–4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{9E3B11F6–4179–4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{A439801C-961D-452C-AB42–7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{B0B75FBA-7288–4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{B173667F-8395–4317–8DD6–45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{B2CA345D-ADB8–4F5D-AC64–4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{B32672B3-F656–46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{B9F43021–60D4–42A6-A065–9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{BF921DD3–732A-4A11–933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{BFE569F7–646C-4512–969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{C2434722–5C85–4CA0-BA69–1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{C2996524–2187–441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{D83B296A-2FA6–425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{E047E227–5342–4D94–80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{E3F79BE9–24D4–4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{E77E­EF95–3E83–4BB8–9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{E­EE6C358–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{E­EE6C359–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{E­EE6C35A-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{F4EB­B1E2–21F3–4786–8CF4–16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Clas­ses\Interface\{FF871E51–2655–4D06-AED5–745962A96B32}
Key Deleted : HKLM\SOFTWARE\Clas­ses\MediaPlay­er.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Clas­ses\MediaPlay­er.GraphicsUtil­s.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\MgMediaPla­yer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Clas­ses\MgMediaPla­yer.GifAnimator­.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\Prod.cap
Key Deleted : HKLM\SOFTWARE\Clas­ses\sim-packages
Key Deleted : HKLM\SOFTWARE\Clas­ses\SWEETIE.I­EToolbar
Key Deleted : HKLM\SOFTWARE\Clas­ses\SWEETIE.I­EToolbar.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\sweetim_ur­lsearchhook.to­olbarurlsearchho­ok
Key Deleted : HKLM\SOFTWARE\Clas­ses\sweetim_ur­lsearchhook.to­olbarurlsearchho­ok.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbCommonU­tils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbCommonU­tils.CommonUtil­s.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbDow­nloadManager
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbDow­nloadManager.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbPro­pertyManager
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbPro­pertyManager.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbRe­quest
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbRe­quest.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.TbTas­k.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.To­olbarHelper
Key Deleted : HKLM\SOFTWARE\Clas­ses\TbHelper.To­olbarHelper.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TBSB00001­.IEToolbar
Key Deleted : HKLM\SOFTWARE\Clas­ses\TBSB00001­.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TBSB00001­.TBSB00001
Key Deleted : HKLM\SOFTWARE\Clas­ses\TBSB00001­.TBSB00001.3
Key Deleted : HKLM\SOFTWARE\Clas­ses\tdataproto­col.CTData
Key Deleted : HKLM\SOFTWARE\Clas­ses\tdataproto­col.CTData.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar.CT3205709
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar3.Se­archProviderMa­nager
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar3.Se­archProviderMa­nager.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar3.swe­etie
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar3.swe­etie.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar3.XBTBPos00
Key Deleted : HKLM\SOFTWARE\Clas­ses\Toolbar3.XBTBPos00­.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{35C1605E-438B-4D64-AAB1–8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{4D3B167E-5FD8–4276–8FD7–9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{4E1E9D45–8BF9–4139–915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{6E8BF012–2C85–4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{830B56CB-FD22–44AA-9887–7898F4F4158D}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{9C049BA6-EA47–4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{B87F8B63–7274–43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{C4BA­E205–5E02–4E32–876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{D372567D-67C1–4B29-B3F0–159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{D7E­E8177-D51E-4F89–92B6–83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{E­EE6C35E-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\TypeLib\{E­EE6C35F-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Clas­ses\YontooIECli­ent.Api
Key Deleted : HKLM\SOFTWARE\Clas­ses\YontooIECli­ent.Api.1
Key Deleted : HKLM\SOFTWARE\Clas­ses\YontooIECli­ent.Layers
Key Deleted : HKLM\SOFTWARE\Clas­ses\YontooIECli­ent.Layers.1
Key Deleted : HKLM\Software\Con­duit
Key Deleted : HKLM\Software\Da­taMngr
Key Deleted : HKLM\SOFTWARE\Go­ogle\Chrome\Ex­tensions\jcdgjdi­ieiljkfkdcloeh­kohchhpekkn
Key Deleted : HKLM\SOFTWARE\Go­ogle\Chrome\Ex­tensions\niap­dbllcanepiiim­jjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Go­ogle\Chrome\Ex­tensions\ogccgbma­baphcakpiclgcnmcnim­hokcj
Key Deleted : HKLM\Software\Chat­Zum Toolbar
Key Deleted : HKLM\Software\i­livid
Key Deleted : HKLM\Software\I­minent
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Explorer Bars\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{1982A6F8-CEB1–4C95-AF5B-119EAA189B03}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{35529173-BDB0–42FB-BE28–0FA8D5637B5F}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{424624F4-C5DD-4E1D-BDD0–1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{628F3201–34D0–49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{74558A­E6–4711–4CF6-A61D-4F708E6D4B29}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{78591361-BAF4–4070-B5E2-F4D402C58695}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{8375D9C8–634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{9C8A3CA5–889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{A5A­A24EA-11B8–4113–95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{A5F8D363-D9CA-4778–9774–2FBDA8F9CC8B}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{D4400FC1–1E69–490A-8C6C-1CD8010DFEEA}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{EEE6C367–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Low Rights\Elevati­onPolicy\{F9189560–573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{8A96AF9E-4074–43B7-BEA3–87217BDA74C8}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Sear­chScopes\{EEE6C360–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\{5F05C28D-DEA9–4AD6-A73A-064175988EAB}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\{86D4B82A-ABED-442A-BE86–96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\{889DF117–14D1–44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\{FB697452–8CA4–46B4–98B1–165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\Babylon­Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\Brother­Soft_Extreme3 Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\Browser­Companion
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\condui­tEngine
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\ChatZum Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\ICQTool­bar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\ilivid
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\MyAsham­poo Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Management\AR­PCache\uTorren­tControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Ext\PreAppro­ved\{2BCCDF1E-F77E-42A8–8219-AD1552A3820F}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Ext\PreAppro­ved\{6DB604FB-131C-4B50–95E8–95CD1C0C08E7}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Ext\PreAppro­ved\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Ext\PreAppro­ved\{D4AAF2A6-F6D1–49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Ext\PreAppro­ved\{DF7770F7–832F-4BDF-B144–100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\0E12F7366­82067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\1A24B5BB8­521B03E0C8D908F5AB­C0AE6
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\261F213D1­F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\2B0D56C4F­4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\49D4375FE­41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\6A­A0923513360135B272E8289C­5F13FA
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\6F7467AF8­F29C134CBBAB394EC­CFDE96
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\741B4AD­F27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\7DE196B10­195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\922525DCC­5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\9D4F58493­67142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\A5875B043­72C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\A876D9E80­B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\B66FFAB72­5B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\BCDA179D6­19B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\D677B1A96­71D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\DD1402A9D­D4215A43ABDE169A41A­FA0E
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\E36E114A0­EAD2AD46B381D­23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Components\EF8E618DB­3AEDFBB384561B5C­548F65E
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Installer\U­serData\S-1–5–18\Products\A28B4D68D­EBAA244EB686953­B7074FEF
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\{5F05C28D-DEA9–4AD6-A73A-064175988EAB}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\{86D4B82A-ABED-442A-BE86–96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\{889DF117–14D1–44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\Ba­bylonToolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\Brot­herSoft_Extre­me3 Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\Brow­serCompanion
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\Fi­lesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\Chat­Zum Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\IC­QToolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\in­credibar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\My­Ashampoo Toolbar
Key Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\Uninstall\u­TorrentControl2 Toolbar
Key Deleted : HKLM\Software\My­Ashampoo
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Se­arch Settings
Key Deleted : HKLM\Software\Swe­etIM
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\u­TorrentControl2
Key Deleted : HKU\.DEFAULT\Sof­tware\Microsof­t\Internet Explorer\Sear­chScopes\{3BD44F0E-0596–4008-AEE0–45D47E3A8F0E}
Value Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar\WebBrowser [{1BB22D38-A411–4B13-A746-C2A4F4EC7344}]
Value Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar\WebBrowser [{62D40876-DF18–411F-9D34-A9DD7A197BC5}]
Value Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar\WebBrowser [{687578B9–7132–4A7A-80E4–30EE31099E03}]
Value Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar\WebBrowser [{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar\WebBrowser [{EEE6C35B-6118–11DC-9C72–001320C79847}]
Value Deleted : HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\URLSe­archHooks [{855F3B16–6D32–4FE6–8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\SharedDLLs [C:\Program Files\SweetIM\To­olbars\Internet Explorer\mgHel­perApp.exe]
Value Deleted : HKLM\SOFTWARE\Mi­crosoft\Window­s\CurrentVersi­on\SharedDLLs [C:\Program Files\SweetIM\To­olbars\Internet Explorer\mgTo­olbarProxy.dll]

***** [Internet Browsers] *****

  • \\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Mi­crosoft\Inter­net Explorer\Main – ICQ Search] = hxxp://search­.icq.com/sear­ch/results.php?q={se­archTerms}&ch_id=osd → hxxp://www.go­ogle.com
Replaced : [HKCU\Software\Mi­crosoft\Inter­net Explorer\Main – Start Default_Page_URL] = hxxp://search­.certified-toolbar.com?si=4146­0&home=true&tid=592 → hxxp://www.go­ogle.com
Replaced : [HKCU\Software\Mi­crosoft\Inter­net Explorer\Search – Start Page] = hxxp://search­.certified-toolbar.com?si=4146­0&home=true&tid=592 → hxxp://www.go­ogle.com
Replaced : [HKCU\Software\Mi­crosoft\Inter­net Explorer\Search – Start Default_Page_URL] = hxxp://search­.certified-toolbar.com?si=4146­0&home=true&tid=592 → hxxp://www.go­ogle.com
Replaced : [HKCU\Software\Mi­crosoft\Inter­net Explorer\Search – Search Bar] = hxxp://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q= → hxxp://www.go­ogle.com
Replaced : [HKCU\Software\Mi­crosoft\Inter­net Explorer\Search – Search Page] = hxxp://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q= → hxxp://www.go­ogle.com
Replaced : [HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Search – Start Page] = hxxp://search­.certified-toolbar.com?si=4146­0&home=true&tid=592 → hxxp://www.go­ogle.com
Replaced : [HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Search – Start Default_Page_URL] = hxxp://search­.certified-toolbar.com?si=4146­0&home=true&tid=592 → hxxp://www.go­ogle.com
Replaced : [HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Search – Search Bar] = hxxp://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q= → hxxp://www.go­ogle.com
Replaced : [HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Search – Search Page] = hxxp://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q= → hxxp://www.go­ogle.com
Replaced : [HKLM\SOFTWARE\Mi­crosoft\Inter­net Explorer\Main – Start Default_Page_URL] = hxxp://search­.certified-toolbar.com?si=4146­0&home=true&tid=592 → hxxp://www.go­ogle.com


AdwCleaner[R1].txt – [37023 octets] – [14/12/2012 20:33:06]
AdwCleaner[S1].txt – [36303 octets] – [14/12/2012 20:33:18]

EOF – C:\AdwCleaner[S1]­.txt – [36364 octets]

Vepište odpověď…

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

C:\WINDOWS\Sys­tem32\smss.exe
C:\WINDOWS\sys­tem32\winlogon­.exe
C:\WINDOWS\sys­tem32\services­.exe
C:\WINDOWS\sys­tem32\lsass.e­xe
C:\WINDOWS\sys­tem32\svchost­.exe
C:\WINDOWS\Sys­tem32\svchost­.exe
C:\WINDOWS\sys­tem32\spoolsv­.exe
C:\Program Files\Ad-Aware Antivirus\AdA­wareService.e­xe
C:\Program Files\AskPartner­Network\Toolbar\ap­nmcp.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\ICQ6Tool­bar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\­jqs.exe
C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
C:\Program Files\Ad-Aware Antivirus\SBAM­Svc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\To­olbars\Skype C2C Service\c2c_ser­vice.exe
C:\WINDOWS\sys­tem32\svchost­.exe
C:\WINDOWS\sys­tem32\wbem\wmi­apsrv.exe
C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
C:\WINDOWS\Ex­plorer.EXE
C:\WINDOWS\RTHDCPL­.EXE
C:\WINDOWS\SO­UNDMAN.EXE
C:\Program Files\CyberLin­k\PowerDVD\PDVDSer­v.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Ask.com\Up­dater\Updater­.exe
C:\Program Files\SweetIM\Mes­senger\SweetIM­.exe
C:\Program Files\SweetIM\Com­municator\Swe­etPacksUpdate­Manager.exe
C:\Program Files\Priviti­zeVPN\Priviti­zeVPN.exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\ada­warebp.exe
C:\WINDOWS\sys­tem32\ctfmon.e­xe
C:\WINDOWS\OET­RN.EXE
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Ubisoft\u­Torrent\uTorren­t.exe
C:\Program Files\FilesFrog Update Checker\update_chec­ker.exe
C:\WINDOWS\sys­tem32\wbem\un­secapp.exe
C:\WINDOWS\sys­tem32\wuauclt­.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Dokumenty\Dow­nloads\HijackThis­.exe

R1 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Main,De­fault_Page_URL = http://search­.qip.ru
R1 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Main,De­fault_Search_URL = http://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q=
R0 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Main,Start Page = http://safese­archr.lavasof­t.com/?source=3336ca5f­&tbp=homepage&to­olbarid=adawa­retb&v=2_2&u=3D­7064103A5D1E7F934E­A950CB4D862C
R1 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Main,De­fault_Page_URL = http://go.micro­soft.com/fwlin­k/?LinkId=69157
R1 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Main,De­fault_Search_URL = http://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q=
R1 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Main,Se­arch Bar = http://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q=
R1 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Main,Se­arch Page = http://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q=
R0 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Main,Start Page = http://search­.chatzum.com/
R1 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­ch,Default_Se­arch_URL = http://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q=
R1 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­ch,SearchAssis­tant = http://search­.qip.ru/ie
R1 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Sear­ch,Default_Se­arch_URL = http://search­.certified-toolbar.com?si=4146­0&tid=592&bs=tru­e&q=
R0 – HKLM\Software\Mi­crosoft\Inter­net Explorer\Sear­ch,SearchAssis­tant =
R1 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Sear­chURL,(Default) = Root: HKCU; Subkey: Software\Micro­soft\Internet Explorer\SearchUrl; ValueType: string; ValueName: ‚; ValueData: '; Flags: createvalueif­doesntexist noerror; Tasks: AddSearchQip
R0 – HKCU\Software\Mi­crosoft\Inter­net Explorer\Tool­bar,LinksFolder­Name = Odkazy
R3 – URLSearchHook: ICQToolBar – {855F3B16–6D32–4fe6–8A56-BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar­.dll
R3 – URLSearchHook: (no name) – {A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e-4397–4ba8-bb50-e19fb66890f4} – C:\Program Files\MyAsham­poo\prxtbMyA1­.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9–7132–4a7a-80e4–30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbu­Tor.dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876-df18–411f-9d34-a9dd7a197bc5} – C:\Program Files\Brother­Soft_Extreme3\prxtbBro­t.dll
R3 – URLSearchHook: SweetIM ToolbarURLSear­chHook Class – {EEE6C35D-6118–11DC-9C72–001320C79847} – C:\Program Files\SweetIM\To­olbars\Internet Explorer\mgHel­per.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e-4524–4019–86af-2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
F2 – REG:system.ini: UserInit=C:\WIN­DOWS\system32\u­serinit.exe
O2 – BHO: uTorrentControl2 – {687578b9–7132–4a7a-80e4–30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbu­Tor.dll
O2 – BHO: Ad-Aware Security Add-on – {6c97a91e-4524–4019–86af-2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O2 – BHO: Norton Vulnerability Protection – {6D53EC84–6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\IP­S\IPSBHO.DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB-D6F0–462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\­ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD-4d91–8333-CF10577473F7} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869–2E5C-4ED4–8F7B-F1F7851A4497} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43–7D58–4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\Go­ogleToolbarNo­tifier\5.7.7529­.1424\swg.dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044-A445–435b-BC74–9C25C1C588A9} – C:\Program Files\Java\jre6\bin\­jp2ssv.dll
O2 – BHO: JQSIEStartDetec­torImpl – {E7E6F031–17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\­deploy\jqs\ie\jqs_plu­gin.dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C-6118–11DC-9C72–001320C79847} – C:\Program Files\SweetIM\To­olbars\Internet Explorer\mgTo­olbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F-081B-4404–994D-C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16–6D32–4FE6–8A56-BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar­.dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9–7132–4a7a-80e4–30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbu­Tor.dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B-6118–11DC-9C72–001320C79847} – C:\Program Files\SweetIM\To­olbars\Internet Explorer\mgTo­olbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e-4524–4019–86af-2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLin­k\PowerDVD\PDVDSer­v.exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gamefor­ge4D\4Story_CZ\Pre­Patch.exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask.com\Up­dater\Updater­.exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\sys­tem32.bat
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\AR­M\1.0\AdobeAR­M.exe“
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Mes­senger\SweetIM­.exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Com­municator\Swe­etPacksUpdate­Manager.exe
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\Priviti­zeVPN\Priviti­zeVPN.exe /autorun
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\ada­warebp.exe“
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run.bat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdA­wareLauncher“ –windows-run
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\ctfmon.e­xe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OET­RN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\u­Torrent\uTorren­t.exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživa­tel\Local Settings\Data aplikací\Face­book\Update\Fa­cebookUpdate.e­xe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_chec­ker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User 'LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S-1–5–21–583907252–436374069–682003330–1006\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\­..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res://C:\PROG­RA~1\MICROS~2\OF­FICE11\EXCEL.E­XE/3000
O9 – Extra button: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25–18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MIC­ROS~2\OFFICE11\RE­FIEBAR.DLL
O9 – Extra button: (no name) – {BFC32E1D-EE75–4A48-BC60–104E11EE2431} – (no file)
O9 – Extra button: (no name) – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O16 – DPF: {D0C0F75C-683A-4390-A791–1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com/Gameshe­ll/GameHost/1­.0/OberonGame­Host.cab
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8–444553540000} (Shockwave Flash Object) – http://fpdownlo­ad2.macromedi­a.com/pub/shoc­kwave/cabs/flash/swfl­ash.cab
O18 – Protocol: base64 – {5ACE96C0-C70A-4A4D-AF14–2E7B869345E1} – C:\Program Files\Browser­Companion\tda­taprotocol.dll
O18 – Protocol: chrome – {5ACE96C0-C70A-4A4D-AF14–2E7B869345E1} – C:\Program Files\Browser­Companion\tda­taprotocol.dll
O18 – Protocol: prox – {5ACE96C0-C70A-4A4D-AF14–2E7B869345E1} – C:\Program Files\Browser­Companion\tda­taprotocol.dll
O18 – Protocol: skype-ie-addon-data – {91774881-D725–4E58-B298–07617B9B86A8} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O18 – Protocol: skype4com – {FFC8B962–9B40–4DFF-9458–1830C7DD7F5D} – C:\PROGRA~1\COM­MON~1\Skype\SKY­PE4~1.DLL
O20 – AppInit_DLLs: c:\progra~1\win­dow~4\datamngr\da­tamngr.dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O22 – SharedTaskSche­duler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\sys­tem32\browseu­i.dll
O22 – SharedTaskSche­duler: Proces mezipaměti kategorií součástí – {8C7461EF-2B13–11d2-BE35–3078302C2030} – C:\WINDOWS\sys­tem32\browseu­i.dll
O23 – Service: Ad-Aware Service – Lavasoft Limited – C:\Program Files\Ad-Aware Antivirus\AdA­wareService.e­xe
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPla­yerUpdateSvc) – Adobe Systems Incorporated – C:\WINDOWS\sys­tem32\Macromed\Flash\Fl­ashPlayerUpda­teService.exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolbar\ap­nmcp.exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­date.exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­date.exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Com­mon\Google Updater\Google­UpdaterService­.exe
O23 – Service: ICQ Service – Unknown owner – C:\Program Files\ICQ6Tool­bar\ICQ Service.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShi­eld\Driver\11\In­tel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStar­terService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\­jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMainte­nance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\mainte­nanceservice.e­xe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engi­ne\19.9.0.9\ccSvcHst­.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\sys­tem32\nvsvc32­.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: Ad-Aware (SBAMSvc) – GFI Software – C:\Program Files\Ad-Aware Antivirus\SBAM­Svc.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C:\WINDOWS\sys­tem32\sfrem01­.exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\To­olbars\Skype C2C Service\c2c_ser­vice.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Up­dater\Updater­.exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtr­l.exe

--
End of file – 14272 bytes
tu je ten Hijackthis

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
Bedy

No ještě že jste mi sem ten výpis z logu dal – máte tam pěkný brodel. Tak to půjdeme uklidit. Spusťte si Hijackthis, klikněte na Do a system scan only a zaškrtejte tam následující položky:
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main,De­fault_Page_URL = http://search­.qip.ru
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main, Default_Search_URL = http://search­.certified-toolba r.com…
R0 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main,Start Page = http://safese­archr.lavasof­t.co m…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Se­arch Bar = http://search­.certified-toolba r.com…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Se­arch Page = http://search­.certified-toolba r.com…
R0 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Start Page = http://search­.chatzum.com/
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Search, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Search, SearchAssistant = http://search­.qip.ru
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Search, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Sear­chURL,(Default) = Root: HKCU; Subkey: Software\Micro­soft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueif­doesntexist noerror; Tasks: AddSearchQip
R3 – URLSearchHook: ICQToolBar – {855F3B16– 6D32– 4fe6– 8A56– BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar. dll
R3 – URLSearchHook: (no name) – {A55F9C95– 2BB1– 4EA2– BC77– DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e- 4397– 4ba8– bb50– e19fb66890f4} – C:\Program Files\MyAsham­poo\prxtbMyA1­.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876– df18– 411f- 9d34– a9dd7a197bc5} – C:\Program Files\Brother­Soft_Extreme3\prx tbBrot. dll
R3 – URLSearchHook: SweetIM ToolbarURLSear­chHook Class – {EEE6C35D- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgHel­per.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O2 – BHO: uTorrentControl2 – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
O2 – BHO: Google Toolbar Helper – {AA58ED58– 01DD- 4d91– 8333– CF10577473F7} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43– 7D58– 4638– B6FA- CE66B5AD205D} – C:\Program Files\Google\Go­ogleToolbarNo­ti fier\5. 7. 7529. 1424\swg. dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB- 68DD- 40F0– B4AC- B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgTo­olbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F- 081B- 4404– 994D- C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16– 6D32– 4FE6– 8A56– BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar. dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgTo­olbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1– 4965– 11d4– 9B18– 009027A5CD4F} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLin­k\PowerDVD\PDVDS erv. exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gamefor­ge4D\4Story_CZ\Pr ePatch. exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask. com\Updater\Up­dater. exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\sys­tem32.bat – nahrajte tento soubor na www.virustotal.com. Pokud to ohlásí, že bylk soubor již analyzován, klikněte na reanalyse. Pokud tam najdou antiviry vir, tak tu položky taky zaškrtněte a soubor smažte.
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Mes­senger\SweetI M. exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Com­municator\Swe etPacksUpdate­Manager. exe
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\ada­warebp.exe“ – to je úplně k ničmeu, to zrovna odinstalujte pak přes Start-ovládací panely-přidta nebo odebrat programy
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run­.bat – podezřelé zaškrtnout a nahrát na virustotal.com – pokud tam antiviry najdou vir, tak smazat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdA­wareLauncher“ –windows-run – mizerný antivir, nainstalujte si radši něco jiného
O9 – Extra button: (no name) – {BFC32E1D- EE75– 4A48– BC60– 104E11EE2431} – (no file)
O16 – DPF: {D0C0F75C- 683A- 4390– A791– 1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com
O18 – Protocol: base64 – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: chrome – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: prox – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O20 – AppInit_DLLs: c: \progra~1\win­dow~4\datamngr\da tamngr. dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolba r\apnmcp. exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\To­olbars\Skype C2C Service\c2c_ser­vice.exe

Pak klikněte na Fix checked. Nezapomeňte předtím zavřít všechny spuštěné programy.

Poté si stáhněte a spusťte program AdwCleaner. V okně klikněte na tlačítko Search a po dokončení skenu rovnou na tlačítko Delete. Ten Adwcleaner odstraní ty toolbary a ostaní bordel. Po smazání toho brodelu se restartuje počítač (kdyžtak ho restartujte ručně). Ke stažení: http://general-changelog-team.fr/fr/dow­nloads/finish/20-outils-de-xplode/2-adwcleaner
Výpis z Adwcleaneru mi sem pak hoďte pro kontrolu.
Doporučím odinstalovat to Ad-Aware, to je opravdu na nic, zbytečně brzdí počítač. zrovna odinstalujte i toho Nortona – pěkně se to tam tluče mezi sebou.
Místo toho si nainstalujte třeba Aviru Free, která je zdarma a kvalitní. Výhodou je i to, že je úsporná na výkon počítače. Nevýhodou je to, že je v angličtině. Pokud by to byl velký problém, tak doporučím Microsoft Security Essentials nebo AVG Free (při instalaci odmítněte Security toolbar). Ale určitě tam mějte jen jeden jediný antivir.

Dále pomocí CCleaneru vyčistěte disk a registr CCleanerem.

Pak si prosím pro jistotu stáhněte a nainstalujte program Malware Byte's Anti-Malware. Po dokončení instalace proveďte aktualizaci (stačí mít zaškrtnuté na konci instalace Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware). Postačí udělat rychlou kontrolu. Po dokončení této kontroly se objeví výpis. ten mi sem hoďte, pokud to najde nějakou potvoru.

No a to bude prozatím všechno, ještě nezapomeňte na aktualizaci Javy – máte ji prošlou – novou stáhnete zde: http://www.sta­huj.centrum.cz/u­tility_a_ostat­ni/ostatni/ja­va-2-runtime-environment/

Určitě si zaktualizujte i Adobe reader, stačí ho spustit, kliknout na Nápověda-Zkontrolovat aktualizace.

Doporučím i defragmentovat disk, a to buď pomocí programu Defragmentace disku, který najdete v Start-Programy-Příslušenství-systémové nástroje nebo pomocí programu Defraggler – ke stažení: http://www.slu­necnice.cz/sw/de­fraggler (při instalaci odmítněte instalaci Google Chrome/toolbaru).
Mimochodem – víte, že Google sleduje aktivitu svých uživatelů skrz své produkty (zejména přes Google Updater, ale i samotný Google Chrome – například to co napíšete do adresního řádku se odešle na servery Google). Místo toho dopourčím používat jiný prohlížeč, napříkad Firefox, který tam máte a nebo když chcete Googel Chrome, tka zkuste fork Iron, který tyhle pšehovací funkce neobsahuje. Ke stažení: http://www.sta­huj.centrum.cz/in­ternet_a_site/proh­lizece_a_rozsi­reni/on-line/srware-iron/

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

Results of screen317's Se­curity Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]`````Antivirus/Firewall Check:`````[/b][/u]
Norton AntiVirus
Ad-Aware Antivirus
[b][u]```Anti-malware/Other Utilities Check:```[/b][/u]
Ad-Aware
MVPS Hosts File
CCleaner
Java™ 6 Update 35
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]```Process Check: objlist.exe by Laurent```[/b][/u]
Norton ccSvcHst.exe
[color=red][b]Ad-Aware AAWService.exe is disabled![/b][/c­olor]
[color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/c­olor]
Ad-Aware Antivirus AdAwareService.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst­.exe
Ad-Aware Antivirus SBAMSvc.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst­.exe
[b][u]``````System Health check``````[/b][/u]
Total Fragmentation on Drive C::
[b][u]```````End of Log```````[/b][/u]

tady je Security Check.

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

už sem to tu dal :)

před 4343 dny Odpovědět Nahlásit
Avatar uživatele
mikecka

C:\WINDOWS\Sys­tem32\smss.exe
C: \WINDOWS\system32\win­logon. exe
C: \WINDOWS\system32\ser­vices. exe
C:\WINDOWS\sys­tem32\lsass.e­xe
C: \WINDOWS\system32\svchos­t. exe
C: \WINDOWS\System32\svchos­t. exe
C: \WINDOWS\system32\spo­olsv. exe
C:\Program Files\Ad-Aware Antivirus\AdA­wareService.e­xe
C:\Program Files\AskPartner­Network\Toolba r\apnmcp. exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\ICQ6Tool­bar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\­jqs.exe
C:\Program Files\Norton AntiVirus\Engi­ne\19. 9. 0. 9\ccSvcHst. exe
C:\Program Files\Ad-Aware Antivirus\SBAM­Svc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\To­olbars\Skype C2C Service\c2c_ser­vice.exe
C: \WINDOWS\system32\svchos­t. exe
C: \WINDOWS\system32\wbem\w­miapsr v. exe
C:\Program Files\Norton AntiVirus\Engi­ne\19. 9. 0. 9\ccSvcHst. exe
C:\WINDOWS\Ex­plorer.EXE
C:\WINDOWS\RTHDCPL­.EXE
C:\WINDOWS\SO­UNDMAN.EXE
C:\Program Files\CyberLin­k\PowerDVD\PDVDS erv. exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Ask. com\Updater\Up­dater. exe
C:\Program Files\SweetIM\Mes­senger\SweetI M. exe
C:\Program Files\SweetIM\Com­municator\Swe etPacksUpdate­Manager. exe
C:\Program Files\Priviti­zeVPN\Priviti­zeVP N. exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\ada­warebp.exe
C:\WINDOWS\sys­tem32\ctfmon.e­xe
C:\WINDOWS\OET­RN.EXE
C: \PROGRA~1\AD- AWA~1\AdAware. exe
C:\Program Files\Ubisoft\u­Torrent\uTorren t. exe
C:\Program Files\FilesFrog Update Checker\update_chec­ker.exe
C: \WINDOWS\system32\wbem\un­secap p. exe
C: \WINDOWS\system32\wu­auclt. exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D: \Dokumenty\Dow­nloads\HijackThi s. exe

R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main,De­fault_Page_URL = http://search­.qip.ru
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main, Default_Search_URL = http://search­.certified-toolba r.com…
R0 – HKCU\Software\Mi­crosoft\Intern et Explorer\Main,Start Page = http://safese­archr.lavasof­t.co m…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,De­fault_Page_URL = http://go.micro­soft.com
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Se­arch Bar = http://search­.certified-toolba r.com…
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Se­arch Page = http://search­.certified-toolba r.com…
R0 – HKLM\Software\Mi­crosoft\Intern et Explorer\Main,Start Page = http://search­.chatzum.com/
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Search, Default_Search_URL = http://search­.certified-toolba r.com…
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Search, SearchAssistant = http://search­.qip.ru
R1 – HKLM\Software\Mi­crosoft\Intern et Explorer\Search, Default_Search_URL = http://search­.certified-toolba r.com…
R0 – HKLM\Software\Mi­crosoft\Intern et Explorer\Search, SearchAssistant =
R1 – HKCU\Software\Mi­crosoft\Intern et Explorer\Sear­chURL,(Default) = Root: HKCU; Subkey: Software\Micro­soft\Internet Explorer\SearchUrl; ValueType: string; ValueName: ‚; ValueData: '; Flags: createvalueif­doesntexist noerror; Tasks: AddSearchQip
R0 – HKCU\Software\Mi­crosoft\Intern et Explorer\Toolbar, LinksFolderName = Odkazy
R3 – URLSearchHook: ICQToolBar – {855F3B16– 6D32– 4fe6– 8A56– BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar. dll
R3 – URLSearchHook: (no name) – {A55F9C95– 2BB1– 4EA2– BC77– DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e- 4397– 4ba8– bb50– e19fb66890f4} – C:\Program Files\MyAsham­poo\prxtbMyA1­.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876– df18– 411f- 9d34– a9dd7a197bc5} – C:\Program Files\Brother­Soft_Extreme3\prx tbBrot. dll
R3 – URLSearchHook: SweetIM ToolbarURLSear­chHook Class – {EEE6C35D- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgHel­per.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
F2 – REG:system.ini: UserInit=C: \WINDOWS\system32\u­serinit. exe
O2 – BHO: uTorrentControl2 – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
O2 – BHO: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O2 – BHO: Norton Vulnerability Protection – {6D53EC84– 6AAE- 4787– AEEE- F4628F01010C} – C:\Program Files\Norton AntiVirus\Engi­ne\19. 9. 0. 9\IPS\IPSBHO. DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB- D6F0– 462C- B6EB- D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\­ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58– 01DD- 4d91– 8333– CF10577473F7} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869– 2E5C- 4ED4– 8F7B- F1F7851A4497} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43– 7D58– 4638– B6FA- CE66B5AD205D} – C:\Program Files\Google\Go­ogleToolbarNo­ti fier\5. 7. 7529. 1424\swg. dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044– A445– 435b- BC74– 9C25C1C588A9} – C:\Program Files\Java\jre6\bin\­jp2ssv.dll
O2 – BHO: JQSIEStartDetec­torImpl – {E7E6F031– 17CE- 4C07– BC86– EABFE594F69C} – C:\Program Files\Java\jre6\lib\­deploy\jqs \ie\jqs_plugin. dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB- 68DD- 40F0– B4AC- B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgTo­olbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F- 081B- 4404– 994D- C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16– 6D32– 4FE6– 8A56– BBB695989046} – C:\Program Files\ICQ6Tool­bar\ICQToolBar. dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorren­tControl2\prxtbuT or. dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\To­olbars\Interne t Explorer\mgTo­olbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1– 4965– 11d4– 9B18– 009027A5CD4F} – C:\Program Files\Google\Google Toolbar\Google­Toolbar32.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaret­b\adawareDx.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLin­k\PowerDVD\PDVDS erv. exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gamefor­ge4D\4Story_CZ\Pr ePatch. exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask. com\Updater\Up­dater. exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\sys­tem32.bat
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\ARM\1. 0\AdobeARM. exe“
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Mes­senger\SweetI M. exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Com­municator\Swe etPacksUpdate­Manager. exe
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\Priviti­zeVPN\Priviti­zeVP N. exe /autorun
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\ada­warebp.exe“
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run.bat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdA­wareLauncher“ –windows-run
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\ctfmon.e­xe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OET­RN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\u­Torrent\uTorren t. exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživa­tel\Local Settings\Data aplikací\Face­book\Update\Fa­ceb ookUpdate. exe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_chec­ker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User 'LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S- 1– 5– 21– 583907252– 436374069– 682003330– 1006\. . \Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\­..\Run: [CTFMON.EXE] C:\WINDOWS\sys­tem32\CTFMON.E­XE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res: //C: \PROGRA~1\MIC­ROS~2\OFFICE11\EX CEL. EXE/3000
O9 – Extra button: ICQ7.7 – {77F665FD- 3F60– 4B0A- AE14– EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD- 3F60– 4B0A- AE14– EC124B7A7FCE} – C:\Program Files\ICQ7.7\IC­Q.exe
O9 – Extra button: Skype Click to Call – {898EA8C8– E7FF- 479B- 8935– AEC46303B9E5} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25– 18CC- 41C8– B9BE- 3C9C571A8263} – C: \PROGRA~1\MIC­ROS~2\OFFICE11\RE FIEBAR. DLL
O9 – Extra button: (no name) – {BFC32E1D- EE75– 4A48– BC60– 104E11EE2431} – (no file)
O9 – Extra button: (no name) – {e2e2dd38– d088– 4134– 82b7– f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38– d088– 4134– 82b7– f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnet­diag.exe
O16 – DPF: {D0C0F75C- 683A- 4390– A791– 1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com
O16 – DPF: {D27CDB6E- AE6D- 11CF- 96B8– 444553540000} (Shockwave Flash Object) – http://fpdownlo­ad2.macromedia. com…
O18 – Protocol: base64 – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: chrome – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: prox – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\Browser­Companion\tda­tapr otocol. dll
O18 – Protocol: skype-ie-addon-data – {91774881– D725– 4E58– B298– 07617B9B86A8} – C:\Program Files\Skype\To­olbars\Internet Explorer\skype­ieplugin.dll
O18 – Protocol: skype4com – {FFC8B962– 9B40– 4DFF- 9458– 1830C7DD7F5D} – C: \PROGRA~1\COM­MON~1\Skype\SKY­PE 4~1. DLL
O20 – AppInit_DLLs: c: \progra~1\win­dow~4\datamngr\da tamngr. dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O22 – SharedTaskSche­duler: Browseui preloader – {438755C2– A8BA- 11D1– B96B- 00A0C90312E1} – C: \WINDOWS\system32\brow­seui. dll
O22 – SharedTaskSche­duler: Proces mezipaměti kategorií součástí – {8C7461EF- 2B13– 11d2– BE35– 3078302C2030} – C: \WINDOWS\system32\brow­seui. dll
O23 – Service: Ad-Aware Service – Lavasoft Limited – C:\Program Files\Ad-Aware Antivirus\AdA­wareService.e­xe
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPla­yerUpdateSvc) – Adobe Systems Incorporated – C: \WINDOWS\system32\Ma­cromed\Fla sh\FlashPlaye­rUpdateService. exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartner­Network\Toolba r\apnmcp. exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­da te. exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Up­date\GoogleUp­da te. exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Com­mon\Google Updater\Google­UpdaterService. exe
O23 – Service: ICQ Service – Unknown owner – C:\Program Files\ICQ6Tool­bar\ICQ Service.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShi­eld\Driver\11\ Intel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStar­terService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\­jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMainte­nance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\mainte­nanceservice.e­xe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engi­ne\19. 9. 0. 9\ccSvcHst. exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C: \WINDOWS\system32\nvsvc3­2. exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: Ad-Aware (SBAMSvc) – GFI Software – C:\Program Files\Ad-Aware Antivirus\SBAM­Svc.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C: \WINDOWS\system32\sfrem0­1. exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\To­olbars\Skype C2C Service\c2c_ser­vice.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Up­dater\Updater. exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtr­l.exe

--
End of file – 14272 bytes
tu je ten Hijackthis

Avatar uživatele
Registrovaný
mikecka

Results of screen317's Se­curity Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]`````Antivirus/ Firewall Check:`````[/b][/u]
Norton AntiVirus
Ad-Aware Antivirus
[b][u]```Anti- malware/Other Utilities Check:```[/b][/u]
Ad-Aware
MVPS Hosts File
CCleaner
Java™ 6 Update 35
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]```Process Check: objlist.exe by Laurent```[/b][/u]
Norton ccSvcHst.exe
[color=red][b]Ad-Aware AAWService.exe is disabled![/b][/c­olor]
[color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/c­olor]
Ad-Aware Antivirus AdAwareService.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst­.exe
Ad-Aware Antivirus SBAMSvc.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst­.exe
[b][u]``````System Health check``````[/b][/u]
Total Fragmentation on Drive C::
[b][u]```````End of Log```````[/b][ /u]

tady je Security Check.

Avatar uživatele
Registrovaný
mikecka

Results of screen317's Se­curity Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]`````Antivirus/ Firewall Check:`````[/b][/u]
Norton AntiVirus
Ad-Aware Antivirus
[b][u]```Anti- malware/Other Utilities Check:```[/b][/u]
Ad-Aware
MVPS Hosts File
CCleaner
Java™ 6 Update 35
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]```Process Check: objlist.exe by Laurent```[/b][/u]
Norton ccSvcHst.exe
[color=red][b]Ad-Aware AAWService.exe is disabled![/b][/c­olor]
[color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/c­olor]
Ad-Aware Antivirus AdAwareService.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst­.exe
Ad-Aware Antivirus SBAMSvc.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst­.exe
[b][u]``````System Health check``````[/b][/u]
Total Fragmentation on Drive C::
[b][u]```````End of Log```````[/b][ /u]

tady je Security Check.

před 4343 dny Odpovědět Nahlásit
Nový příspěvek