seká se mi pc včechny hry i iínternet pc zčerná a zamrzne a při restartu znova cca po 12 min a nevím co stím

ahojte nevím jestli to tu patří ale mám problem a nevím co stím v ponděli sem si stáhl patch do hry ale když sem ho nainstaloval tak se brutalně začal sekat pc sčerna obrazvka a kdomu takovy zvuk a když sem ho restartoval a samzal raději hru s patchem ale neustaloto a ted cca 12min jedu hru asekne se a třeba 30 min internet a seknese cely ( i v pípadě včech her ) a neustaloto ani dnes nevíte někdo pls co stím je ? nbo radu dík. e

Uzamčená otázka

ohodnoťte nejlepší odpověď symbolem palce

Odpovědět

Zajímavá 0 před 4360 dny

Sledovat Nahlásit

Diskuze: 12 příspěvků, nejnovější před 4359 dny

Nejlepší odpověď

badisko

pache do her jsou viry nabouravaj se do systemu …skontrolovat antivirem …pak necim podobnym jako spybot …a nestahovat kraviny …!! take je moznost to znova prekontrolovat timto http://www.eset.cz/cz/domacnosti/produkty/online-scanner/ a pockat na uzivatele bedy …co dal…
Doplňuji:
no nerikal jsem to ?…je tady a problem je skoro vyresen …:-))…

Upravil/a: badisko

4 před 4360 dny

0 Nominace Nahlásit

Další odpovědi

Bedy

Doporučuju projet počítač online kontrolorem ESEt Online Scanner – http://www.eset.cz/cz/domacnosti/produkty/online-scanner/
Zaškrtněte i sken na potenciálně nebezpečné i nechtěné apliakce. Pro jistotu.

Po dokončení kontroly Vás porposím o vložení výpisu z programů Hijackthis a Security Check.
Hijackthis stáhnete zde: http://sourceforge.net/projects/hjt/files/latest/download
Program uložte, spusťte, klikněte na Do a system scan and save logfile. Po kontrole se objeví okno s výpisem – ten zkopírujte a vložte sem.

Security Check stáhnete zde: http://screen317.spywareinfoforum.org/SecurityCheck.exe
Po spuštění stiskněte Enter, chvilinku počkejte (kontrola by neměla trvat déle, jak minutu) a poté se objeví okno s výpisem – ten zkopírujte a vložte sem.

Z toho budeme vycházet, to bude důležité. Nedoporučuji kdejaké čarování s kdejakými zázračnými čističi typu Advanced Systemcare, apod. Podle výpisů z Hijackthisu a Security Checku stanovím přímo co a jak, ne žádné čarování.
Doplňuji:
No ještě že jste mi sem ten výpis z logu dal – máte tam pěkný brodel. Tak to půjdeme uklidit. Spusťte si Hijackthis, klikněte na Do a system scan only a zaškrtejte tam následující položky:
R1 – HKCU\Software\Microsoft\Intern et Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 – HKCU\Software\Microsoft\Intern et Explorer\Main, Default_Search_URL = http://search.certified-toolba r.com…
R0 – HKCU\Software\Microsoft\Intern et Explorer\Main,Start Page = http://safesearchr.lavasoft.co m…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Search Bar = http://search.certified-toolba r.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Search Page = http://search.certified-toolba r.com…
R0 – HKLM\Software\Microsoft\Intern et Explorer\Main,Start Page = http://search.chatzum.com/
R1 – HKCU\Software\Microsoft\Intern et Explorer\Search, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKCU\Software\Microsoft\Intern et Explorer\Search, SearchAssistant = http://search.qip.ru…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Search, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKCU\Software\Microsoft\Intern et Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 – URLSearchHook: ICQToolBar – {855F3B16– 6D32– 4fe6– 8A56– BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar. dll
R3 – URLSearchHook: (no name) – {A55F9C95– 2BB1– 4EA2– BC77– DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e- 4397– 4ba8– bb50– e19fb66890f4} – C:\Program Files\MyAshampoo\prxtbMyA1.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876– df18– 411f- 9d34– a9dd7a197bc5} – C:\Program Files\BrotherSoft_Extreme3\prx tbBrot. dll
R3 – URLSearchHook: SweetIM ToolbarURLSearchHook Class – {EEE6C35D- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgHelper.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O2 – BHO: uTorrentControl2 – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
O2 – BHO: Google Toolbar Helper – {AA58ED58– 01DD- 4d91– 8333– CF10577473F7} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43– 7D58– 4638– B6FA- CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNoti fier\5. 7. 7529. 1424\swg. dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB- 68DD- 40F0– B4AC- B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgToolbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F- 081B- 4404– 994D- C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16– 6D32– 4FE6– 8A56– BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar. dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgToolbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1– 4965– 11d4– 9B18– 009027A5CD4F} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLink\PowerDVD\PDVDS erv. exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\Pr ePatch. exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask. com\Updater\Updater. exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\system₃₂.bat – nahrajte tento soubor na www.virustotal.com. Pokud to ohlásí, že bylk soubor již analyzován, klikněte na reanalyse. Pokud tam najdou antiviry vir, tak tu položky taky zaškrtněte a soubor smažte.
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetI M. exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\Swe etPacksUpdateManager. exe
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe“ – to je úplně k ničmeu, to zrovna odinstalujte pak přes Start-ovládací panely-přidta nebo odebrat programy
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run.bat – podezřelé zaškrtnout a nahrát na virustotal.com – pokud tam antiviry najdou vir, tak smazat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher“ –windows-run – mizerný antivir, nainstalujte si radši něco jiného
O9 – Extra button: (no name) – {BFC32E1D- EE75– 4A48– BC60– 104E11EE2431} – (no file)
O16 – DPF: {D0C0F75C- 683A- 4390– A791– 1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com…
O18 – Protocol: base64 – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: chrome – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: prox – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O20 – AppInit_DLLs: c: \progra~1\window~4\datamngr\da tamngr. dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartnerNetwork\Toolba r\apnmcp. exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe

Pak klikněte na Fix checked. Nezapomeňte předtím zavřít všechny spuštěné programy.

Poté si stáhněte a spusťte program AdwCleaner. V okně klikněte na tlačítko Search a po dokončení skenu rovnou na tlačítko Delete. Ten Adwcleaner odstraní ty toolbary a ostaní bordel. Po smazání toho brodelu se restartuje počítač (kdyžtak ho restartujte ručně). Ke stažení: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Výpis z Adwcleaneru mi sem pak hoďte pro kontrolu.
Doporučím odinstalovat to Ad-Aware, to je opravdu na nic, zbytečně brzdí počítač. zrovna odinstalujte i toho Nortona – pěkně se to tam tluče mezi sebou.
Místo toho si nainstalujte třeba Aviru Free, která je zdarma a kvalitní. Výhodou je i to, že je úsporná na výkon počítače. Nevýhodou je to, že je v angličtině. Pokud by to byl velký problém, tak doporučím Microsoft Security Essentials nebo AVG Free (při instalaci odmítněte Security toolbar). Ale určitě tam mějte jen jeden jediný antivir.

Dále pomocí CCleaneru vyčistěte disk a registr CCleanerem.

Pak si prosím pro jistotu stáhněte a nainstalujte program Malware Byte's Anti-Malware. Po dokončení instalace proveďte aktualizaci (stačí mít zaškrtnuté na konci instalace Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware). Postačí udělat rychlou kontrolu. Po dokončení této kontroly se objeví výpis. ten mi sem hoďte, pokud to najde nějakou potvoru.

No a to bude prozatím všechno, ještě nezapomeňte na aktualizaci Javy – máte ji prošlou – novou stáhnete zde: http://www.stahuj.centrum.cz/utility_a_ostatni/ostatni/java-2-runtime-environment/

Určitě si zaktualizujte i Adobe reader, stačí ho spustit, kliknout na Nápověda-Zkontrolovat aktualizace.

Doporučím i defragmentovat disk, a to buď pomocí programu Defragmentace disku, který najdete v Start-Programy-Příslušenství-systémové nástroje nebo pomocí programu Defraggler – ke stažení: http://www.slunecnice.cz/sw/defraggler (při instalaci odmítněte instalaci Google Chrome/toolbaru).
Mimochodem – víte, že Google sleduje aktivitu svých uživatelů skrz své produkty (zejména přes Google Updater, ale i samotný Google Chrome – například to co napíšete do adresního řádku se odešle na servery Google). Místo toho dopourčím používat jiný prohlížeč, napříkad Firefox, který tam máte a nebo když chcete Googel Chrome, tka zkuste fork Iron, který tyhle pšehovací funkce neobsahuje. Ke stažení: http://www.stahuj.centrum.cz/internet_a_site/prohlizece_a_rozsireni/on-line/srware-iron/

Upravil/a: Bedy

4 před 4360 dny

0 Nominace Nahlásit

kurec

je to vir mozna takovy problemy sem mel taky tam sem si od avastu nechal skontrolovat pc a naslo to vir!!

0 před 4360 dny

0 Nominace Nahlásit

Diskuze k otázce

mikecka

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:22, on 15.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\Ubisoft\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Dokumenty\Downloads\HijackThis.exe

O2 – BHO: Norton Vulnerability Protection – {6D53EC84–6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\IPS\IPSBHO.DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB-D6F0–462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869–2E5C-4ED4–8F7B-F1F7851A4497} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044-A445–435b-BC74–9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031–17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe“
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe /autorun
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\uTorrent\uTorrent.exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S-1–5–21–583907252–436374069–682003330–1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\ICQ.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\ICQ.exe
O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25–18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8–444553540000} (Shockwave Flash Object) – http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 – Protocol: skype4com – {FFC8B962–9B40–4DFF-9458–1830C7DD7F5D} – C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Proces mezipaměti kategorií součástí – {8C7461EF-2B13–11d2-BE35–3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) – Adobe Systems Incorporated – C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Update\GoogleUpdate.exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Update\GoogleUpdate.exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMaintenance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C:\WINDOWS\system32\sfrem01.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Updater\Updater.exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file – 6554 bytes
tady

před 4360 dny Odpovědět Nahlásit

Bedy

Ještě spusťte Hijackthis a klikněte na Do a system scan only a fixněte tam
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartnerNetwork\Toolba r\apnmcp. exe – to tam ještě zůstalo po ASKu
a jsou tam O23 po Googlu – pokud žádný program od Googlu tam nemáte, tak to fixněte taky.

Jinak nevím, kde se stala chyba – ale nevidím v logu položky Rx. Zkuste vložit log znovu, možná to bylo kopírované, že se to nechtěně nevybralo(nezmodralo).
A pro jistotu skočte do Start-Ovládací panely-přidat nebo odebrat programy a zkontrolujte tam, jestli tam nejsou nainstalované nějaké toolbary. A taky zrovna můžete odinstalovta ty programy, které nepoužíváte 🙂

před 4360 dny Odpovědět Nahlásit

mikecka

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:56:12, on 15.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\Ubisoft\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Dokumenty\Downloads\HijackThis.exe

--
End of file – 6524 bytes

před 4360 dny Odpovědět Nahlásit

Bedy

Ty jo ještě tam furt straší ten ASK. Mrkněte se do Start-Ovládací panely-Přidat nebo odebrat programy, zda-li tam je. Pokud ano, odinstalovat. Pokud ne, zkuste znovu použít AdwCleaner.

Jinak si ještě prosím zaktualizujte tu Javu – starou odinstalujte přes to Přidat nebo odebrat programy a nainstalujte si novou odsud: http://www.stahuj.centrum.cz/utility_a_ostatni/ostatni/java-2-runtime-environment/

před 4359 dny Odpovědět Nahlásit

mikecka

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.12.14.10

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
uživatel :: U-6874365FD5234 [administrátor]

14.12.2012 21:27:03
mbam-log-2012–12–14 (21–33–13).txt

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro1 (Trojan.Dropper) → Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Documents and Settings\All Users\Nabídka Start\Programy\Protected Search (PUP.ProtectedSearch) → Žádná instrukce nebyla provedena.

Nalezené soubory: 5
C:\Documents and Settings\All Users\Data aplikací\OptimizerPro\ix_updater.exe (Trojan.Dropper.H) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Data aplikací\OptimizerPro1\OptimizerPro1.exe (Trojan.Dropper) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\uživatel\Local Settings\Temp\jinqgpcv.exe.part (PUP.Adware.MediaGet) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Plocha\MP3 Downloader.lnk (Rogue.Link) → Žádná instrukce nebyla provedena.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Protected Search\Protected Search Settings.lnk (PUP.ProtectedSearch) → Žádná instrukce nebyla provedena.

(konec)

před 4360 dny Odpovědět Nahlásit

Bedy

Dobře, tak to co našel ten MBAM, smažte ať je to z počítače pryč.
Co se týká AdwCleaneru, vypadá to dobře.
Jinak tu defragmentaci nezapomeňte udělat.
Na závěr bych poprosil ještě jeden výpis z Hijackthisu – pro kontrolu, zda-li je vše ok.

Kdyby byl nějaký problém, napište.

před 4360 dny Odpovědět Nahlásit

mikecka

# AdwCleaner v2.100 – Logfile created 12/14/2012 at 20:33:18
# Updated 09/12/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : uživatel – U-6874365FD5234
# Boot Mode : Normal
# Running from : D:\Dokumenty\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : ICQ Service

***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\uživatel\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
File Deleted : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
File Deleted : C:\user.js
File Deleted : C:\WINDOWS\system32\conduitEngine.tmp
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\APN
Folder Deleted : C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\BabylonToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\APN
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\blekko toolbars
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Premium
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\search protection
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\Patrik\Data aplikací\Dealio
Folder Deleted : C:\Documents and Settings\Patrik\Data aplikací\Search Settings
Folder Deleted : C:\Documents and Settings\Patrik\Data aplikací\Toolbar4
Folder Deleted : C:\Documents and Settings\uživatel\AppData\LocalLow\bbrs₀₀₂.tb
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\BabylonToolbar
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\BrowserCompanion
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\DownTangoLauncherToolbar
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\OpenCandy
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\PriceGong
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\Search Settings
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\Toolbar4
Folder Deleted : C:\Documents and Settings\uživatel\Data aplikací\yourfiledownloader
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Bandoo
Folder Deleted : C:\Program Files\BrotherSoft_Extreme3
Folder Deleted : C:\Program Files\BrowserCompanion
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DownTangoLauncherToolbar
Folder Deleted : C:\Program Files\FilesFrog Update Checker
Folder Deleted : C:\Program Files\ChatZum Toolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\MyAshampoo
Folder Deleted : C:\Program Files\Search Settings
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\uTorrentControl2
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\yourfiledownloader
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86–96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\{ADFA33FD-16F5–4355–8504-DF4D664CFE83}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BrotherSoft_Extreme3
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\ChatZum Toolbar
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\incredibar.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8–4113–95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596–4008-AEE0–45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4–4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074–43B7-BEA3–87217BDA74C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163–73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360–6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399–405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3–9577–323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87–61AF-4FFB-9AB5–1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411–4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738–5844–4A99-B4B6–146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338–9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62D40876-DF18–411F-9D34-A9DD7A197BC5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9–7132–4A7A-80E4–30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811–442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B52D0735-EC19–448A-ABDE-E01B5BD275D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706–43F1–8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87–9224–4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000–6E41–4FD3–8538–502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3–9577–323A336ACB50}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87–61AF-4FFB-9AB5–1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411–4B13-A746-C2A4F4EC7344}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738–5844–4A99-B4B6–146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338–9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62D40876-DF18–411F-9D34-A9DD7A197BC5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9–7132–4A7A-80E4–30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715–3016–4381–84CE-E4E4C9673020}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811–442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B52D0735-EC19–448A-ABDE-E01B5BD275D2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1–49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7–832F-4BDF-B144–100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706–43F1–8DAB-FCDD2B1E416D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118–11DC-9C72–001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87–9224–4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399–405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\MyAshampoo
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\Somoto Toolbar
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\TBSB00001
Key Deleted : HKCU\Software\uTorrentControl2
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\Software\BrotherSoft_Extreme3
Key Deleted : HKLM\Software\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3–109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5–3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1–8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411–8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45–8BF9–4139–915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7–46DF-B041–1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752–5899–47E8–99B4–62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201–34D0–49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379–802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39–20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89–92B6–83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360–05E0–4F93–8150–02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778–48A5-A060–549D30024511}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411–4B13-A746-C2A4F4EC7344}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9–91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1–6890–484A-89D3–318C928DAC1B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2BCCDF1E-F77E-42A8–8219-AD1552A3820F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738–5844–4A99-B4B6–146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874–49F5-B338–4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14–2E7B869345E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{62D40876-DF18–411F-9D34-A9DD7A197BC5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DB604FB-131C-4B50–95E8–95CD1C0C08E7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226–8A66–6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0–8A76–46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4–164C-4B07-A016–437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811–442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096–8989–4612–841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15–8465–4F58-A7E5–73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92–1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94–891D-453C-9FF3–715C042A2575}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10–4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0–8267–40CB-8AD5–24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1–49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2–10DA-4C90–9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634–44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5–4EB7-A673–4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2–6EFD-44B0-A826–84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79–4C29–81D3–74D46A93D370}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3–4402–4121–8B35–733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702–44CF-4B79-B4EF-3DDF653358F5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085–6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395–1659–4DFF-A319–2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127–433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416–9A97–44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7–594C-49A0-AAD1–8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86–4666–9C4B-1189634D2C84}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061–4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331–296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5–4004–8761–79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21–185F-4CA0-B789–9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359–4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6–4179–4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42–7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288–4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395–4317–8DD6–45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8–4F5D-AC64–4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656–46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021–60D4–42A6-A065–9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3–732A-4A11–933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7–646C-4512–969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722–5C85–4CA0-BA69–1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524–2187–441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6–425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227–5342–4D94–80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9–24D4–4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95–3E83–4BB8–9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2–21F3–4786–8CF4–16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51–2655–4D06-AED5–745962A96B32}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00001.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00001.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00001.TBSB00001
Key Deleted : HKLM\SOFTWARE\Classes\TBSB00001.TBSB00001.3
Key Deleted : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Key Deleted : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3205709
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1–8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8–4276–8FD7–9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45–8BF9–4139–915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012–2C85–4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22–44AA-9887–7898F4F4158D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47–4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63–7274–43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205–5E02–4E32–876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1–4B29-B3F0–159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89–92B6–83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\Software\ChatZum Toolbar
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16–6D32–4FE6–8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1982A6F8-CEB1–4C95-AF5B-119EAA189B03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35529173-BDB0–42FB-BE28–0FA8D5637B5F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0–1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201–34D0–49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74558AE6–4711–4CF6-A61D-4F708E6D4B29}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78591361-BAF4–4070-B5E2-F4D402C58695}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8–634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5–889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8–4113–95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5F8D363-D9CA-4778–9774–2FBDA8F9CC8B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4400FC1–1E69–490A-8C6C-1CD8010DFEEA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560–573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074–43B7-BEA3–87217BDA74C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360–6118–11DC-9C72–001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5F05C28D-DEA9–4AD6-A73A-064175988EAB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86–96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117–14D1–44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{FB697452–8CA4–46B4–98B1–165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrotherSoft_Extreme3 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyAshampoo Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2BCCDF1E-F77E-42A8–8219-AD1552A3820F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DB604FB-131C-4B50–95E8–95CD1C0C08E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1–49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7–832F-4BDF-B144–100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1–5–18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F05C28D-DEA9–4AD6-A73A-064175988EAB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86–96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117–14D1–44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrotherSoft_Extreme3 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyAshampoo Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596–4008-AEE0–45D47E3A8F0E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411–4B13-A746-C2A4F4EC7344}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{62D40876-DF18–411F-9D34-A9DD7A197BC5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9–7132–4A7A-80E4–30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397–4BA8-BB50-E19FB66890F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118–11DC-9C72–001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16–6D32–4FE6–8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main – ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd → hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main – Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 → hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search – Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 → hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search – Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 → hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search – Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= → hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search – Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= → hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search – Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 → hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search – Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 → hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search – Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= → hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search – Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q= → hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main – Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592 → hxxp://www.google.com

AdwCleaner[R1].txt – [37023 octets] – [14/12/2012 20:33:06]
AdwCleaner[S1].txt – [36303 octets] – [14/12/2012 20:33:18]

EOF – C:\AdwCleaner[S1].txt – [36364 octets]

Vepište odpověď…

před 4360 dny Odpovědět Nahlásit

mikecka

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Ubisoft\uTorrent\uTorrent.exe
C:\Program Files\FilesFrog Update Checker\update_checker.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Dokumenty\Downloads\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.lavasoft.com/?source=3336ca5f&tbp=homepage&toolbarid=adawaretb&v=2_2&u=3D7064103A5D1E7F934EA950CB4D862C
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
R1 – HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 – HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: ‚; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 – URLSearchHook: ICQToolBar – {855F3B16–6D32–4fe6–8A56-BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 – URLSearchHook: (no name) – {A55F9C95–2BB1–4EA2-BC77-DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e-4397–4ba8-bb50-e19fb66890f4} – C:\Program Files\MyAshampoo\prxtbMyA1.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9–7132–4a7a-80e4–30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuTor.dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876-df18–411f-9d34-a9dd7a197bc5} – C:\Program Files\BrotherSoft_Extreme3\prxtbBrot.dll
R3 – URLSearchHook: SweetIM ToolbarURLSearchHook Class – {EEE6C35D-6118–11DC-9C72–001320C79847} – C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e-4524–4019–86af-2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
F2 – REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 – BHO: uTorrentControl2 – {687578b9–7132–4a7a-80e4–30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuTor.dll
O2 – BHO: Ad-Aware Security Add-on – {6c97a91e-4524–4019–86af-2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O2 – BHO: Norton Vulnerability Protection – {6D53EC84–6AAE-4787-AEEE-F4628F01010C} – C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\IPS\IPSBHO.DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB-D6F0–462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD-4d91–8333-CF10577473F7} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869–2E5C-4ED4–8F7B-F1F7851A4497} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43–7D58–4638-B6FA-CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044-A445–435b-BC74–9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031–17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C-6118–11DC-9C72–001320C79847} – C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F-081B-4404–994D-C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08–935F-4701-A9CA-22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16–6D32–4FE6–8A56-BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9–7132–4a7a-80e4–30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuTor.dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B-6118–11DC-9C72–001320C79847} – C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e-4524–4019–86af-2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask.com\Updater\Updater.exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\system₃₂.bat
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe“
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVPN.exe /autorun
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe“
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run.bat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher“ –windows-run
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\uTorrent\uTorrent.exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S-1–5–21–583907252–436374069–682003330–1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\ICQ.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD-3F60–4B0A-AE14-EC124B7A7FCE} – C:\Program Files\ICQ7.7\ICQ.exe
O9 – Extra button: Skype Click to Call – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25–18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {BFC32E1D-EE75–4A48-BC60–104E11EE2431} – (no file)
O9 – Extra button: (no name) – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38-d088–4134–82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 – DPF: {D0C0F75C-683A-4390-A791–1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8–444553540000} (Shockwave Flash Object) – http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 – Protocol: base64 – {5ACE96C0-C70A-4A4D-AF14–2E7B869345E1} – C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 – Protocol: chrome – {5ACE96C0-C70A-4A4D-AF14–2E7B869345E1} – C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 – Protocol: prox – {5ACE96C0-C70A-4A4D-AF14–2E7B869345E1} – C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 – Protocol: skype-ie-addon-data – {91774881-D725–4E58-B298–07617B9B86A8} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 – Protocol: skype4com – {FFC8B962–9B40–4DFF-9458–1830C7DD7F5D} – C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 – AppInit_DLLs: c:\progra~1\window~4\datamngr\datamngr.dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O22 – SharedTaskScheduler: Browseui preloader – {438755C2-A8BA-11D1-B96B-00A0C90312E1} – C:\WINDOWS\system32\browseui.dll
O22 – SharedTaskScheduler: Proces mezipaměti kategorií součástí – {8C7461EF-2B13–11d2-BE35–3078302C2030} – C:\WINDOWS\system32\browseui.dll
O23 – Service: Ad-Aware Service – Lavasoft Limited – C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) – Adobe Systems Incorporated – C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Update\GoogleUpdate.exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Update\GoogleUpdate.exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 – Service: ICQ Service – Unknown owner – C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMaintenance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engine\19.9.0.9\ccSvcHst.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: Ad-Aware (SBAMSvc) – GFI Software – C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C:\WINDOWS\system32\sfrem01.exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Updater\Updater.exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file – 14272 bytes
tu je ten Hijackthis

před 4360 dny Odpovědět Nahlásit

Bedy

No ještě že jste mi sem ten výpis z logu dal – máte tam pěkný brodel. Tak to půjdeme uklidit. Spusťte si Hijackthis, klikněte na Do a system scan only a zaškrtejte tam následující položky:
R1 – HKCU\Software\Microsoft\Intern et Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 – HKCU\Software\Microsoft\Intern et Explorer\Main, Default_Search_URL = http://search.certified-toolba r.com…
R0 – HKCU\Software\Microsoft\Intern et Explorer\Main,Start Page = http://safesearchr.lavasoft.co m…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Search Bar = http://search.certified-toolba r.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Search Page = http://search.certified-toolba r.com…
R0 – HKLM\Software\Microsoft\Intern et Explorer\Main,Start Page = http://search.chatzum.com/
R1 – HKCU\Software\Microsoft\Intern et Explorer\Search, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKCU\Software\Microsoft\Intern et Explorer\Search, SearchAssistant = http://search.qip.ru…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Search, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKCU\Software\Microsoft\Intern et Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R3 – URLSearchHook: ICQToolBar – {855F3B16– 6D32– 4fe6– 8A56– BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar. dll
R3 – URLSearchHook: (no name) – {A55F9C95– 2BB1– 4EA2– BC77– DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e- 4397– 4ba8– bb50– e19fb66890f4} – C:\Program Files\MyAshampoo\prxtbMyA1.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876– df18– 411f- 9d34– a9dd7a197bc5} – C:\Program Files\BrotherSoft_Extreme3\prx tbBrot. dll
R3 – URLSearchHook: SweetIM ToolbarURLSearchHook Class – {EEE6C35D- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgHelper.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O2 – BHO: uTorrentControl2 – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
O2 – BHO: Google Toolbar Helper – {AA58ED58– 01DD- 4d91– 8333– CF10577473F7} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43– 7D58– 4638– B6FA- CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNoti fier\5. 7. 7529. 1424\swg. dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB- 68DD- 40F0– B4AC- B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgToolbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F- 081B- 4404– 994D- C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16– 6D32– 4FE6– 8A56– BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar. dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgToolbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1– 4965– 11d4– 9B18– 009027A5CD4F} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLink\PowerDVD\PDVDS erv. exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\Pr ePatch. exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask. com\Updater\Updater. exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\system₃₂.bat – nahrajte tento soubor na www.virustotal.com. Pokud to ohlásí, že bylk soubor již analyzován, klikněte na reanalyse. Pokud tam najdou antiviry vir, tak tu položky taky zaškrtněte a soubor smažte.
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetI M. exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\Swe etPacksUpdateManager. exe
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe“ – to je úplně k ničmeu, to zrovna odinstalujte pak přes Start-ovládací panely-přidta nebo odebrat programy
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run.bat – podezřelé zaškrtnout a nahrát na virustotal.com – pokud tam antiviry najdou vir, tak smazat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher“ –windows-run – mizerný antivir, nainstalujte si radši něco jiného
O9 – Extra button: (no name) – {BFC32E1D- EE75– 4A48– BC60– 104E11EE2431} – (no file)
O16 – DPF: {D0C0F75C- 683A- 4390– A791– 1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com…
O18 – Protocol: base64 – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: chrome – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: prox – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O20 – AppInit_DLLs: c: \progra~1\window~4\datamngr\da tamngr. dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartnerNetwork\Toolba r\apnmcp. exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe

Pak klikněte na Fix checked. Nezapomeňte předtím zavřít všechny spuštěné programy.

Dále pomocí CCleaneru vyčistěte disk a registr CCleanerem.

Určitě si zaktualizujte i Adobe reader, stačí ho spustit, kliknout na Nápověda-Zkontrolovat aktualizace.

před 4360 dny Odpovědět Nahlásit

mikecka

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]`````Antivirus/Firewall Check:`````[/b][/u]
Norton AntiVirus
Ad-Aware Antivirus
[b][u]```Anti-malware/Other Utilities Check:```[/b][/u]
Ad-Aware
MVPS Hosts File
CCleaner
Java™ 6 Update 35
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]```Process Check: objlist.exe by Laurent```[/b][/u]
Norton ccSvcHst.exe
[color=red][b]Ad-Aware AAWService.exe is disabled![/b][/color]
[color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/color]
Ad-Aware Antivirus AdAwareService.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst.exe
Ad-Aware Antivirus SBAMSvc.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst.exe
[b][u]``````System Health check``````[/b][/u]
Total Fragmentation on Drive C::
[b][u]```````End of Log```````[/b][/u]

tady je Security Check.

před 4360 dny Odpovědět Nahlásit

mikecka

už sem to tu dal :)

před 4360 dny Odpovědět Nahlásit

mikecka

C:\WINDOWS\System32\smss.exe
C: \WINDOWS\system32\winlogon. exe
C: \WINDOWS\system32\services. exe
C:\WINDOWS\system32\lsass.exe
C: \WINDOWS\system32\svchost. exe
C: \WINDOWS\System32\svchost. exe
C: \WINDOWS\system32\spoolsv. exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\AskPartnerNetwork\Toolba r\apnmcp. exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton AntiVirus\Engine\19. 9. 0. 9\ccSvcHst. exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C: \WINDOWS\system32\svchost. exe
C: \WINDOWS\system32\wbem\wmiapsr v. exe
C:\Program Files\Norton AntiVirus\Engine\19. 9. 0. 9\ccSvcHst. exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDS erv. exe
C:\Program Files\Guard-ICQ\GuardICQ.exe
C:\Program Files\Ask. com\Updater\Updater. exe
C:\Program Files\SweetIM\Messenger\SweetI M. exe
C:\Program Files\SweetIM\Communicator\Swe etPacksUpdateManager. exe
C:\Program Files\PrivitizeVPN\PrivitizeVP N. exe
C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C: \PROGRA~1\AD- AWA~1\AdAware. exe
C:\Program Files\Ubisoft\uTorrent\uTorren t. exe
C:\Program Files\FilesFrog Update Checker\update_checker.exe
C: \WINDOWS\system32\wbem\unsecap p. exe
C: \WINDOWS\system32\wuauclt. exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D: \Dokumenty\Downloads\HijackThi s. exe

R1 – HKCU\Software\Microsoft\Intern et Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 – HKCU\Software\Microsoft\Intern et Explorer\Main, Default_Search_URL = http://search.certified-toolba r.com…
R0 – HKCU\Software\Microsoft\Intern et Explorer\Main,Start Page = http://safesearchr.lavasoft.co m…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Default_Page_URL = http://go.microsoft.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Search Bar = http://search.certified-toolba r.com…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Main,Search Page = http://search.certified-toolba r.com…
R0 – HKLM\Software\Microsoft\Intern et Explorer\Main,Start Page = http://search.chatzum.com/
R1 – HKCU\Software\Microsoft\Intern et Explorer\Search, Default_Search_URL = http://search.certified-toolba r.com…
R1 – HKCU\Software\Microsoft\Intern et Explorer\Search, SearchAssistant = http://search.qip.ru…
R1 – HKLM\Software\Microsoft\Intern et Explorer\Search, Default_Search_URL = http://search.certified-toolba r.com…
R0 – HKLM\Software\Microsoft\Intern et Explorer\Search, SearchAssistant =
R1 – HKCU\Software\Microsoft\Intern et Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: ‚; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 – HKCU\Software\Microsoft\Intern et Explorer\Toolbar, LinksFolderName = Odkazy
R3 – URLSearchHook: ICQToolBar – {855F3B16– 6D32– 4fe6– 8A56– BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar. dll
R3 – URLSearchHook: (no name) – {A55F9C95– 2BB1– 4EA2– BC77– DFAAB78832CE} – (no file)
R3 – URLSearchHook: (no name) – – (no file)
R3 – URLSearchHook: MyAshampoo Toolbar – {a1e75a0e- 4397– 4ba8– bb50– e19fb66890f4} – C:\Program Files\MyAshampoo\prxtbMyA1.dll
R3 – URLSearchHook: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
R3 – URLSearchHook: BrotherSoft Extreme3 Toolbar – {62d40876– df18– 411f- 9d34– a9dd7a197bc5} – C:\Program Files\BrotherSoft_Extreme3\prx tbBrot. dll
R3 – URLSearchHook: SweetIM ToolbarURLSearchHook Class – {EEE6C35D- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgHelper.dll
R3 – URLSearchHook: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
F2 – REG:system.ini: UserInit=C: \WINDOWS\system32\userinit. exe
O2 – BHO: uTorrentControl2 – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
O2 – BHO: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O2 – BHO: Norton Vulnerability Protection – {6D53EC84– 6AAE- 4787– AEEE- F4628F01010C} – C:\Program Files\Norton AntiVirus\Engine\19. 9. 0. 9\IPS\IPSBHO. DLL
O2 – BHO: Java™ Plug-In SSV Helper – {761497BB- D6F0– 462C- B6EB- D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\ssv.dll
O2 – BHO: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58– 01DD- 4d91– 8333– CF10577473F7} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O2 – BHO: SkypeIEPluginBHO – {AE805869– 2E5C- 4ED4– 8F7B- F1F7851A4497} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 – BHO: Google Toolbar Notifier BHO – {AF69DE43– 7D58– 4638– B6FA- CE66B5AD205D} – C:\Program Files\Google\GoogleToolbarNoti fier\5. 7. 7529. 1424\swg. dll
O2 – BHO: Java™ Plug-In 2 SSV Helper – {DBC80044– A445– 435b- BC74– 9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031– 17CE- 4C07– BC86– EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs \ie\jqs_plugin. dll
O2 – BHO: EpsonToolBandKicker Class – {E99421FB- 68DD- 40F0– B4AC- B7027CAE2F1A} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 – BHO: SWEETIE – {EEE6C35C- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgToolbarIE.dll
O3 – Toolbar: EPSON Web-To-Page – {EE5D279F- 081B- 4404– 994D- C6B60AAEBA6D} – C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 – Toolbar: Easy Photo Print – {9421DD08– 935F- 4701– A9CA- 22DF90AC4EA6} – C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 – Toolbar: ICQToolBar – {855F3B16– 6D32– 4FE6– 8A56– BBB695989046} – C:\Program Files\ICQ6Toolbar\ICQToolBar. dll
O3 – Toolbar: uTorrentControl2 Toolbar – {687578b9– 7132– 4a7a- 80e4– 30ee31099e03} – C:\Program Files\uTorrentControl2\prxtbuT or. dll
O3 – Toolbar: SweetPacks Toolbar for Internet Explorer – {EEE6C35B- 6118– 11DC- 9C72– 001320C79847} – C:\Program Files\SweetIM\Toolbars\Interne t Explorer\mgToolbarIE.dll
O3 – Toolbar: Google Toolbar – {2318C2B1– 4965– 11d4– 9B18– 009027A5CD4F} – C:\Program Files\Google\Google Toolbar\GoogleToolbar₃₂.dll
O3 – Toolbar: Ad-Aware Security Add-on – {6c97a91e- 4524– 4019– 86af- 2aa2d567bf5c} – C:\Program Files\adawaretb\adawareDx.dll
O4 – HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [RemoteControl] „C:\Program Files\CyberLink\PowerDVD\PDVDS erv. exe“
O4 – HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\Pr ePatch. exe
O4 – HKLM\..\Run: [Guard.Mail.ru.gui] „C:\Program Files\Guard-ICQ\GuardICQ.exe“ /gui
O4 – HKLM\..\Run: [ApnUpdater] „C:\Program Files\Ask. com\Updater\Updater. exe“
O4 – HKLM\..\Run: [ImagePath] C:\windows\system₃₂.bat
O4 – HKLM\..\Run: [Adobe ARM] „C:\Program Files\Common Files\Adobe\ARM\1. 0\AdobeARM. exe“
O4 – HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetI M. exe
O4 – HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\Swe etPacksUpdateManager. exe
O4 – HKLM\..\Run: [PrivitizeVPN] C:\Program Files\PrivitizeVPN\PrivitizeVP N. exe /autorun
O4 – HKLM\..\Run: [Ad-Aware Browsing Protection] „C:\Documents and Settings\All Users\Data aplikací\Ad-Aware Browsing Protection\adawarebp.exe“
O4 – HKLM\..\Run: [SearchProtection] C:\Documents and Settings\All Users\Data aplikací\Search Protection\_run.bat
O4 – HKLM\..\Run: [Ad-Aware Antivirus] „C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher“ –windows-run
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 – HKCU\..\Run: [uTorrent] „C:\Program Files\Ubisoft\uTorrent\uTorren t. exe“ /MINIMIZED
O4 – HKCU\..\Run: [Facebook Update] „C:\Documents and Settings\uživatel\Local Settings\Data aplikací\Facebook\Update\Faceb ookUpdate. exe“ /c /nocrashserver
O4 – HKCU\..\Run: [SDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto
O4 – HKCU\..\Run: [DAEMON Tools Lite] „C:\Program Files\DAEMON Tools Lite\DTLite.exe“ -autorun
O4 – HKUS\S-1–5–19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE‘)
O4 – HKUS\S-1–5–20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚NETWORK SERVICE‘)
O4 – HKUS\S- 1– 5– 21– 583907252– 436374069– 682003330– 1006\. . \Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚UpdatusUser‘)
O4 – HKUS\S-1–5–18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚SYSTEM‘)
O4 – HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‚Default user‘)
O8 – Extra context menu item: E&xportovat do aplikace Microsoft Office Excel – res: //C: \PROGRA~1\MICROS~2\OFFICE11\EX CEL. EXE/3000
O9 – Extra button: ICQ7.7 – {77F665FD- 3F60– 4B0A- AE14– EC124B7A7FCE} – C:\Program Files\ICQ7.7\ICQ.exe
O9 – Extra ‚Tools‘ menuitem: ICQ7.7 – {77F665FD- 3F60– 4B0A- AE14– EC124B7A7FCE} – C:\Program Files\ICQ7.7\ICQ.exe
O9 – Extra button: Skype Click to Call – {898EA8C8– E7FF- 479B- 8935– AEC46303B9E5} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 – Extra button: Zdroje informací – {92780B25– 18CC- 41C8– B9BE- 3C9C571A8263} – C: \PROGRA~1\MICROS~2\OFFICE11\RE FIEBAR. DLL
O9 – Extra button: (no name) – {BFC32E1D- EE75– 4A48– BC60– 104E11EE2431} – (no file)
O9 – Extra button: (no name) – {e2e2dd38– d088– 4134– 82b7– f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‚Tools‘ menuitem: @xpsp3res.dll,–20001 – {e2e2dd38– d088– 4134– 82b7– f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 – DPF: {D0C0F75C- 683A- 4390– A791– 1ACFD5599AB8} (Oberon Flash Game Host) – http://icq.oberon-media.com…
O16 – DPF: {D27CDB6E- AE6D- 11CF- 96B8– 444553540000} (Shockwave Flash Object) – http://fpdownload2.macromedia. com…
O18 – Protocol: base64 – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: chrome – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: prox – {5ACE96C0– C70A- 4A4D- AF14– 2E7B869345E1} – C:\Program Files\BrowserCompanion\tdatapr otocol. dll
O18 – Protocol: skype-ie-addon-data – {91774881– D725– 4E58– B298– 07617B9B86A8} – C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 – Protocol: skype4com – {FFC8B962– 9B40– 4DFF- 9458– 1830C7DD7F5D} – C: \PROGRA~1\COMMON~1\Skype\SKYPE 4~1. DLL
O20 – AppInit_DLLs: c: \progra~1\window~4\datamngr\da tamngr. dll
O20 – Winlogon Notify: TPSvc – TPSvc.dll (file missing)
O22 – SharedTaskScheduler: Browseui preloader – {438755C2– A8BA- 11D1– B96B- 00A0C90312E1} – C: \WINDOWS\system32\browseui. dll
O22 – SharedTaskScheduler: Proces mezipaměti kategorií součástí – {8C7461EF- 2B13– 11d2– BE35– 3078302C2030} – C: \WINDOWS\system32\browseui. dll
O23 – Service: Ad-Aware Service – Lavasoft Limited – C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
O23 – Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) – Adobe Systems Incorporated – C: \WINDOWS\system32\Macromed\Fla sh\FlashPlayerUpdateService. exe
O23 – Service: Ask Update Service (APNMCP) – APN LLC. – C:\Program Files\AskPartnerNetwork\Toolba r\apnmcp. exe
O23 – Service: Guard.Mail.ru – Unknown owner – C:\Program Files\Guard-ICQ\GuardICQ.exe
O23 – Service: Služba Google Update (gupdate) (gupdate) – Google Inc. – C:\Program Files\Google\Update\GoogleUpda te. exe
O23 – Service: Služba Google Update (gupdatem) (gupdatem) – Google Inc. – C:\Program Files\Google\Update\GoogleUpda te. exe
O23 – Service: Google Software Updater (gusvc) – Google – C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService. exe
O23 – Service: ICQ Service – Unknown owner – C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\ Intel 32\IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: Mozilla Maintenance Service (MozillaMaintenance) – Mozilla Foundation – C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 – Service: Norton AntiVirus (NAV) – Symantec Corporation – C:\Program Files\Norton AntiVirus\Engine\19. 9. 0. 9\ccSvcHst. exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C: \WINDOWS\system32\nvsvc32. exe
O23 – Service: NVIDIA Update Service Daemon (nvUpdatusService) – NVIDIA Corporation – C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 – Service: Ad-Aware (SBAMSvc) – GFI Software – C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
O23 – Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) – Protection Technology (StarForce) – C: \WINDOWS\system32\sfrem01. exe
O23 – Service: Skype C2C Service – Skype Technologies S.A. – C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 – Service: Skype Updater (SkypeUpdate) – Skype Technologies – C:\Program Files\Skype\Updater\Updater. exe
O23 – Service: TunngleService – Tunngle.net GmbH – C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file – 14272 bytes
tu je ten Hijackthis

Avatar uživatele
Registrovaný
mikecka

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]`````Antivirus/ Firewall Check:`````[/b][/u]
Norton AntiVirus
Ad-Aware Antivirus
[b][u]```Anti- malware/Other Utilities Check:```[/b][/u]
Ad-Aware
MVPS Hosts File
CCleaner
Java™ 6 Update 35
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]```Process Check: objlist.exe by Laurent```[/b][/u]
Norton ccSvcHst.exe
[color=red][b]Ad-Aware AAWService.exe is disabled![/b][/color]
[color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/color]
Ad-Aware Antivirus AdAwareService.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst.exe
Ad-Aware Antivirus SBAMSvc.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst.exe
[b][u]``````System Health check``````[/b][/u]
Total Fragmentation on Drive C::
[b][u]```````End of Log```````[/b][ /u]

tady je Security Check.

Avatar uživatele
Registrovaný
mikecka

Results of screen317's Security Check version 0.99.56
Windows XP Service Pack 3 x86
Internet Explorer 8
[b][u]`````Antivirus/ Firewall Check:`````[/b][/u]
Norton AntiVirus
Ad-Aware Antivirus
[b][u]```Anti- malware/Other Utilities Check:```[/b][/u]
Ad-Aware
MVPS Hosts File
CCleaner
Java™ 6 Update 35
[color=red][b]Java version out of Date![/b][/color]
Adobe Flash Player 11.5.502.135
Adobe Reader 10.1.4 [color=red][b]Adobe Reader out of Date![/b][/color]
Mozilla Firefox (17.0.1)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
[b][u]```Process Check: objlist.exe by Laurent```[/b][/u]
Norton ccSvcHst.exe
[color=red][b]Ad-Aware AAWService.exe is disabled![/b][/color]
[color=red][b]Ad-Aware AAWTray.exe is disabled![/b][/color]
Ad-Aware Antivirus AdAwareService.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst.exe
Ad-Aware Antivirus SBAMSvc.exe
Norton AntiVirus Engine 19.9.0.9 ccSvcHst.exe
[b][u]``````System Health check``````[/b][/u]
Total Fragmentation on Drive C::
[b][u]```````End of Log```````[/b][ /u]