Kontrola logu - velmi pomale PC

[karel22]

zdravim, prosim o kontrolu logu


Logfile of random's system information tool 1.06 (written by random/random)
Run by Giampa at 2014-08-12 23:10:24
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 113 GB (24%) free of 467 GB
Total RAM: 2045 MB (65% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\e2778b28-928c-4697-894d-65311608041e-1.job
C:\Windows\tasks\e2778b28-928c-4697-894d-65311608041e-3.job
C:\Windows\tasks\e2778b28-928c-4697-894d-65311608041e-4.job
C:\Windows\tasks\e2778b28-928c-4697-894d-65311608041e-5.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job
C:\Windows\tasks\HDvid Codec V6.0-chromeinstaller.job
C:\Windows\tasks\SaveSense.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAC42510-9B41-42c1-9DCD-7282A2D07C61}]
BitAccelerator - C:\Program Files\BitAccelerator\BitAccelerator.dll [2012-09-16 14336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]
OfferBox - C:\Program Files\OfferBox\OfferBoxBHO.dll [2010-11-22 135000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
{ae07101b-46d4-4a98-af68-0333ea26e113}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-14 4452352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-04-23 43848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"NielsenOnline"=C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [2014-04-07 91688]
"iTunesHelper"=C:\Program Files\iTunesHelper.exe [2014-05-15 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"=C:\Program Files\Stardock\CursorFX\CursorFX.exe [2008-07-07 416768]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-09 68856]
"Google Update"=C:\Users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2009-05-21 206064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2008-03-11 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-03-31 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-03-31 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-04-11 56080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-03-31 133656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-05-14 4452352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Moo0 VoiceRecorder 1.30.lnk - C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-31 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\GoToAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ce15b4e-7e61-11dd-9414-806e6f6e6963}]
shell\AutoRun\command - E:\SETUP.EXE


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2014-08-12 23:10:24 ----D---- C:\rsit

======List of files/folders modified in the last 1 months======

2014-08-12 23:10:27 ----D---- C:\Program Files\trend micro
2014-08-12 23:10:21 ----D---- C:\Windows\temp
2014-08-12 23:10:21 ----D---- C:\Windows\Prefetch
2014-08-12 22:50:09 ----SHD---- C:\Windows\Installer
2014-08-12 22:49:21 ----D---- C:\Program Files\PC Connectivity Solution
2014-08-12 22:47:50 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-12 22:47:36 ----D---- C:\Windows\system32\drivers
2014-08-12 22:46:49 ----D---- C:\Windows\system32\catroot
2014-08-12 22:46:48 ----D---- C:\Windows\inf
2014-08-12 22:46:09 ----D---- C:\Windows
2014-08-12 22:44:34 ----SHD---- C:\System Volume Information
2014-08-12 22:20:54 ----D---- C:\Program Files\PixEasy
2014-08-12 22:19:38 ----D---- C:\Program Files
2014-08-12 22:14:50 ----D---- C:\Users\Giampa\AppData\Roaming\Skype
2014-08-12 22:13:55 ----D---- C:\Windows\System32
2014-08-12 22:13:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-12 22:07:37 ----D---- C:\Windows\system32\LogFiles
2014-08-12 22:02:37 ----D---- C:\Program Files\HDvid Codec V6.0
2014-08-12 22:01:24 ----D---- C:\Image Resizer 4
2014-08-12 22:01:17 ----D---- C:\Users\Giampa\AppData\Roaming\ObviousIdea
2014-08-12 21:52:52 ----D---- C:\Program Files\Steam
2014-08-12 21:43:51 ----D---- C:\Program Files\Google
2014-08-12 21:40:53 ----HD---- C:\Program Files\InstallShield Installation Information
2014-08-12 21:14:27 ----D---- C:\Program Files\Diablo II
2014-08-12 20:59:54 ----D---- C:\Users\Giampa\AppData\Roaming\uTorrent
2014-08-12 20:59:54 ----D---- C:\Users\Giampa\AppData\Roaming\inkscape
2014-08-12 20:55:18 ----D---- C:\Program Files\CCleaner
2014-08-12 20:38:18 ----D---- C:\ProgramData
2014-08-12 20:29:10 ----D---- C:\Program Files\Ubisoft
2014-08-12 20:24:52 ----D---- C:\Windows\Debug
2014-08-06 17:12:56 ----D---- C:\Program Files\Warrock EU
2014-07-27 19:12:29 ----D---- C:\Users\Giampa\AppData\Roaming\TS3Client
2014-07-25 15:54:51 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-24 09:12:18 ----A---- C:\Windows\system32\dmwu.exe
2014-07-24 09:07:26 ----A---- C:\Windows\system32\ImHttpComm.dll
2014-07-22 15:01:58 ----A---- C:\Windows\system32\msvcr80.dll
2014-07-22 15:01:58 ----A---- C:\Windows\system32\msvcp80.dll
2014-07-22 15:01:58 ----A---- C:\Windows\system32\msvcm80.dll
2014-07-20 22:21:07 ----D---- C:\Users\Giampa\AppData\Roaming\vlc
2014-07-20 14:51:27 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2013-03-07 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 765736]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 368176]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 62376]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-03 213768]
R1 nnfwdk;Nielsen WFP Driver; \??\C:\Program Files\NetRatingsNetSight\NetSight\meter4\nnfwdk.sys [2014-04-07 23080]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-07-24 5632]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 66336]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
R3 BCM43XX;Driver della scheda di rete 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-01-03 1044984]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-05-21 228224]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-14 1773536]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam E3500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2011-07-20 35328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 usbaudio;Driver audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 a0zz6hdn;a0zz6hdn; C:\Windows\system32\drivers\a0zz6hdn.sys []
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 Dot4;Driver MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Driver classe Print per IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-31 2016256]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\Windows\system32\drivers\MfeAVFK.sys [2009-03-03 79880]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\Windows\system32\drivers\MfeBOPK.sys [2009-03-03 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\Windows\system32\drivers\MfeRKDK.sys [2009-03-03 34216]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\cmusbser.sys [2007-10-16 97408]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
S3 RimUsb;Smartphone BlackBerry; C:\Windows\System32\Drivers\RimUsb.sys [2011-07-25 64512]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-05-14 304920]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-21 700416]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IBUpdaterService;IBUpdaterService; C:\Windows\system32\dmwu.exe [2014-07-24 2161456]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 myAgtSvc;Servizio di protezione antivirus e antispyware di McAfee; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2009-10-23 282824]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NielsenUpdate;Nielsen Update; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2014-04-07 2854952]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-09-04 75136]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-14 201968]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2014-05-15 553288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1c9b92666e5ae50;Servizio di Google Update (gupdate1c9b92666e5ae50); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-09 133104]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 GoogleDesktopManager-010708-104812;Google Desktop Manager 5.7.801.7324; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-09 29744]
S3 GoToAssist;GoToAssist; C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe [2008-09-30 16680]
S3 gupdatem;Servizio Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-09 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-11 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-05-29 529232]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Servizio stato di ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SrvUpdater;Software Updater; C:\Program Files\SoftwareUpdater\UpdaterService.exe [2014-01-07 37888]

-----------------EOF-----------------

[motji]

Zdravím
Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

[karel22]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Giampa on 13/08/2014 at 14.06.33,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Bar
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Search Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL\\Default
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\searchURL\\Default
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\babyloniepi.babyloniebho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\babyloniepi.babyloniebho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\babylonofficeaddin.officeaddin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\babylonofficeaddin.officeaddin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\babylontc.gingerapplication
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\babylontc.gingerapplication.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\autocompletepro.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babyloniepi.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\babylontc.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\bho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\complitly.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\nctaudiocdgrabber2.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tdataprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\blabbers
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\mybabylon_english
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\translate this web page with babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\translate with babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2574804596-1634237712-1245855245-1001\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\incredibar.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\79caa1b036589d14ea74856e2a220f1e
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\offerbox.offerboxserver
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\offerbox.offerboxserver.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\oneclick
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\oneclickmg
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\base64
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\prox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tdataprotocol.ctdata
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tdataprotocol.ctdata.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.searchprovidermanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\browsercompanion
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0b1aac97-8563-41d9-ae47-58e6a222f0e1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4bd8e034-e0f4-4509-a753-467a8e854cd8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB09850.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB09850.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB09850.TBSB09850
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB09850.TBSB09850.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB09850
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB09850.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB09850.IEToolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB09850.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB09850.TBSB09850
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TBSB09850.TBSB09850.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB09850
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar3.TBSB09850.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2086315
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2269050
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2851640
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



~~~ Files

Successfully deleted: [File] "C:\Users\Giampa\appdata\local\funmoods-speeddial_sf.crx"
Successfully deleted: [File] "C:\Users\Giampa\appdata\local\funmoods.crx"
Successfully deleted: [File] "C:\Users\Giampa\appdata\locallow\SkwConfig.bin"
Failed to delete: [File] "C:\Windows\system32\dmwu.exe"
Failed to delete: [File] "C:\Windows\system32\imhttpcomm.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\savesenselive"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\moovida-1"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\offerbox"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\pricegong"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\savesense"
Successfully deleted: [Folder] "C:\Users\Giampa\AppData\Roaming\search settings"
Successfully deleted: [Folder] "\opencandy"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\bbrs_002.tb"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\delta"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\mybabylon_english"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\softonic"
Successfully deleted: [Folder] "C:\Users\Giampa\appdata\locallow\toolbar4"
Successfully deleted: [Folder] "C:\Program Files\autocompletepro"
Successfully deleted: [Folder] "C:\Program Files\browsercompanion"
Successfully deleted: [Folder] "C:\Program Files\fluendo"
Successfully deleted: [Folder] "C:\Program Files\free video converter"
Successfully deleted: [Folder] "C:\Program Files\offerbox"
Successfully deleted: [Folder] "C:\Program Files\otshot"
Successfully deleted: [Folder] "C:\Program Files\savesenselive"
Successfully deleted: [Folder] "C:\Windows\system32\arfc"
Successfully deleted: [Folder] "C:\Windows\system32\jmdp"
Successfully deleted: [Folder] "C:\Windows\system32\wnlt"
Successfully deleted: [Folder] "C:\Users\Giampa\documents\optimizer pro"
Successfully deleted: [Empty Folder] C:\Users\Giampa\appdata\local\{1A4310DE-AA29-48D8-AAD4-0E19DD436DA0}
Successfully deleted: [Empty Folder] C:\Users\Giampa\appdata\local\{3FBDFE05-293D-4A0F-9117-47849A966AF3}
Successfully deleted: [Empty Folder] C:\Users\Giampa\appdata\local\{46784A6B-051E-46AA-B586-1E653C59717C}
Successfully deleted: [Empty Folder] C:\Users\Giampa\appdata\local\{93ECE3DB-47D6-4F7B-AB2E-843E0A1B8209}
Successfully deleted: [Empty Folder] C:\Users\Giampa\appdata\local\{A4F3FDE7-3559-4575-A42A-808925F1E983}



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Giampa\appdata\local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Folder] C:\Users\Giampa\appdata\local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/08/2014 at 14.12.19,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





pouzivam PC v italstine, tak se neleknete


# AdwCleaner v3.304 - Rapporto creato 13/08/2014 in 14:18:26
# Aggiornato 08/08/2014 di Xplode
# Sistema operativo : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Nome utente : Giampa - PC-GIAMPA
# In esecuzione da : C:\Users\Giampa\Desktop\AdwCleaner.exe
# Opzione : Pulisci

***** [ Servizi ] *****

[#] Servizio Eliminato : IBUpdaterService

***** [ File / Cartelle ] *****

Cartella Eliminato : C:\ProgramData\Games-Attack
Cartella Eliminato : C:\ProgramData\MovieMode
Cartella Eliminato : C:\ProgramData\Uniblue
Cartella Eliminato : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Video Converter
Cartella Eliminato : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\otshot
Cartella Eliminato : C:\Program Files\HDvid Codec V6.0
Cartella Eliminato : C:\Program Files\Torntv V9.0
Cartella Eliminato : C:\Users\Giampa\AppData\Local\Babylon
Cartella Eliminato : C:\Users\Giampa\AppData\Local\ConduitEngine
Cartella Eliminato : C:\Users\Giampa\AppData\Local\DirectDownloader
Cartella Eliminato : C:\Users\Giampa\AppData\Local\DVDVideoSoftTB
Cartella Eliminato : C:\Users\Giampa\AppData\Local\moovida air
Cartella Eliminato : C:\Users\Giampa\AppData\Local\MovieMode
Cartella Eliminato : C:\Users\Giampa\AppData\Local\pixeasy Air
Cartella Eliminato : C:\Users\Giampa\AppData\Local\SaveSenseLive
Cartella Eliminato : C:\Users\Giampa\AppData\Local\Smartbar
Cartella Eliminato : C:\Users\Giampa\AppData\Local\myBabylon_English
Cartella Eliminato : C:\Users\Giampa\AppData\Roaming\DownLite
Cartella Eliminato : C:\Users\Giampa\AppData\Roaming\Live-Player
Cartella Eliminato : C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\ffxtlbr@funmoods.com
Cartella Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
Cartella Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih
[!] Cartella Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
[!] Cartella Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnkhmnoajbfccclonaeepohggeolcih
File Eliminato : C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\torntv@torntv.com.xpi
File Eliminato : C:\Windows\system32\dmwu.exe
File Eliminato : C:\Windows\system32\ImhxxpComm.dll
File Eliminato : C:\Users\Giampa\AppData\LocalLow\SkwConfig.bin
File Eliminato : C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Eliminato : C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
File Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Eliminato : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal

***** [ Compiti ] *****

Compito Eliminati : HDvid Codec V6.0-chromeinstaller
Compito Eliminati : e2778b28-928c-4697-894d-65311608041e-1
Compito Eliminati : e2778b28-928c-4697-894d-65311608041e-3
Compito Eliminati : e2778b28-928c-4697-894d-65311608041e-4
Compito Eliminati : e2778b28-928c-4697-894d-65311608041e-5

***** [ Collegamenti ] *****

Collegamento Disinfetatti : C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Collegamento Disinfetatti : C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Collegamento Disinfetatti : C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Collegamento Disinfetatti : C:\Users\Giampa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

***** [ Registro ] *****

Valore Eliminati : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Valore Eliminati : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Valore Eliminati : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [offerboxffx@offerbox.com]
Valore Eliminati : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [OKitSpace@OKitSpace.es]
Valore Eliminati : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [support@predictad.com]
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\lbidgdoiglndbjlcnnifemecdhnpeabo
Chiave Eliminati : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Chiave Eliminati : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Chiave Eliminati : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings
Chiave Eliminati : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Chiave Eliminati : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Chiave Eliminati : HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\7EE743314C844C7F445B8B1D7617612DF1FDD50F
Chiave Eliminati : HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\E6A6A4A475FCE37F8B5AC2F1244DEB2BFCA5615A
Chiave Eliminati : HKCU\Toolbar
Chiave Eliminati : HKLM\SOFTWARE\Classes\.bdc
Chiave Eliminati : HKLM\SOFTWARE\Classes\.bgl
Chiave Eliminati : HKLM\SOFTWARE\Classes\.bof
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\OKitSpace.DLL
Chiave Eliminati : HKLM\SOFTWARE\CLASSES\OKitSpace
Chiave Eliminati : HKLM\SOFTWARE\CLASSES\OKitSpace.1
Chiave Eliminati : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Chiave Eliminati : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Chiave Eliminati : HKCU\Software\d55d8d0bd6feb15
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{055069F3-F78B-4BD1-A277-FE66648D3300}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{45D59156-647B-4B06-B20E-0E297A1077BD}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{9EBB289A-2D7B-465B-825F-1530B813E95A}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{CD5C92AE-97B0-4BC3-BA65-BA0308D543BF}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Valore Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Valore Eliminati : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Valore Eliminati : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Valore Eliminati : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Valore Eliminati : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Dato Ripristinati : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Dato Ripristinati : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Chiave Eliminati : HKCU\Software\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Chiave Eliminati : HKCU\Software\AutocompleteProBHO
Chiave Eliminati : HKCU\Software\ChatZum Toolbar
Chiave Eliminati : HKCU\Software\FissaSearch
Chiave Eliminati : HKCU\Software\Moovida
Chiave Eliminati : HKCU\Software\Offerbox
Chiave Eliminati : HKCU\Software\SaveSense
Chiave Eliminati : HKCU\Software\SaveSenseLive
Chiave Eliminati : HKCU\Software\Search Settings
Chiave Eliminati : HKCU\Software\Spointer
Chiave Eliminati : HKCU\Software\myBabylon_English
Chiave Eliminati : HKLM\Software\AedgePerformanceBCN
Chiave Eliminati : HKLM\Software\ChatZum Toolbar
Chiave Eliminati : HKLM\Software\do-searchSoftware
Chiave Eliminati : HKLM\Software\Offerbox
Chiave Eliminati : HKLM\Software\OKitSpace
Chiave Eliminati : HKLM\Software\OpenCandy
Chiave Eliminati : HKLM\Software\Search Settings
Chiave Eliminati : HKLM\Software\SoftwareUpdater
Chiave Eliminati : HKLM\Software\Speedchecker Limited
Chiave Eliminati : HKLM\Software\Uniblue
Chiave Eliminati : HKLM\Software\Vittalia
Chiave Eliminati : HKLM\Software\myBabylon_English
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4EE2B017-D82C-4B12-B071-5CF1B23D1A42}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6084C211-01A1-464E-97A0-09772E122B50}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{7B0EE1CE-B2EF-49D6-AF4D-EBF8240EF2C2}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A1194237-547A-461d-BD44-B97B1574A7DA}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BF67F764-95B6-4360-BB57-B2E5AA6C814B}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AutocompletePro2_is1
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FilesFrog Update Checker
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\incredibar
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Offerbox Browser
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PCSU-SL_is1
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayVolcanoSA
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceGong
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SaveSense
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus Updater
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search Guard Plus
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdater
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WNLT
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\myBabylon_English Toolbar
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Chiave Eliminati : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\CC94835868BCA58489B0D79DE655BCB1
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16563

Impostazioni Ripristinato : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Impostazioni Ripristinato : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Impostazioni Ripristinato : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v

[ File : C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


[ File : C:\Users\Giampa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Eliminati [Search Provider] : hxxp://mystart.incredibar.com/?a=6R8wiOSKcx&i=26&loc=skw&search={searchTerms}
Eliminati [Extension] : bmbgdmijgopggjaelphhajpjldacbnba
Eliminati [Extension] : clbfjfbnelcflpgpklppgplejolacbej
Eliminati [Extension] : dbpebffoameokfhnaaedmefjncfboino
Eliminati [Extension] : dlfienamagdnkekbbbocojppncdambda
Eliminati [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Eliminati [Extension] : jbpkiefagocgkmemidfngdkamloieekf
Eliminati [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Eliminati [Extension] : kngjfmklipimnkegmcilmbhchklgjgfl
Eliminati [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
Eliminati [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
Eliminati [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
Eliminati [Extension] : plnkhmnoajbfccclonaeepohggeolcih
Eliminati [Extension] : poagplbogcmifmmjdlphdlglclpdkigg

*************************

AdwCleaner[R0].txt - [26210 octets] - [13/08/2014 14:16:09]
AdwCleaner[S0].txt - [25504 octets] - [13/08/2014 14:18:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25565 octets] ##########

[motji]

No, a ty bacily jste chytl taky v Itálii ne

Použijte ještě mbam, nic nemažte a vložte log http://forum.viry.cz/viewtopic.php?f=29&t=137928

[karel22]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 13/08/2014
Scan Time: 22.14.48
Logfile: log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.13.07
Rootkit Database: v2014.08.04.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: Giampa

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 344064
Time Elapsed: 14 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 1
Trojan.BHO, C:\Program Files\BitAccelerator\BitAccelerator.dll, , [ef2c8b3b5823290d678a0c9cea1810f0],

Registry Keys: 13
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C51F7E9-8542-4F25-A30F-2060157752E1}, , [ea315d692853290d6eac1581e41e8080],
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\TypeLib\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, , [918a07bfcfacdb5bd64463334cb66a96],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\bbylntlbr.xtrnl, , [a675a521bbc0053129348023d032738d],
PUP.Optional.BabylonToolBar.A, HKLM\SOFTWARE\CLASSES\bbylntlbr.xtrnl.1, , [8b90497d116a171f4617643f53af6e92],
PUP.Optional.HDVidCndec.A, HKLM\SOFTWARE\HDvid Codec V6.0, , [79a25b6b176473c319a7eb1a51b23cc4],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\Torntv V9.0, , [54c7c50179023ff7e66fb15a30d36c94],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [e23906c0017ada5cb4591cdb6a9826da],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [9b80cff7651658de583cbf670202b848],
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{CAC42510-9B41-42c1-9DCD-7282A2D07C61}, , [ef2c8b3b5823290d678a0c9cea1810f0],
Trojan.BHO, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{CAC42510-9B41-42C1-9DCD-7282A2D07C61}, , [ef2c8b3b5823290d678a0c9cea1810f0],
Trojan.BHO, HKU\S-1-5-21-2574804596-1634237712-1245855245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CAC42510-9B41-42C1-9DCD-7282A2D07C61}, , [ef2c8b3b5823290d678a0c9cea1810f0],
Trojan.BHO, HKU\S-1-5-21-2574804596-1634237712-1245855245-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CAC42510-9B41-42C1-9DCD-7282A2D07C61}, , [ef2c8b3b5823290d678a0c9cea1810f0],
Trojan.BHO, HKLM\SOFTWARE\CLASSES\CLSID\{CAC42510-9B41-42C1-9DCD-7282A2D07C61}\INPROCSERVER32, , [ef2c8b3b5823290d678a0c9cea1810f0],

Registry Values: 4
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, , [1b001aacb3c84cea0c96392ff40e1de3],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\Web Assistant\Firefox, , [1b001aacb3c84cea0c96392ff40e1de3]
PUP.Optional.Incredibar, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}, C:\Program Files\Web Assistant\Firefox, , [42d94c7ab8c3e94db1546fbc49bbdf21]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [9b80cff7651658de583cbf670202b848]

Registry Data: 0
(No malicious items detected)

Folders: 11
Trojan.BHO, C:\Program Files\BitAccelerator, , [ef2c8b3b5823290d678a0c9cea1810f0],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Chrome, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content\icons, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\skin, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\IE, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0, , [ed2e9d29a0dbd165520806bcc141857b],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],

Files: 36
Adware.SaMon, C:\Windows\System32\MovieMode.48CA2AEFA22D.dll, , [8299bf07d0ab51e59971333e50b114ec],
PUP.Optional.BundleInstaller.A, C:\Users\Giampa\Downloads\Setup.exe, , [b665695d6e0d171fdd4041f86d949070],
Adware.DirectDownloader, C:\Users\Giampa\Downloads\BioShock_2_PC__ENG_ITA_DEU_Razor1991.exe, , [c358794d22598caa94fbaf0957a97987],
PUP.BundleInstaller.DW, C:\Users\Giampa\Downloads\Breaking_Bad_S03e01-02_-_[BDmux_720p_-_H264_-_Ac3_Ita_Eng]_DarkSideMux_-_Progetto_BDrip.exe, , [a774c501aecd93a33c6250bf7d84dd23],
Adware.Agent, C:\Users\Giampa\Downloads\Breaking_Bad_S03e03_-_BDmux_720p_-_H264_-_Ita-Eng_Ac3_DarkSideMux_-_Progetto_BDrip.exe, , [37e4ba0ca8d364d20a6d4c0514edd62a],
Adware.DirectDownloader, C:\Users\Giampa\Downloads\Mux_-_XviD_-_Ita_Mp3Breaking_Bad_S02e01-07TntVillage.exe, , [ee2db70fdba02a0ca0efeaceab55af51],
PUP.Optional.Amonetize.A, C:\Users\Giampa\Downloads\FlashPlayerSetup__3149_i83788535_il3.exe, , [44d7f5d1d7a4ce68f9fcb770669b0af6],
PUP.Optional.Amonetize.A, C:\Users\Giampa\Downloads\FlashPlayerSetup__3149_i83788564_il3.exe, , [4dce4383b3c80a2cb93c9394956c2bd5],
PUP.Optional.Amonetize.A, C:\Users\Giampa\Downloads\FlashPlayerSetup__3149_i83872040_il3.exe, , [9289d4f24b3078be45b03fe8e51ca15f],
PUP.Optional.Amonetize.A, C:\Users\Giampa\Downloads\FlashPlayerSetup__3149_i84136445_il430345.exe, , [a37817af97e4df5714e10a1d9c65b64a],
PUP.Optional.Amonetize.A, C:\Users\Giampa\Downloads\FlashPlayerSetup__3149_i86791221_il430345.exe, , [9b806a5c2358c175dc192cfb956c867a],
PUP.Optional.Amonetize.A, C:\Users\Giampa\Downloads\FlashPlayerSetup__3149_i86831876_il430345.exe, , [6ead794d0378db5bb045f6312cd58c74],
PUP.Optional.MovieMode.A, C:\Windows\System32\MovieMode.48CA2AEFA22D.dll, , [de3dcdf90e6d92a4869ea052fe04f30d],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0.localstorage, , [b665b412a1da84b26f12d81dc83a8977],
Trojan.BHO, C:\Program Files\BitAccelerator\BitAccelerator.dll, , [ef2c8b3b5823290d678a0c9cea1810f0],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Chrome\OKitSpace.crx, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome.manifest, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\install.rdf, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content\background.html, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content\content.xul, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content\main.js, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content\icons\okitspace-19x19.png, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\content\icons\okitspace-48x48.png, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\Firefox\chrome\skin\overlay.css, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.OKitSpace.A, C:\Windows\System32\config\systemprofile\AppData\Roaming\okitSpace\IE\config, , [77a4c7ffdd9e47ef51f81e980ff317e9],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0\44, , [ed2e9d29a0dbd165520806bcc141857b],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lmnbobhffedhdhfpcjkjphcfpeeiocdn_0\44-journal, , [ed2e9d29a0dbd165520806bcc141857b],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\000335.ldb, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\000343.ldb, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\000346.ldb, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\000414.log, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\CURRENT, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\LOCK, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\LOG, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\LOG.old, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],
PUP.Optional.CrossRider.A, C:\Users\Giampa\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lmnbobhffedhdhfpcjkjphcfpeeiocdn\MANIFEST-000412, , [56c5f4d23a41c96dcb96f6cc5ea4a65a],

Physical Sectors: 0
(No malicious items detected)


(end)

[motji]

Vše smažte. Poprosím o nový log z FRSTu .)

[karel22]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Giampa at 2014-08-14 00:11:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 105 GB (23%) free of 467 GB
Total RAM: 2045 MB (54% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-13 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"dellsupportcenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P dellsupportcenter []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-14 4452352]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2007-04-11 56080]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]
"RIMBBLaunchAgent.exe"=C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-11-02 90448]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-04-23 43848]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-10-25 421888]
"NielsenOnline"=C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe [2014-04-07 91688]
"iTunesHelper"=C:\Program Files\iTunesHelper.exe [2014-05-15 152392]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-13 4086432]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"=C:\Program Files\Stardock\CursorFX\CursorFX.exe [2008-07-07 416768]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-09 68856]
"Google Update"=C:\Users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2008-09-26 2356088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P DellSupportCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
C:\Dell\E-Center\EULALauncher.exe [2008-02-29 17920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2008-03-31 166424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2008-03-31 141848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
C:\Windows\KHALMNPR.EXE [2007-04-11 56080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2008-03-31 133656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-05-14 4452352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2007-04-23 692224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Moo0 VoiceRecorder 1.30.lnk - C:\Users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-31 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ce15b4e-7e61-11dd-9414-806e6f6e6963}]
shell\AutoRun\command - E:\SETUP.EXE


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2014-08-13 22:12:50 ----D---- C:\ProgramData\Malwarebytes
2014-08-13 22:12:50 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-08-13 17:32:31 ----D---- C:\ProgramData\McAfee
2014-08-13 14:17:03 ----A---- C:\Windows\system32\sqlite3.dll
2014-08-13 14:15:05 ----D---- C:\AdwCleaner
2014-08-13 14:06:16 ----D---- C:\Windows\ERUNT
2014-08-13 13:51:12 ----D---- C:\Users\Giampa\AppData\Roaming\AVAST Software
2014-08-13 12:05:11 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-13 12:05:11 ----A---- C:\Windows\system32\icardres.dll
2014-08-13 12:05:11 ----A---- C:\Windows\system32\icardagt.exe
2014-08-13 12:04:56 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-13 11:54:21 ----A---- C:\Windows\system32\msi.dll
2014-08-13 11:54:21 ----A---- C:\Windows\system32\consent.exe
2014-08-13 11:54:21 ----A---- C:\Windows\system32\authui.dll
2014-08-13 11:54:20 ----A---- C:\Windows\system32\msihnd.dll
2014-08-13 11:54:20 ----A---- C:\Windows\system32\appinfo.dll
2014-08-13 11:54:09 ----A---- C:\Windows\system32\vbscript.dll
2014-08-13 11:54:09 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-13 11:54:08 ----A---- C:\Windows\system32\wininet.dll
2014-08-13 11:54:08 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-13 11:54:08 ----A---- C:\Windows\system32\jscript9.dll
2014-08-13 11:54:08 ----A---- C:\Windows\system32\jscript.dll
2014-08-13 11:54:08 ----A---- C:\Windows\system32\ieui.dll
2014-08-13 11:54:08 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-13 11:54:05 ----A---- C:\Windows\system32\mshtml.dll
2014-08-13 11:54:04 ----A---- C:\Windows\system32\urlmon.dll
2014-08-13 11:54:04 ----A---- C:\Windows\system32\mshta.exe
2014-08-13 11:54:04 ----A---- C:\Windows\system32\msfeedssync.exe
2014-08-13 11:54:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-08-13 11:54:03 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-13 11:54:01 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-13 11:54:00 ----A---- C:\Windows\system32\url.dll
2014-08-13 11:54:00 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-13 11:54:00 ----A---- C:\Windows\system32\iertutil.dll
2014-08-13 11:53:59 ----A---- C:\Windows\system32\ieframe.dll
2014-08-13 11:53:50 ----A---- C:\Windows\system32\tzres.dll
2014-08-13 11:53:18 ----A---- C:\Windows\system32\cdd.dll
2014-08-13 11:53:11 ----A---- C:\Windows\system32\gdi32.dll
2014-08-13 11:13:23 ----D---- C:\The KMPlayer
2014-08-12 23:10:24 ----D---- C:\rsit

======List of files/folders modified in the last 1 months======

2014-08-14 00:11:25 ----D---- C:\Program Files\trend micro
2014-08-14 00:11:24 ----D---- C:\Windows\Prefetch
2014-08-14 00:11:13 ----D---- C:\Windows\temp
2014-08-14 00:07:39 ----D---- C:\Windows\System32
2014-08-13 22:13:49 ----D---- C:\Windows\system32\drivers
2014-08-13 22:12:50 ----D---- C:\ProgramData
2014-08-13 22:12:50 ----D---- C:\Program Files
2014-08-13 17:59:51 ----D---- C:\Windows\Microsoft.NET
2014-08-13 17:58:26 ----RSD---- C:\Windows\assembly
2014-08-13 17:46:54 ----D---- C:\Users\Giampa\AppData\Roaming\Skype
2014-08-13 14:45:42 ----SHD---- C:\Windows\Installer
2014-08-13 14:45:21 ----D---- C:\ProgramData\Dell
2014-08-13 14:44:08 ----D---- C:\Program Files\Common Files
2014-08-13 14:40:24 ----SHD---- C:\System Volume Information
2014-08-13 14:06:16 ----D---- C:\Windows
2014-08-13 13:19:49 ----D---- C:\Windows\system32\Tasks
2014-08-13 13:17:12 ----D---- C:\Windows\winsxs
2014-08-13 13:16:41 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-13 13:14:07 ----D---- C:\Downloads
2014-08-13 13:05:56 ----D---- C:\ProgramData\AVAST Software
2014-08-13 13:04:12 ----D---- C:\Windows\inf
2014-08-13 13:04:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-13 12:45:25 ----D---- C:\Program Files\Warrock EU
2014-08-13 12:44:05 ----D---- C:\Windows\rescache
2014-08-13 12:17:49 ----D---- C:\Program Files\Google
2014-08-13 12:17:49 ----D---- C:\Program Files\DivX
2014-08-13 12:15:49 ----D---- C:\Windows\system32\it-IT
2014-08-13 12:15:47 ----D---- C:\Windows\system32\migration
2014-08-13 12:15:45 ----D---- C:\Program Files\Internet Explorer
2014-08-13 12:12:03 ----D---- C:\ProgramData\Microsoft Help
2014-08-13 12:07:20 ----D---- C:\Windows\system32\MRT
2014-08-13 12:07:19 ----D---- C:\Windows\Debug
2014-08-13 12:07:14 ----A---- C:\Windows\system32\mrt.exe
2014-08-13 12:06:18 ----D---- C:\Windows\system32\catroot
2014-08-13 12:06:17 ----D---- C:\Windows\system32\catroot2
2014-08-13 11:35:13 ----D---- C:\Program Files\VideoLAN
2014-08-12 22:49:21 ----D---- C:\Program Files\PC Connectivity Solution
2014-08-12 22:47:50 ----DC---- C:\Windows\system32\DRVSTORE
2014-08-12 22:07:37 ----D---- C:\Windows\system32\LogFiles
2014-08-12 22:01:24 ----D---- C:\Image Resizer 4
2014-08-12 22:01:17 ----D---- C:\Users\Giampa\AppData\Roaming\ObviousIdea
2014-08-12 21:52:52 ----D---- C:\Program Files\Steam
2014-08-12 21:40:53 ----HD---- C:\Program Files\InstallShield Installation Information
2014-08-12 21:14:27 ----D---- C:\Program Files\Diablo II
2014-08-12 20:59:54 ----D---- C:\Users\Giampa\AppData\Roaming\uTorrent
2014-08-12 20:59:54 ----D---- C:\Users\Giampa\AppData\Roaming\inkscape
2014-08-12 20:55:18 ----D---- C:\Program Files\CCleaner
2014-08-05 09:20:02 ----N---- C:\Windows\system32\MpSigStub.exe
2014-07-27 19:12:29 ----D---- C:\Users\Giampa\AppData\Roaming\TS3Client
2014-07-25 15:54:51 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-22 15:01:58 ----A---- C:\Windows\system32\msvcr80.dll
2014-07-22 15:01:58 ----A---- C:\Windows\system32\msvcp80.dll
2014-07-22 15:01:58 ----A---- C:\Windows\system32\msvcm80.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2014-08-13 55112]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-13 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-13 414392]
R1 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2014-08-13 57800]
R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-03-03 213768]
R1 nnfwdk;Nielsen WFP Driver; \??\C:\Program Files\NetRatingsNetSight\NetSight\meter4\nnfwdk.sys [2014-04-07 23080]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-07-24 5632]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-13 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-13 67824]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
R3 BCM43XX;Driver della scheda di rete 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-01-03 1044984]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-05-21 228224]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-14 1773536]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-04-11 34832]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-04-11 36112]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam E3500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-08-13 110296]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2011-07-20 35328]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 usbaudio;Driver audio USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 a4tajvos;a4tajvos; C:\Windows\system32\drivers\a4tajvos.sys []
S3 Dot4;Driver MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Driver classe Print per IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Decodificatore audio DRM del kernel Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-04-07 36608]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-31 2016256]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\Windows\system32\drivers\MfeAVFK.sys [2009-03-03 79880]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\Windows\system32\drivers\MfeBOPK.sys [2009-03-03 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\Windows\system32\drivers\MfeRKDK.sys [2009-03-03 34216]
S3 MSKSSRV;Proxy di servizio di flusso Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Proxy clock di flusso Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Proxy di gestione qualità di flusso Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Convertitore a T/Sito a sito per flusso Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\cmusbser.sys [2007-10-16 97408]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-08-21 3928576]
S3 RimUsb;Smartphone BlackBerry; C:\Windows\System32\Drivers\RimUsb.sys [2011-07-25 64512]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2009-04-06 23064]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Driver scanner USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-05-14 304920]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-08-21 700416]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-08-13 50344]
R2 Bonjour Service; Servizio Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Servizio di rilevamento dispositivi HP CUE; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 myAgtSvc;Servizio di protezione antivirus e antispyware di McAfee; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2009-10-23 282824]
R2 NielsenUpdate;Nielsen Update; C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe [2014-04-07 2854952]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-09-04 75136]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;Servizio iPod; C:\Program Files\iPod\bin\iPodService.exe [2014-05-15 553288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1c9b92666e5ae50;Servizio di Google Update (gupdate1c9b92666e5ae50); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-09 133104]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09 262320]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Servizio Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-09 133104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-09-11 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-05-29 529232]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Servizio stato di ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[motji]

Co počítač?

[karel22]

Prijde mi ze PC o něco malo rychleji nabíhá, ale hlavne google chrom konečně přestal připomínat IE..takze dekuji

[motji]

Tak ještě

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[karel22]

Combofix nejde stahnout

[motji]

Vypněte prosím antivir

[karel22]

jeste pred spustenim Combofixu se objevil problem, pri pousteni hudby z internetu se mi pocitac po chvili zasekne a musim ho "natvrdo" vypnout a cekat asi 15 min nez ho muzu zapnout, protoze jestli ho zapnu driv tak jen pipa a pipa

zde je log z CF:


ComboFix 14-08-15.01 - Giampa 16/08/2014 12.19.20.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.39.1040.18.2045.1026 [GMT 2:00]
Eseguito da: c:\users\Giampa\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: McAfee® Total Protection™ for Small Business *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee® Total Protection™ for Small Business *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: McAfee® Total Protection™ for Small Business *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\BitAccelerator
c:\program files\BitAccelerator\BitAccelerator.dll
c:\users\Giampa\AppData\Local\assembly\tmp
c:\windows\IsUn0405.exe
c:\windows\system32\16a93904.dll
c:\windows\system32\173e2cd8.dll
c:\windows\system32\234dd0bd.dll
c:\windows\system32\37882edb.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Creati Da 2014-07-16 al 2014-08-16 )))))))))))))))))))))))))))))))))))
.
.
2014-08-16 10:39 . 2014-08-16 10:44 -------- d-----w- c:\users\Giampa\AppData\Local\temp
2014-08-16 10:39 . 2014-08-16 10:39 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-08-16 10:39 . 2014-08-16 10:39 -------- d-----w- c:\users\McAfeeMVSUser\AppData\Local\temp
2014-08-16 10:39 . 2014-08-16 10:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-13 20:13 . 2014-08-13 21:51 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-13 20:12 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-13 20:12 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-13 20:12 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-13 20:12 . 2014-08-13 20:12 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-08-13 20:12 . 2014-08-13 20:12 -------- d-----w- c:\programdata\Malwarebytes
2014-08-13 15:32 . 2014-08-13 15:32 -------- d-----w- c:\programdata\McAfee
2014-08-13 12:17 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-08-13 12:15 . 2014-08-13 12:19 -------- d-----w- C:\AdwCleaner
2014-08-13 12:06 . 2014-08-13 12:06 -------- d-----w- c:\windows\ERUNT
2014-08-13 11:51 . 2014-08-13 11:51 -------- d-----w- c:\users\Giampa\AppData\Roaming\AVAST Software
2014-08-13 11:18 . 2014-08-13 11:16 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-13 11:16 . 2014-08-13 11:16 43152 ----a-w- c:\windows\avastSS.scr
2014-08-13 10:05 . 2014-06-26 22:17 99480 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 10:05 . 2014-06-26 22:17 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 10:05 . 2014-06-26 22:17 619664 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 10:04 . 2014-06-06 04:28 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 09:53 . 2014-07-08 00:46 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-13 09:53 . 2014-06-14 00:44 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-08-13 09:53 . 2014-06-14 00:33 37376 ----a-w- c:\windows\system32\cdd.dll
2014-08-13 09:53 . 2014-07-25 04:26 297984 ----a-w- c:\windows\system32\gdi32.dll
2014-08-13 09:53 . 2014-07-25 02:53 2054656 ----a-w- c:\windows\system32\win32k.sys
2014-08-13 09:13 . 2014-08-14 16:00 -------- d-----w- C:\The KMPlayer
2014-08-12 21:10 . 2014-08-12 21:10 -------- d-----w- C:\rsit
2014-07-27 16:37 . 2014-07-27 16:37 -------- d-----w- c:\users\Giampa\AppData\Local\TeamSpeak 3 Client
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-14 16:06 . 2012-07-24 15:51 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-13 11:16 . 2013-03-08 16:45 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-13 11:16 . 2012-07-24 15:51 57800 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-08-13 11:16 . 2012-07-24 15:51 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-13 11:16 . 2013-03-08 16:45 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-13 11:16 . 2012-07-24 15:51 55112 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-08-13 11:16 . 2012-07-24 15:51 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-13 11:16 . 2012-07-24 15:51 276432 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-05 07:20 . 2009-10-03 11:26 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-07-22 13:01 . 2012-09-17 21:34 632656 ----a-w- c:\windows\system32\msvcr80.dll
2014-07-22 13:01 . 2012-09-17 21:34 554832 ----a-w- c:\windows\system32\msvcp80.dll
2014-07-22 13:01 . 2012-09-17 21:34 479232 ----a-w- c:\windows\system32\msvcm80.dll
2014-07-08 23:04 . 2012-07-24 17:14 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-07-08 23:04 . 2011-09-04 13:02 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-06 08:59 . 2014-07-09 14:09 506880 ----a-w- c:\windows\system32\qedit.dll
2014-05-30 06:53 . 2014-07-09 14:09 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2014-05-15 15:39 . 2014-05-15 15:39 293192 ----a-w- c:\program files\iTunesOutlookAddIn.dll
2014-05-15 15:39 . 2014-05-15 15:39 9789256 ----a-w- c:\program files\iTunes.exe
2014-05-15 15:39 . 2014-05-15 15:39 420168 ----a-w- c:\program files\iTunesAdmin.dll
2014-05-15 15:39 . 2014-05-15 15:39 152392 ----a-w- c:\program files\iTunesHelper.exe
2014-05-15 15:39 . 2014-05-15 15:39 148808 ----a-w- c:\program files\iTunesHelper.dll
2014-05-15 15:39 . 2014-05-15 15:39 117576 ----a-w- c:\program files\iTunesMiniPlayer.dll
2014-05-15 15:39 . 2014-05-15 15:39 26229576 ----a-w- c:\program files\iTunes.dll
2014-05-15 15:39 . 2014-05-15 15:39 776216 ----a-w- c:\program files\gnsdk_sdkmanager.dll
2014-05-15 15:39 . 2014-05-15 15:39 649032 ----a-w- c:\program files\iPodUpdaterExt.dll
2014-05-15 15:39 . 2014-05-15 15:39 3015008 ----a-w- c:\program files\gnsdk_dsp.dll
2014-05-15 15:39 . 2014-05-15 15:39 262680 ----a-w- c:\program files\gnsdk_submit.dll
2014-05-15 15:39 . 2014-05-15 15:39 219672 ----a-w- c:\program files\gnsdk_musicid.dll
2014-05-08 11:00 . 2014-05-08 11:00 3116872 ----a-w- c:\program files\iAdCore.dll
2014-02-21 05:14 . 2014-02-21 05:14 112968 ----a-w- c:\program files\ITDetector.ocx
2007-01-01 22:45 . 2007-01-01 22:45 6010880 ----a-w- c:\program files\GUTC301.tmp
.
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-13 11:14 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-09 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-14 4452352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-04-23 43848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"NielsenOnline"="c:\program files\NetRatingsNetSight\NetSight\NielsenOnline.exe" [2014-04-07 91688]
"iTunesHelper"="c:\program files\iTunesHelper.exe" [2014-05-15 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-14 4085896]
.
c:\users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Moo0 VoiceRecorder 1.30.lnk - c:\users\Giampa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VoiceRecorder 1.30\VoiceRecorder.exe -startup [2011-7-5 2523136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2012-6-6 692224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 21:34 24576 ----a-w- c:\program files\AlienGUIse\fastload.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-09-26 09:02 2356088 ----a-r- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2008-02-29 03:59 17920 ----a-w- c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2008-03-31 08:31 166424 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-03-31 08:31 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2007-04-11 13:32 56080 ----a-w- c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
2008-08-14 16:11 565008 ----a-w- c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
2008-08-14 16:15 2407184 ----a-w- c:\program files\Logitech\QuickCam\Quickcam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-03-31 08:31 133656 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-05-14 09:03 4452352 ----a-w- c:\windows\RtHDVCpl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-24 23:04]
.
2014-08-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 15:18]
.
2014-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-09 15:18]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001Core.job
- c:\users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-21 17:07]
.
2014-08-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2574804596-1634237712-1245855245-1001UA.job
- c:\users\Giampa\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-21 17:07]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local;<local>
uSearchAssistant = hxxp://www.google.com
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: E&sporta in Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Giampa\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{D637545F-B3E6-4967-9058-35956626B426}: NameServer = 8.8.8.8,8.8.4.4
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
WebBrowser-{ECDC465A-CF20-4B82-9A26-47C9DC52FA32} - (no file)
WebBrowser-{4AE0C3D6-F713-4EED-BC65-25DC3FFDAAC1} - (no file)
HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-AppleSyncNotifier - c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSConfigStartUp-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
MSConfigStartUp-dscactivate - c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
AddRemove-Adobe Photoshop 6.0.1 CE - c:\windows\ISUN0405.EXE
AddRemove-Free Video Converter_is1 - c:\program files\Free Video Converter\unins000.exe
AddRemove-HDvid Codec V6.0 - c:\program files\HDvid Codec V6.0\Uninstall.exe
AddRemove-MovieMode - c:\programdata\MovieMode\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-08-16 12:43
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(12240)
c:\program files\NetRatingsNetSight\NetSight\nsmmc.dll
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
c:\program files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
c:\program files\NetRatingsNetSight\NetSight\NielsenUpdate.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conime.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
.
**************************************************************************
.
Ora fine scansione: 2014-08-16 12:52:47 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-08-16 10:52
.
Pre-Run: 112.060.952.576 byte disponibili
Post-Run: 111.875.424.256 byte disponibili
.
- - End Of File - - 63C28290B49B2F5B5FF2BDCC961A083E
5C616939100B85E558DA92B899A0FC36

[motji]

A při pouštění jen v pc to nedělá?

[karel22]

nedela...