VIRY.CZ

Oleault32.dll to neni, zjistil jsem, ze nechybi, je ve slozce system 32...pak ale nechapu, proc mi to pri hledani nic nenaslo....


"alebo pozri do event logu - zobrazovac udalosti a najdi tam presny nazov chybajucej dll"
jak to udelam?

Nainstaloval jsem si opet Mozillu a bezela normalne, ale po restartu pc a spusteni Firefoxu tam mam opet Babylon, jednak jako domovskou stranku a kdyz spustim novy panel, tak mi vyskoci Babylon search....nevim, co uz udelat, zkusil jsem vsechny navody na odstraneni, co se dalo najit na internetu, ale nefunguje nic...

Přikládám ještě nový log z Rsit...Prosím pomoc:-)



Logfile of random's system information tool 1.09 (written by random/random)
Run by Uzivatel at 2012-08-27 22:31:59
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 112 GB (37%) free of 305 GB
Total RAM: 766 MB (15% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:32:58, on 27.8.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Users\Uzivatel\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Uzivatel\Downloads\RSIT.exe
C:\Program Files\trend micro\Uzivatel.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\22565~1.25\{16cdf~1\browse~1.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5373 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\ekng0ji6.default

prefs.js - "browser.startup.homepage" - "http://search.babylon.com/?affID=111304 ... 1dd945019a"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.271 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
msservice.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
nppdf32.dll
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
adawaretb.xml
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D0F4A166-B8D4-48b8-9D63-80849FE137CB}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-06-06 159744]
"PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-03 13556256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-03 92704]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2007-08-15 772616]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk]
C:\Acer\EMPOWE~1\EAPLAU~1.EXE [2007-04-14 535336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\22565~1.25\{16cdf~1\browse~1.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-08-27 21:16:22 ----A---- C:\Windows\system32\mshtmled.dll
2012-08-27 21:16:20 ----A---- C:\Windows\system32\ieui.dll
2012-08-27 21:16:20 ----A---- C:\Windows\system32\iertutil.dll
2012-08-27 21:16:19 ----A---- C:\Windows\system32\ieUnatt.exe
2012-08-27 21:16:18 ----A---- C:\Windows\system32\wininet.dll
2012-08-27 21:16:18 ----A---- C:\Windows\system32\jscript.dll
2012-08-27 21:16:17 ----A---- C:\Windows\system32\jscript9.dll
2012-08-27 21:16:16 ----A---- C:\Windows\system32\url.dll
2012-08-27 21:16:15 ----A---- C:\Windows\system32\jsproxy.dll
2012-08-27 21:16:14 ----A---- C:\Windows\system32\urlmon.dll
2012-08-27 21:16:06 ----A---- C:\Windows\system32\mshtml.dll
2012-08-27 21:16:05 ----A---- C:\Windows\system32\ieframe.dll
2012-08-27 20:16:17 ----A---- C:\Windows\system32\win32k.sys
2012-08-27 17:54:51 ----A---- C:\Windows\system32\cryptsvc.dll
2012-08-27 17:54:51 ----A---- C:\Windows\system32\cryptnet.dll
2012-08-27 17:54:51 ----A---- C:\Windows\system32\crypt32.dll
2012-08-27 17:54:38 ----A---- C:\Windows\system32\localspl.dll
2012-08-27 17:54:00 ----A---- C:\Windows\system32\netapi32.dll
2012-08-27 17:53:55 ----A---- C:\Windows\system32\shell32.dll
2012-08-27 17:53:28 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-08-27 17:53:25 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2012-08-27 17:53:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-08-27 17:53:04 ----A---- C:\Windows\system32\DWrite.dll
2012-08-27 17:53:04 ----A---- C:\Windows\system32\d3d10warp.dll
2012-08-27 17:53:04 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-08-27 17:53:04 ----A---- C:\Windows\system32\d3d10_1.dll
2012-08-27 17:53:04 ----A---- C:\Windows\system32\d2d1.dll
2012-08-27 17:52:35 ----A---- C:\Windows\system32\msxml6.dll
2012-08-27 17:52:35 ----A---- C:\Windows\system32\msxml3.dll
2012-08-27 17:52:22 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-08-27 17:52:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-08-27 17:52:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-08-27 17:38:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-08-27 17:38:46 ----A---- C:\Windows\system32\schannel.dll
2012-08-27 17:38:46 ----A---- C:\Windows\system32\ncrypt.dll
2012-08-27 17:04:15 ----A---- C:\Windows\system32\wups2.dll
2012-08-27 17:04:15 ----A---- C:\Windows\system32\wucltux.dll
2012-08-27 17:04:15 ----A---- C:\Windows\system32\wuaueng.dll
2012-08-27 17:04:15 ----A---- C:\Windows\system32\wuauclt.exe
2012-08-27 17:03:43 ----A---- C:\Windows\system32\wups.dll
2012-08-27 17:03:43 ----A---- C:\Windows\system32\wudriver.dll
2012-08-27 17:03:43 ----A---- C:\Windows\system32\wuapi.dll
2012-08-27 17:03:24 ----A---- C:\Windows\system32\wuwebv.dll
2012-08-27 17:03:24 ----A---- C:\Windows\system32\wuapp.exe
2012-08-27 17:01:35 ----D---- C:\Program Files\Microsoft Security Client
2012-08-27 15:27:26 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-08-27 15:16:32 ----D---- C:\Users\Uzivatel\AppData\Roaming\Mozilla
2012-08-27 15:15:22 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-27 14:58:36 ----D---- C:\ProgramData\AVAST Software
2012-08-27 14:58:36 ----D---- C:\Program Files\AVAST Software
2012-08-26 23:53:39 ----D---- C:\Windows\temp
2012-08-26 23:53:36 ----A---- C:\ComboFix.txt
2012-08-26 23:44:41 ----SHD---- C:\$RECYCLE.BIN
2012-08-26 23:26:37 ----D---- C:\ComboFix
2012-08-26 21:48:17 ----A---- C:\Windows\zip.exe
2012-08-26 21:48:17 ----A---- C:\Windows\SWSC.exe
2012-08-26 21:48:17 ----A---- C:\Windows\SWREG.exe
2012-08-26 21:48:17 ----A---- C:\Windows\sed.exe
2012-08-26 21:48:17 ----A---- C:\Windows\PEV.exe
2012-08-26 21:48:17 ----A---- C:\Windows\NIRCMD.exe
2012-08-26 21:48:17 ----A---- C:\Windows\MBR.exe
2012-08-26 21:48:17 ----A---- C:\Windows\grep.exe
2012-08-26 21:44:45 ----D---- C:\Qoobox
2012-08-26 21:43:36 ----D---- C:\Windows\erdnt
2012-08-26 14:32:19 ----D---- C:\Users\Uzivatel\AppData\Roaming\RealNetworks
2012-08-26 14:21:44 ----D---- C:\Program Files\Real
2012-08-26 14:21:36 ----D---- C:\Users\Uzivatel\AppData\Roaming\Real
2012-08-26 14:17:20 ----D---- C:\ProgramData\Real
2012-08-26 12:45:54 ----D---- C:\Program Files\trend micro
2012-08-26 12:45:51 ----D---- C:\rsit
2012-08-15 17:24:57 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-08-15 17:24:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2012-08-15 16:56:32 ----D---- C:\Windows\system32\Extensions
2012-08-15 16:56:30 ----D---- C:\Windows\system32\searchplugins
2012-08-15 16:27:58 ----D---- C:\ProgramData\GFI Software
2012-08-15 11:52:36 ----D---- C:\ProgramData\Lavasoft
2012-08-15 11:48:17 ----D---- C:\Program Files\Toolbar Cleaner
2012-08-15 11:26:26 ----D---- C:\Users\Uzivatel\AppData\Roaming\Ad-Aware Antivirus
2012-08-15 09:40:21 ----D---- C:\Users\Uzivatel\AppData\Roaming\Malwarebytes
2012-08-15 09:39:49 ----D---- C:\ProgramData\Malwarebytes
2012-08-14 21:55:05 ----D---- C:\Program Files\Lingea
2012-08-14 21:13:37 ----D---- C:\ProgramData\WindowsSearch
2012-08-14 21:06:52 ----D---- C:\Users\Uzivatel\AppData\Roaming\SUPERAntiSpyware.com
2012-08-14 21:06:19 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2012-08-14 16:31:12 ----D---- C:\ProgramData\AVS4YOU
2012-08-14 16:31:03 ----D---- C:\Users\Uzivatel\AppData\Roaming\AVS4YOU
2012-08-14 16:27:48 ----A---- C:\Windows\system32\libmfxsw32.dll
2012-08-14 16:27:43 ----A---- C:\Windows\system32\GdiPlus.dll
2012-08-14 16:27:42 ----A---- C:\Windows\system32\msxml3a.dll
2012-08-14 16:26:49 ----D---- C:\Program Files\Common Files\AVSMedia
2012-08-14 16:10:00 ----D---- C:\ProgramData\Browser Manager
2012-08-14 16:01:34 ----D---- C:\Users\Uzivatel\AppData\Roaming\KastorFreeAudioConverter
2012-08-14 13:23:49 ----D---- C:\NBA LIVE 08
2012-08-13 20:05:19 ----A---- C:\Windows\system32\CmdLineExt.dll
2012-08-11 13:37:57 ----D---- C:\Users\Uzivatel\AppData\Roaming\Nero
2012-07-31 17:42:33 ----D---- C:\Users\Uzivatel\AppData\Roaming\YourFileDownloader

======List of files/folders modified in the last 1 month======

2012-08-27 22:32:45 ----RSD---- C:\Windows\assembly
2012-08-27 22:24:25 ----D---- C:\Windows\Prefetch
2012-08-27 22:24:07 ----D---- C:\Windows\Microsoft.NET
2012-08-27 22:24:05 ----D---- C:\Windows\system32\catroot
2012-08-27 22:23:35 ----D---- C:\Windows\system32\Tasks
2012-08-27 22:21:00 ----D---- C:\Config.Msi
2012-08-27 22:19:08 ----D---- C:\Windows\system32\cs-CZ
2012-08-27 22:19:08 ----D---- C:\Windows\System32
2012-08-27 22:19:06 ----D---- C:\Windows\system32\migration
2012-08-27 22:19:05 ----D---- C:\Program Files\Internet Explorer
2012-08-27 22:19:04 ----D---- C:\Windows\system32\drivers
2012-08-27 21:50:09 ----D---- C:\Windows\winsxs
2012-08-27 21:48:20 ----SHD---- C:\Windows\Installer
2012-08-27 21:47:24 ----D---- C:\ProgramData\Microsoft Help
2012-08-27 21:34:57 ----D---- C:\Windows\Debug
2012-08-27 21:17:59 ----D---- C:\Windows\system32\catroot2
2012-08-27 21:00:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-27 21:00:41 ----D---- C:\Windows\inf
2012-08-27 19:41:06 ----D---- C:\Windows
2012-08-27 19:32:54 ----D---- C:\Windows\system32\XPSViewer
2012-08-27 19:31:27 ----SHD---- C:\System Volume Information
2012-08-27 17:01:35 ----RD---- C:\Program Files
2012-08-27 15:15:05 ----D---- C:\Program Files\Mozilla Firefox
2012-08-27 14:58:36 ----D---- C:\ProgramData
2012-08-27 14:41:37 ----D---- C:\Windows\system32\LogFiles
2012-08-27 14:36:08 ----HD---- C:\Windows\system32\GroupPolicy
2012-08-27 14:00:43 ----D---- C:\Windows\PCHEALTH
2012-08-26 23:44:44 ----A---- C:\Windows\system.ini
2012-08-26 23:44:32 ----D---- C:\Windows\system32\drivers\etc
2012-08-26 23:36:36 ----D---- C:\Windows\AppPatch
2012-08-26 23:36:35 ----D---- C:\Program Files\Common Files
2012-08-26 21:38:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\Skype
2012-08-26 15:30:15 ----D---- C:\Users\Uzivatel\AppData\Roaming\Winamp
2012-08-26 14:22:02 ----A---- C:\Windows\system32\msvcr71.dll
2012-08-26 14:22:02 ----A---- C:\Windows\system32\msvcp71.dll
2012-08-26 11:19:11 ----D---- C:\Windows\Tasks
2012-08-15 12:23:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-08-15 11:51:19 ----D---- C:\Program Files\Common Files\microsoft shared
2012-08-15 11:14:39 ----D---- C:\Windows\Sun
2012-08-14 20:21:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\Media Player Classic
2012-08-14 20:21:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\DAEMON Tools Lite
2012-08-14 18:50:18 ----D---- C:\Program Files\FormatFactory
2012-08-14 13:23:18 ----D---- C:\Windows\system32\Macromed
2012-08-14 11:59:04 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-14 11:59:03 ----D---- C:\Program Files\SEGA
2012-08-07 09:31:09 ----D---- C:\Program Files\Microsoft Silverlight
2012-08-03 04:46:56 ----A---- C:\Windows\system32\mrt.exe
2012-07-30 19:33:27 ----D---- C:\ProgramData\Skype
2012-07-30 19:33:09 ----RD---- C:\Program Files\Skype
2012-07-29 11:53:29 ----D---- C:\Windows\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-06 242240]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-11-30 15392]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-05-17 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-05-17 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-14 154624]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-31 1192448]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-05-16 32256]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-05-17 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-05-17 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-07 1059112]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-03 7606688]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-17 12032]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-02 1749376]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-05-17 659968]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Browser Manager;Browser Manager; C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-08-14 1697312]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-24 441136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-03 203296]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-05-17 386560]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

MBAM jako skener, občas mívá falešné detekce. Podívejte se do MBAM, otevřte log a zkopírujte ho sem.

jej..ja ho odinstaloval...takze mam Mbam nainstalovat, pak dat kompletni kontrolu a pak se sem zkopirovat log ?

Mikki píše:jej..ja ho odinstaloval...takze mam Mbam nainstalovat, pak dat kompletni kontrolu a pak se sem zkopirovat log ?

To už nebude nic platné, v logu nebude nic z toho, co bylo před tím smazáno. Najděte v programFiles jeho adresář (obvykle zbude i po odinstalaci) a koukněte, zda tam není log.

aha, adresar tam neni...

Myslim, ze to chybejici DLL bude asi nejmensi problem, ale ten babylon search me pekne stve a navic mam nainstalovany antivirus Microsoft security essentials, ktery mi asi neco blokuje, pr. se chova jako vypnuty a nejde to normalne napravit..prosim pomoc...

Stáhněte Avenger: http://forum.viry.cz/viewtopic.php?f=11&t=19832 . Spusťte a do bílého okna zkopírujte:

Registry values to replace with dummy:
„HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows | AppInit_DLLs“

a klikněte na >Execute<. Restartujte PC.

Moc moc moc diky, problem hlaskou "DLL could not be opened" byl vyresen:-)
jeste se chci zeptat, jestli by sel nejak vyresit ten problem s Babylon search, kdy mi Babylon vzdy se nastavi jako domovska stranka...kdyz stranku zmenim na seznam.cz, tak je to ok, ale jakmile vypnu a zapnu mozillu, uz je tam zase Babylon...Moc diky za vasi skvelou pomoc:-)

Odinstalujte Mozillu a proveďte zálohy profilu pomocí MozBackUp: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ . Pak stáhněte novou instalačku Mozilly, nainstalujte a zpět nakopírujte pouze záložky.

zdravim, tak toto vubec nepomohlo, navic Babylon byl uz na domovske strance hned po startu firefoxu...

Myslíte hned po nainstalování nového FF ještě před nakopírováním zálohy?

ano, ale ta zaloha mi tam potom nakopirovat nesla, hlasilo to nejakou chybu

Zdravim, pred chvili jsem to zkusil znovu, nahrat zaloha sla, ale zadny vysledek. Babylon stale otravuje...