VIRY.CZ

Prosim o kontrolu logu Ď

Logfile of random's system information tool 1.09 (written by random/random)
Run by Alex at 2013-08-29 11:42:36
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 207 GB (72%) free of 286 GB
Total RAM: 1407 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:44:02, on 29. 8. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Alex\Downloads\RSIT.exe
C:\Program Files\trend micro\Alex.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [NTRedirect] C:\Windows\system32\rundll32.exe "C:\Users\Alex\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Stiahnuť s Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

--
End of file - 5899 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
DVDVideoSoft WebPageAdjuster Class - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-01-30 281760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-26 5074384]
"vProt"=C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2013-08-28 2285232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"NTRedirect"=C:\Users\Alex\AppData\Roaming\BabSolution\Shared\enhancedNT.dll [2013-08-22 187984]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-22 815104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=2
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-08-29 11:42:37 ----D---- C:\Program Files\trend micro
2013-08-29 11:42:36 ----D---- C:\rsit
2013-08-28 12:04:50 ----SHD---- C:\$RECYCLE.BIN
2013-08-28 12:02:20 ----SD---- C:\download-ComboFix
2013-08-28 12:01:52 ----D---- C:\Qoobox
2013-08-28 12:00:34 ----A---- C:\Windows\system32\drivers\avgtpx86.sys
2013-08-28 12:00:01 ----D---- C:\ProgramData\AVG SafeGuard toolbar
2013-08-28 12:00:01 ----D---- C:\Program Files\Common Files\AVG Secure Search
2013-08-28 11:59:59 ----D---- C:\Program Files\AVG SafeGuard toolbar
2013-08-28 11:59:29 ----D---- C:\Windows\erdnt
2013-08-28 11:58:33 ----SD---- C:\32788R22FWJFW
2013-08-28 10:52:29 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-26 12:16:47 ----D---- C:\Users\Alex\AppData\Roaming\File Scout
2013-08-26 12:16:43 ----D---- C:\ProgramData\IBUpdaterService
2013-08-26 12:16:29 ----D---- C:\Users\Alex\AppData\Roaming\BabSolution
2013-08-26 12:16:04 ----D---- C:\ProgramData\Babylon
2013-08-26 12:16:03 ----D---- C:\Users\Alex\AppData\Roaming\Babylon
2013-08-26 12:11:22 ----A---- C:\Windows\system32\drivers\wssbtr1f.sys
2013-08-26 12:11:22 ----A---- C:\Windows\system32\drivers\SktBt2k.sys
2013-08-26 12:11:22 ----A---- C:\Windows\system32\drivers\SioUi2k.dll
2013-08-26 12:11:22 ----A---- C:\Windows\system32\drivers\Sio9502k.sys
2013-08-26 12:11:22 ----A---- C:\Windows\system32\drivers\SCTray.exe
2013-08-26 12:11:22 ----A---- C:\Windows\system32\drivers\OXSER.SYS
2013-08-20 11:09:03 ----D---- C:\Windows\system32\MRT
2013-08-20 11:08:52 ----D---- C:\7819a577fb36efdcaf
2013-08-20 10:47:09 ----A---- C:\Windows\system32\mshtmled.dll
2013-08-20 10:47:08 ----A---- C:\Windows\system32\vbscript.dll
2013-08-20 10:47:07 ----A---- C:\Windows\system32\ieui.dll
2013-08-20 10:47:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-20 10:47:06 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-20 10:47:06 ----A---- C:\Windows\system32\ieUnatt.exe
2013-08-20 10:47:05 ----A---- C:\Windows\system32\wininet.dll
2013-08-20 10:47:05 ----A---- C:\Windows\system32\jscript.dll
2013-08-20 10:47:04 ----A---- C:\Windows\system32\url.dll
2013-08-20 10:47:04 ----A---- C:\Windows\system32\jscript9.dll
2013-08-20 10:47:03 ----A---- C:\Windows\system32\iertutil.dll
2013-08-20 10:47:02 ----A---- C:\Windows\system32\urlmon.dll
2013-08-20 10:47:01 ----A---- C:\Windows\system32\ieframe.dll
2013-08-20 10:46:59 ----A---- C:\Windows\system32\mshtml.dll
2013-08-19 17:46:24 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-19 17:46:23 ----A---- C:\Windows\system32\icaapi.dll
2013-08-19 17:46:23 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-19 17:46:21 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-19 17:46:15 ----A---- C:\Windows\system32\tzres.dll
2013-08-19 17:45:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-19 17:45:27 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-08-19 17:45:26 ----A---- C:\Windows\system32\ntdll.dll
2013-08-19 17:42:39 ----A---- C:\Windows\system32\wintrust.dll
2013-08-19 17:42:39 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-19 17:42:39 ----A---- C:\Windows\system32\crypt32.dll
2013-08-19 17:42:38 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-09 15:22:10 ----D---- C:\Users\Alex\AppData\Roaming\EPSON
2013-08-09 15:10:40 ----D---- C:\ProgramData\UDL
2013-08-09 15:05:42 ----A---- C:\Windows\system32\PICSDK2.dll
2013-08-09 15:05:42 ----A---- C:\Windows\system32\PICSDK.ini
2013-08-09 15:05:42 ----A---- C:\Windows\system32\PICSDK.dll
2013-08-09 15:05:42 ----A---- C:\Windows\system32\PICEntry.dll
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EpPicPrt.dll
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPrinterDB.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_PT.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_IT.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_GE.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_FR.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_ES.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_EN.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_DU.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_CF.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPresetData_BP.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern6.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern5.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern4.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern3.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern2.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern131.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern121.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPICPattern1.dat
2013-08-09 15:05:42 ----A---- C:\Windows\system32\EPPicMgr.dll
2013-08-09 15:04:51 ----D---- C:\ProgramData\EPSON
2013-08-09 15:03:07 ----A---- C:\Windows\system32\E_DCINST.DLL
2013-08-09 15:03:04 ----A---- C:\Windows\system32\E_FLBCAE.DLL
2013-08-09 15:02:59 ----A---- C:\Windows\system32\E_FD4BCAE.DLL
2013-08-09 15:00:52 ----D---- C:\Program Files\epson
2013-08-09 15:00:52 ----A---- C:\Windows\system32\esint7e.dll
2013-08-09 15:00:51 ----A---- C:\Windows\system32\eswiaml.dll
2013-08-09 15:00:51 ----A---- C:\Windows\system32\eswia7e.dll
2013-08-09 15:00:30 ----A---- C:\Windows\CDE DX4400DEFGIPS.ini

======List of files/folders modified in the last 1 month======

2013-08-29 11:42:37 ----RD---- C:\Program Files
2013-08-29 11:42:32 ----D---- C:\Windows\Temp
2013-08-29 11:17:00 ----D---- C:\Windows\winsxs
2013-08-29 10:34:07 ----D---- C:\Windows\system32\drivers
2013-08-29 10:31:39 ----D---- C:\Windows
2013-08-28 12:04:58 ----D---- C:\Windows\system32\catroot
2013-08-28 12:02:53 ----D---- C:\Windows\System32
2013-08-28 12:02:38 ----D---- C:\Users\Alex\AppData\Roaming\OpenCandy
2013-08-28 12:02:11 ----SHD---- C:\System Volume Information
2013-08-28 12:00:01 ----HD---- C:\ProgramData
2013-08-28 12:00:01 ----D---- C:\Program Files\Common Files
2013-08-28 11:02:47 ----D---- C:\Users\Alex\AppData\Roaming\Winamp
2013-08-28 11:02:27 ----D---- C:\Windows\inf
2013-08-28 11:02:26 ----D---- C:\Windows\Debug
2013-08-27 12:44:14 ----D---- C:\Users\Alex\AppData\Roaming\Skype
2013-08-26 12:47:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-26 12:22:01 ----D---- C:\Windows\ABLKSR
2013-08-26 12:17:09 ----HD---- C:\Program Files\Uninstall Information
2013-08-26 12:16:31 ----D---- C:\Windows\system32\Tasks
2013-08-26 12:16:18 ----D---- C:\Windows\Prefetch
2013-08-26 12:11:48 ----HD---- C:\Program Files\InstallShield Installation Information
2013-08-26 12:10:55 ----D---- C:\Program Files\Common Files\Adobe
2013-08-21 23:52:39 ----D---- C:\Windows\Microsoft.NET
2013-08-21 23:52:36 ----RSD---- C:\Windows\assembly
2013-08-21 17:30:44 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-08-21 17:27:53 ----D---- C:\Windows\rescache
2013-08-20 23:10:04 ----A---- C:\Windows\system32\acovcnt.exe
2013-08-20 23:06:20 ----D---- C:\Windows\system32\cs-CZ
2013-08-20 23:06:19 ----D---- C:\Windows\system32\migration
2013-08-20 23:06:19 ----D---- C:\Program Files\Internet Explorer
2013-08-20 11:08:56 ----A---- C:\Windows\system32\mrt.exe
2013-08-20 11:07:05 ----SHD---- C:\Windows\Installer
2013-08-20 10:48:37 ----D---- C:\Windows\system32\catroot2
2013-08-09 15:13:47 ----SD---- C:\Windows\Downloaded Program Files
2013-08-09 15:13:46 ----D---- C:\Program Files\Common Files\InstallShield
2013-08-09 15:00:52 ----D---- C:\Windows\twain_32

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-08-28 37664]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2012-10-08 62512]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-02 64896]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2012-10-08 149568]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-12-28 18688]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-14 43520]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-06 51200]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-22 181304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-11 41600]
R3 WCPU;WCPU; \??\C:\Program Files\P4G\WCPU.sys [2007-01-03 11120]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 LVUVC;Logitech Webcam C100(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-09-21 4261224]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-10-14 4422560]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2006-12-01 113792]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-21 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2006-10-06 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2006-11-03 53504]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2006-10-28 40960]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-26 1329304]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2006-11-01 77824]
R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [2013-08-28 1616048]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-01-07 116648]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-16 755880]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]

-----------------EOF-----------------

Zdravim

Co jste tam provadel s ComboFixem?

Odinstalujte vse od AVG. Predpokladam, ze na ten Eset mate platnou licenci.

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

s combofixem nic moc stiahol a potom som ho hned vymazal

od AVG (bol to len toolbar) som si nic neinstaloval si teda aspon nespominam uz dlho pouzivam esetko

provedu kontrolu

tu je log

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.29.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Alex :: ALEX-PC [administrátor]

Ochrana: Povolena

29. 8. 2013 14:12:14
MBAM-log-2013-08-29 (15-41-49).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 324474
Uplynulý čas: 1 hodin, 28 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\ENHANCEDNT.DLL (PUP.Optional.A.BabSolution) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 3
HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 0C2Z1N1R0Q1D1J1C0Q1B -> Nebyla provedena žádná instrukce.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|NTRedirect (PUP.Optional.A.BabSolution) -> Data: C:\Windows\system32\rundll32.exe "C:\Users\Alex\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 10
C:\ProgramData\IBUPDATERSERVICE (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\CR (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\50047D9CACC94076B17891CF5B785C6D (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\FILE SCOUT (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 32
C:\$RECYCLE.BIN\S-1-5-21-2761143479-993938521-1032092047-1000\$RC0Z4D1.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Program Files\Uninstall Information\Ib\97\3867\ib_uninstall.exe (PUP.Optional.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BabSolution\Shared\BabMaint.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BabSolution\Shared\BUSolution.dll (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\File Scout\filescout.exe (Trojan.PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OpenCandy\2D3607B4B8E74095B3CC1D30A0F7EF3E\LatestDLMgr.exe (PUP.Optional.OpenCandy.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\Downloads\77ZipSetup.exe (PUP.Optional.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUPDATERSERVICE\REPOSITORY.XML (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\ENHANCEDNT.DLL (PUP.Optional.A.BabSolution) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\CR\BabylonChrome1.crx (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\BabSetup.ico (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\chu.js (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\GUninstaller.exe (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\SetupParams.ini (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\BABSOLUTION\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\5879.ico (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\msvcr100.dll (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\PasswordBoxCHSTORE_p1v0.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\PasswordBox_1v0s6.html (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\ReadCookie.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\SQLite.Interop.dll (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\2D3607B4B8E74095B3CC1D30A0F7EF3E\System.Data.SQLite.dll (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\50047D9CACC94076B17891CF5B785C6D\TuneUpUtilities2013_2200319_en-US.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0\4185.ico (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0\OCBrowserHelper.dll (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0\smileyswelovetoolbar.crx (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0\SmileysWeLoveToolbarSetup.msi (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\OPENCANDY\B5356C5DB3B549D4BEBDA6B368F2C4F0\smileyswelove_p3v5.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\FILE SCOUT\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\Alex\AppData\Roaming\FILE SCOUT\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.

(konec)

a naco platim Eset ked nieco stale vnikne do pocitaca ?

Zadny antivir neni 100%

Nalezy nechte odstranit. Po restartu zopakujte test, at vime, ze se neco nevraci. Oznamte vysledek, nebo dejte log. Podle toho budeme pokracovat.

Omilom som zmazal log no neboli najdene infoltracie uz malo by to byt ok ? ci radsej sprvym znova ten uplny scan ci bude stacit richly scan. bo dokonca aj skrolka na booku zacala fungovat

nasiel som skoro som zabudol ze programky si zvyknu protokole ukladat pre neskorsiu anal...

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.30.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Alex :: ALEX-PC [administrátor]

Ochrana: Povolena

30. 8. 2013 21:20:41
mbam-log-2013-08-30 (21-20-41).txt

Typ: Kompletní kontrola (C:\|D:\|G:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 322847
Uplynulý čas: 1 hodin, 34 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

no ak je to ok tak prosim o temi a dik za pococ jak aj inokedy som


pripadne ak tak dame nieco na kontrolu ? ci ? co som tak nateseny ? du spat

Vse to urcite neni, to byl teprve zacatek Nebo uz je pc v poradku?


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Paci sa

# AdwCleaner v3.001 - Report created 01/09/2013 at 12:34:16
# Updated 24/08/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Alex - ALEX-PC
# Running from : C:\Users\Alex\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
File Found : C:\Windows\System32\Tasks\DSite
File Found : C:\Windows\System32\Tasks\EPUpdater
Folder Found : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\Uniblue\DriverScanner
Folder Found C:\Users\Alex\AppData\Roaming\DSite
Folder Found C:\Users\Alex\AppData\Roaming\dvdvideosoftiehelpers

***** [ Shortcuts ] *****

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic\Delta Force Black Hawk Down\Uninstall.lnk ( -f"C:\Program Files\NovaLogic\Delta Force Black Hawk Down\Uninst.isu" )

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon Chrome Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Uniblue\DriverScanner
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5809 octets] - [01/09/2013 12:34:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5869 octets] ##########

Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

# AdwCleaner v3.001 - Report created 01/09/2013 at 20:33:40
# Updated 24/08/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Alex - ALEX-PC
# Running from : C:\Users\Alex\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Alex\AppData\Roaming\DSite
Folder Deleted : C:\Users\Alex\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\EPUpdater

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaLogic\Delta Force Black Hawk Down\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03B3EB66-B2EA-4616-A192-C8A78A5DA9B0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03B3EB66-B2EA-4616-A192-C8A78A5DA9B0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAEB5211-7D9B-462C-AC5E-F57D35574F3B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAEB5211-7D9B-462C-AC5E-F57D35574F3B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon Chrome Toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5949 octets] - [01/09/2013 12:34:16]
AdwCleaner[R1].txt - [6009 octets] - [01/09/2013 20:29:29]
AdwCleaner[S0].txt - [6152 octets] - [01/09/2013 20:33:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6212 octets] ##########

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

RogueKiller V8.6.8 [Sep 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Alex [Práva správce]
Mód : Kontrola -- Datum : 09/02/2013 16:14:18
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NALEZENO
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B3B1140)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B3B1140)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B39FA5A)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B39FA2C)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B39FA88)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B3ACB70)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8B3ACB3C)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost
::1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] 25de3ca557689cc87495be50db2b18d7
[BSP] b04802fb9a873a927073f3d3524e5658 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 286164 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 586065920 | Size: 190774 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Hitachi HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] fa6d13ad7179118f4fed64408274dacd
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 135 | Size: 1884 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_09022013_161418.txt >>

Znovu spustte RogueKiller jako spravce (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.