VIRY.CZ

dekuji, ze se na to podivate...neda se s tim vubec pracovat...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Kaniii at 2013-09-19 23:36:43
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 93 GB (65%) free of 144 GB
Total RAM: 894 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:37:58, on 2013-09-19
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\BisonCam\BisonHK.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Connect Manager\Bin\CancelAutoPlay.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Users\Kaniii\AppData\Local\Smartbar\Application\SnapDo.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Connect Manager\Bin\zLoggingDaemon.exe
C:\Program Files\Connect Manager\Bin\zConnectionManager.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Kaniii\Downloads\RSIT.exe
C:\Program Files\trend micro\Kaniii.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1375279627
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1375279627
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1375279627
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qvo6.com/web/?utm_source= ... 1375279628
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.qvo6.com/web/?utm_source= ... 1375279628
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BisonHK] C:\Windows\BisonCam\BisonHK.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [zLoader.exe] "C:\Program Files\Connect Manager\Bin\zLoader.exe"
O4 - HKLM\..\Run: [CancelAutoPlay.exe] "C:\Program Files\Connect Manager\Bin\CancelAutoPlay.exe"
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [Browser Infrastructure Helper] C:\Users\Kaniii\AppData\Local\Smartbar\Application\SnapDo.exe startup
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\docume~1\ settings\all users\application data\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} c:\progra~1\google\google~3\goec62~1.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe
O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Unknown owner - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe
O23 - Service: Yontoo Desktop Updater - Unknown owner - C:\Program Files\Yontoo\Y2Desktop.Updater.exe (file missing)

--
End of file - 10161 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DSite.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Recovery DVD Creator.job
C:\Windows\tasks\Scheduled scanning task.job
C:\Windows\tasks\Utökad garanti.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013"
prefs.js - "keyword.URL" - "http://feed.snapdo.com/?publisher=Snapd ... 04/2013&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Kaniii\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{3112ca9c-de6d-4884-a869-9855de68056c}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt

C:\Program Files\Mozilla Firefox\plugins\
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
qvo6.xml

C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\searchplugins\
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-10-02 4119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-08-30 201784]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-02-09 845360]
"BisonHK"=C:\Windows\BisonCam\BisonHK.exe [2007-05-16 73728]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2007-01-11 232184]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2007-01-04 227328]
"MSPService"=C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe [2007-06-13 102400]
"toolbar_eula_launcher"=C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe [2007-01-10 18944]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-16 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-16 8478720]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-16 81920]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-08-30 4858968]
"zLoader.exe"=C:\Program Files\Connect Manager\Bin\zLoader.exe [2012-02-07 25872]
"CancelAutoPlay.exe"=C:\Program Files\Connect Manager\Bin\CancelAutoPlay.exe [2012-02-07 73488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"=C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe [2007-07-19 1120568]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"Browser Infrastructure Helper"=C:\Users\Kaniii\AppData\Local\Smartbar\Application\SnapDo.exe [2013-08-19 21536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\docume~1\ settings\all users\application data\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} c:\progra~1\google\google~3\goec62~1.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.mkdmp3enc"=C:\PROGRA~1\CYBERL~1\MAGICS~1\Kernel\Burner\MKDMP3Enc.ACM
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-11-07 14:32:13 ----D---- C:\ProgramData\IBUpdaterService
2013-11-07 14:07:16 ----D---- C:\Users\Kaniii\AppData\Roaming\PDF Creator Packages
2013-11-07 14:04:06 ----D---- C:\Program Files\GPLGS
2013-11-07 14:03:27 ----D---- C:\Users\Kaniii\AppData\Roaming\DSite
2013-11-07 14:03:26 ----D---- C:\Program Files\PDFCreator
2013-11-05 22:09:36 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-11-05 22:09:35 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-11-05 22:09:30 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2013-11-05 22:09:28 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-11-05 22:09:27 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-11-05 22:09:25 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-11-05 22:09:24 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-11-05 22:09:18 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-11-05 22:06:07 ----A---- C:\Windows\avastSS.scr
2013-09-19 23:36:43 ----D---- C:\rsit
2013-09-18 17:47:35 ----D---- C:\ProgramData\Mobile Partner
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ewusbnet.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ewusbmdm.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ewdcsc.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ew_juextctrl.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ew_jucdcecm.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ew_jucdcacm.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ew_jubusenum.sys
2013-09-18 17:46:33 ----A---- C:\Windows\system32\drivers\ew_hwupgrade.sys
2013-09-18 17:46:32 ----A---- C:\Windows\system32\drivers\ew_usbenumfilter.sys
2013-09-18 17:46:32 ----A---- C:\Windows\system32\drivers\ew_hwusbdev.sys
2013-09-18 17:43:27 ----D---- C:\Program Files\Mobile Partner
2013-09-18 14:57:21 ----A---- C:\Windows\system32\mshtmled.dll
2013-09-18 14:57:19 ----A---- C:\Windows\system32\vbscript.dll
2013-09-18 14:57:16 ----A---- C:\Windows\system32\ieui.dll
2013-09-18 14:57:14 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-18 14:57:13 ----A---- C:\Windows\system32\ieUnatt.exe
2013-09-18 14:57:12 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-18 14:57:10 ----A---- C:\Windows\system32\wininet.dll
2013-09-18 14:57:08 ----A---- C:\Windows\system32\jscript.dll
2013-09-18 14:57:04 ----A---- C:\Windows\system32\jscript9.dll
2013-09-18 14:57:03 ----A---- C:\Windows\system32\url.dll
2013-09-18 14:57:01 ----A---- C:\Windows\system32\iertutil.dll
2013-09-18 14:56:54 ----A---- C:\Windows\system32\urlmon.dll
2013-09-18 14:56:48 ----A---- C:\Windows\system32\ieframe.dll
2013-09-18 14:56:40 ----A---- C:\Windows\system32\mshtml.dll
2013-08-24 02:34:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-24 02:34:18 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-08-24 02:34:14 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-24 02:34:09 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-24 02:34:08 ----A---- C:\Windows\system32\icaapi.dll
2013-08-24 02:33:13 ----A---- C:\Windows\system32\tzres.dll
2013-08-24 02:31:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-24 02:31:31 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-08-24 02:31:29 ----A---- C:\Windows\system32\ntdll.dll

======List of files/folders modified in the last 1 month======

2013-11-11 20:09:56 ----D---- C:\ProgramData\NVIDIA
2013-11-09 21:39:11 ----D---- C:\Windows\AppPatch
2013-11-09 19:52:53 ----HD---- C:\Program Files\InstallShield Installation Information
2013-11-07 14:39:25 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2013-11-06 13:38:41 ----D---- C:\Windows\system32\en-US
2013-11-05 22:04:10 ----D---- C:\ProgramData\AVAST Software
2013-11-05 22:04:10 ----D---- C:\Program Files\AVAST Software
2013-11-04 14:51:33 ----D---- C:\Program Files\Packard Bell
2013-09-19 23:37:29 ----D---- C:\Program Files\trend micro
2013-09-19 23:36:38 ----D---- C:\Windows\Temp
2013-09-19 22:58:43 ----AD---- C:\Windows\System32
2013-09-19 22:58:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-19 22:58:36 ----D---- C:\Windows\inf
2013-09-19 21:25:18 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-09-19 20:56:52 ----D---- C:\Windows\tracing
2013-09-19 20:19:29 ----D---- C:\Windows\system32\catroot
2013-09-19 20:19:24 ----D---- C:\Windows\winsxs
2013-09-19 19:55:02 ----SHD---- C:\System Volume Information
2013-09-19 19:42:25 ----D---- C:\ProgramData\eSafe
2013-09-19 08:00:44 ----D---- C:\Windows
2013-09-18 20:17:23 ----D---- C:\Windows\Microsoft.NET
2013-09-18 20:17:20 ----RSD---- C:\Windows\assembly
2013-09-18 18:21:28 ----D---- C:\Windows\system32\Tasks
2013-09-18 18:11:11 ----SHD---- C:\Windows\Installer
2013-09-18 17:54:02 ----D---- C:\Users\Kaniii\AppData\Roaming\Skype
2013-09-18 17:50:28 ----D---- C:\ProgramData\DatacardService
2013-09-18 17:47:35 ----D---- C:\ProgramData
2013-09-18 17:46:33 ----D---- C:\Windows\system32\drivers
2013-09-18 17:43:59 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2013-09-18 17:43:59 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2013-09-18 17:43:27 ----D---- C:\Program Files
2013-09-18 16:58:27 ----D---- C:\Windows\rescache
2013-09-18 16:21:04 ----D---- C:\Windows\system32\catroot2
2013-09-18 16:04:10 ----D---- C:\Windows\system32\sv-SE
2013-09-18 16:04:08 ----D---- C:\Windows\system32\migration
2013-09-18 16:04:05 ----D---- C:\Program Files\Internet Explorer
2013-09-18 15:32:48 ----D---- C:\Windows\system32\MRT
2013-09-18 15:30:07 ----A---- C:\Windows\system32\mrt.exe
2013-08-30 09:47:32 ----A---- C:\Windows\system32\aswBoot.exe
2013-08-24 02:02:41 ----D---- C:\Windows\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-08-30 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-08-30 177864]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-09-27 36560]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2013-08-30 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-08-30 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-08-30 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-08-30 56080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-08-30 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
R3 Cam5607;Bison WebCam; C:\Windows\System32\Drivers\BisonC07.sys [2007-07-23 971944]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2013-09-18 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2013-09-18 235392]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-11-05 182272]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2013-09-18 73216]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2013-09-18 194816]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-16 7610784]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-02-09 182456]
R3 usbaudio;USB-ljuddrivrutiner (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2013-09-18 102784]
S3 massfilter_lte;LTE Device Mass Storage Filter Driver; \??\C:\Windows\system32\drivers\massfilter_lte.sys [2011-12-05 15896]
S3 MSKSSRV;Tjänstproxy för Microsoft-direktuppspelning; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Klockproxy för Microsoft-direktuppspelning; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Kvalitetshanteringsproxy för Microsoft-direktuppspelning; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Tee/Sink-to-Sink-konverterare för Microsoft-direktuppspelning; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2007-06-08 253952]
S3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS []
S3 usbvideo;USB-videoenhet (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 zgdcat_1440;ZTE Datacard AT Port 1440; C:\Windows\system32\DRIVERS\zgdcat_1440.sys [2012-02-07 111768]
S3 zgdcdiag_1440;ZTE Datacard Diagnostics Port 1440; C:\Windows\system32\DRIVERS\zgdcdiag_1440.sys [2012-02-07 111768]
S3 zgdcmdm_1440;ZTE Datacard Modem 1440; C:\Windows\system32\DRIVERS\zgdcmdm_1440.sys [2012-02-07 111768]
S3 zgdcnet_1440;ZTE Datacard Network Adapter 1440; C:\Windows\system32\DRIVERS\zgdcnet_1440.sys [2012-02-07 141848]
S3 zgdcnmea_1440;ZTE Datacard NMEA Port 1440; C:\Windows\system32\DRIVERS\zgdcnmea_1440.sys [2012-02-07 111768]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-08-30 46808]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 HWDeviceService.exe;HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [2011-03-14 271712]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-03-06 266343]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2007-01-11 166648]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2009-04-11 47616]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-07-31 380992]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-01-11 887544]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Tjänsten Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-10 135664]
S2 Mobile Partner. RunOuc;Mobile Partner. OUC; C:\Program Files\Mobile Partner\UpdateDog\ouc.exe [2013-09-18 246112]
S2 Yontoo Desktop Updater;Yontoo Desktop Updater; C:\Program Files\Yontoo\Y2Desktop.Updater.exe C:\Users\Kaniii\AppData\Roaming\Yontoo\YontooDesktop.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-19 257416]
S3 GoogleDesktopManager;GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [2007-01-04 66560]
S3 gupdatem;Tjänsten Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-10 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe []
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-04-19 161384]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

dekuji za odpoved. ani jsem to nestacila udelat a prestala mi jit obrazovka. netusite, zda by dany virus, ktery tam mam toto mohl zpusobit? a pokud ano, co s tim?
dekuji blanka

Co znamena ze nejde obrazovka? Jakoze tam neni vubec nic? Ani pri startu systemu? Nebo vsechno zmizi az pak? Zkuste resetovat a pak zkusit nastartovat do nouzoveho rezimu. Jinak pokud na te obrazovce neni vubec nic, pochybuju, ze by to byl vir. To by spis ukazovalo na chybu te obrazovky

uz se mi zase rozjel...
tady je sken

# AdwCleaner v3.004 - Report created 21/09/2013 at 14:24:04
# Updated 15/09/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Kaniii - KANIII-DATOR
# Running from : C:\Users\Kaniii\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : WsysSvc
Service Found : Yontoo Desktop Updater

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Found : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Found : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\\invalidprefs.js
File Found : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\searchplugins\Web Search.xml
File Found : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\user.js
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\system32\roboot.exe
File Found : C:\Windows\System32\Tasks\DSite
File Found : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
File Found : C:\Windows\Tasks\DSite.job
Folder Found C:\Program Files\Desk 365
Folder Found C:\Program Files\iMesh Applications
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\Omiga Plus
Folder Found C:\Program Files\Search Results Toolbar
Folder Found C:\Program Files\SweetIM
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Browser Manager
Folder Found C:\ProgramData\eSafe
Folder Found C:\ProgramData\IBUpdaterService
Folder Found C:\ProgramData\iMesh
Folder Found C:\ProgramData\SweetIM
Folder Found C:\ProgramData\Systweak
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Kaniii\AppData\Local\apn
Folder Found C:\Users\Kaniii\AppData\Local\cre
Folder Found C:\Users\Kaniii\AppData\Local\Ilivid
Folder Found C:\Users\Kaniii\AppData\Local\PackageAware
Folder Found C:\Users\Kaniii\AppData\Local\Smartbar
Folder Found C:\Users\Kaniii\AppData\Local\Temp\apn
Folder Found C:\Users\Kaniii\AppData\Local\Temp\Smartbar
Folder Found C:\Users\Kaniii\AppData\Local\Temp\WinZipper
Folder Found C:\Users\Kaniii\AppData\Local\VirtualStore\Program Files\Search Results Toolbar
Folder Found C:\Users\Kaniii\AppData\LocalLow\delta
Folder Found C:\Users\Kaniii\AppData\LocalLow\ilividtoolbarguid
Folder Found C:\Users\Kaniii\AppData\LocalLow\searchresultstb
Folder Found C:\Users\Kaniii\AppData\LocalLow\Smartbar
Folder Found C:\Users\Kaniii\AppData\LocalLow\SweetIM
Folder Found C:\Users\Kaniii\AppData\Roaming\Babylon
Folder Found C:\Users\Kaniii\AppData\Roaming\Desk 365
Folder Found C:\Users\Kaniii\AppData\Roaming\DSite
Folder Found C:\Users\Kaniii\AppData\Roaming\eIntaller
Folder Found C:\Users\Kaniii\AppData\Roaming\Mysearchdial
Folder Found C:\Users\Kaniii\AppData\Roaming\Omiga Plus
Folder Found C:\Users\Kaniii\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

Shortcut Found : C:\Users\Public\Desktop\eBay.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Onlinetjänster\eBay.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\Users\Kaniii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\Users\Kaniii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSN Sverige - Hotmail, Messenger, kändisnytt, nyheter, sport, väder, dejting.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\Users\Kaniii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )
Shortcut Found : C:\Users\Kaniii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - data\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\mysearchdial
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\SmartbarBackup
Key Found : HKCU\Software\SmartbarLog
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\5d48fd1b734ed10
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Found : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Desksvc
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Found : HKLM\Software\iLividSRTB
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Omiga Plus RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Omiga Plus RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Key Found : HKLM\Software\omigaplusSvc
Key Found : HKLM\Software\PerformerSoft
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Tarma Installer
Key Found : HKLM\Software\V9
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1375279627
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=ST9160821AS_5MA49WHWXXXX5MA49WHW&ts=1375279628
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=ST9160821AS_5MA49WHWXXXX5MA49WHW&ts=1375279628

-\\ Mozilla Firefox v22.0 (sv-SE)

[ File : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "qvo6");
Line Found : user_pref("browser.search.order.1", "qvo6");
Line Found : user_pref("browser.search.selectedEngine", "Web Search");
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "62a8381a00000000000000a0c6000000");
Line Found : user_pref("extensions.delta.instlDay", "16016");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.21.513:05:32");
Line Found : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=119357");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Kaniii\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15819 octets] - [21/09/2013 14:24:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [15880 octets] ##########

To je fajn, divne, ale fajn


Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

# AdwCleaner v3.004 - Report created 21/09/2013 at 22:00:12
# Updated 15/09/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Kaniii - KANIII-DATOR
# Running from : C:\Users\Kaniii\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : WsysSvc
[#] Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\iMesh
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files\Desk 365
Folder Deleted : C:\Program Files\iMesh Applications
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Omiga Plus
Folder Deleted : C:\Program Files\Search Results Toolbar
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Users\Kaniii\AppData\Local\apn
Folder Deleted : C:\Users\Kaniii\AppData\Local\cre
Folder Deleted : C:\Users\Kaniii\AppData\Local\Ilivid
Folder Deleted : C:\Users\Kaniii\AppData\Local\PackageAware
Folder Deleted : C:\Users\Kaniii\AppData\Local\Smartbar
Folder Deleted : C:\Users\Kaniii\AppData\Local\VirtualStore\Program Files\Search Results Toolbar
Folder Deleted : C:\Users\Kaniii\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Kaniii\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\Kaniii\AppData\Local\Temp\WinZipper
Folder Deleted : C:\Users\Kaniii\AppData\LocalLow\delta
Folder Deleted : C:\Users\Kaniii\AppData\LocalLow\ilividtoolbarguid
Folder Deleted : C:\Users\Kaniii\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Kaniii\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Kaniii\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\Desk 365
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\DSite
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\Omiga Plus
Folder Deleted : C:\Users\Kaniii\AppData\Roaming\Systweak
File Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\\invalidprefs.js
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\searchplugins\Web Search.xml
File Deleted : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\user.js
File Deleted : C:\Windows\Tasks\DSite.job
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Shortcuts ] *****

na malvare mi to reklo, ze tam neni zadny vir, ale kompletni projeti trvalo nekolik sekund, coz mi prislo divne, mam to udelat znovu?

Log z ADWCleaneru neni cely

To je urcite divne, takze znovu, pripadne v nozovem rezimu

tady je adwl

# AdwCleaner v3.004 - Report created 22/09/2013 at 00:52:22
# Updated 15/09/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Kaniii - KANIII-DATOR
# Running from : C:\Users\Kaniii\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\\invalidprefs.js

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Onlinetjänster\eBay.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Kaniii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Kaniii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSN Sverige - Hotmail, Messenger, kändisnytt, nyheter, sport, väder, dejting.lnk
Shortcut Disinfected : C:\Users\Kaniii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk
Shortcut Disinfected : C:\Users\Kaniii\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDEC90BD-4721-4FE6-B563-77BF4E6DBDBF}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDEC90BD-4721-4FE6-B563-77BF4E6DBDBF}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Omiga Plus RunAsStdUser
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2EB45C5-64FD-451D-B441-59E36C8BF712}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2EB45C5-64FD-451D-B441-59E36C8BF712}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Key Deleted : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\5d48fd1b734ed10
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SmartbarBackup
Key Deleted : HKCU\Software\SmartbarLog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Desksvc
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PerformerSoft
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - data\browserdefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v22.0 (sv-SE)

[ File : C:\Users\Kaniii\AppData\Roaming\Mozilla\Firefox\Profiles\du8mzm70.default-1383679894753\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "qvo6");
Line Deleted : user_pref("browser.search.order.1", "qvo6");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "62a8381a00000000000000a0c6000000");
Line Deleted : user_pref("extensions.delta.instlDay", "16016");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.513:05:32");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119357");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Kaniii\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [15961 octets] - [21/09/2013 14:24:04]
AdwCleaner[R1].txt - [16022 octets] - [21/09/2013 21:58:28]
AdwCleaner[R2].txt - [13351 octets] - [22/09/2013 00:51:03]
AdwCleaner[S0].txt - [3263 octets] - [21/09/2013 22:00:12]
AdwCleaner[S1].txt - [11816 octets] - [22/09/2013 00:52:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [11877 octets] ##########

tady je malware
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.21.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kaniii :: KANIII-DATOR [administrátor]

Ochrana: Povolena

2013-09-22 01:16:57
MBAM-log-2013-09-22 (07-33-22).txt

Typ: Kompletní kontrola (C:\|D:\|E:\|F:\|G:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 428127
Uplynulý čas: 5 hodin, 7 minut, 4 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKCR\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8} (PUP.Optional.MySearchDial.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B} (PUP.Optional.MySearchDial.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0} (PUP.Optional.MySearchDial.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Page (PUP.Optional.Snapdo) -> Špatný: (http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Snapdo) -> Špatný: (http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Search Bar (PUP.Optional.Snapdo) -> Špatný: (http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|Default_Search_URL (PUP.Optional.Snapdo) -> Špatný: (http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search|SearchAssistant (PUP.Optional.Snapdo) -> Špatný: (http://feed.snapdo.com/?publisher=Snapd ... 16/04/2013) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 4
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.16.16 (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 30
C:\Program Files\FLVPlayer\Uninstall\Uninstall.exe (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZISN378C\eGdpSvc[1].exe (PUP.Optional.ESafe.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\1365794911_20286338_333_2.tmp (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\71AA.tmp (PUP.BundleInstaller.DW) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\is1852162411\253255792_Setup.EXE (PUP.Optional.RegCleanerPro) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\is1852162411\DeltaTB.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\BAA14D2A-BAB0-7891-A3EF-8B7CE6236C89\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\BAA14D2A-BAB0-7891-A3EF-8B7CE6236C89\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\BAA14D2A-BAB0-7891-A3EF-8B7CE6236C89\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\BAA14D2A-BAB0-7891-A3EF-8B7CE6236C89\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\1675341.Uninstall\Uninstall.exe (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\35B93D16-BAB0-7891-BF2F-4FE0C6D349E3\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\35B93D16-BAB0-7891-BF2F-4FE0C6D349E3\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\35B93D16-BAB0-7891-BF2F-4FE0C6D349E3\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8645DD58-BAB0-7891-AE51-AEFB0CA67DE2\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8645DD58-BAB0-7891-AE51-AEFB0CA67DE2\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8645DD58-BAB0-7891-AE51-AEFB0CA67DE2\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8EDFADF0-BAB0-7891-8578-E93D23770906\Latest\MyBabylonTB.exe (PUP.Optional.Delta) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8EDFADF0-BAB0-7891-8578-E93D23770906\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8EDFADF0-BAB0-7891-8578-E93D23770906\Latest\ccp.exe (PUP.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\Temp\8EDFADF0-BAB0-7891-8578-E93D23770906\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\eSafe\eGdpSvc.exe.vir (PUP.Optional.ESafe.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\eSafe\eSafeSvc.exe.vir (PUP.Optional.ESafe.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Users\Kaniii\AppData\Roaming\eIntaller\20CF632BBE1042d8A5F4B9D925DC530B\Desk365.exe.vir (PUP.Optional.E7) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Users\Kaniii\AppData\Roaming\eIntaller\20CF632BBE1042d8A5F4B9D925DC530B\eGdpSvc.exe.vir (PUP.Optional.ESafe.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Nebyla provedena žádná instrukce.
C:\Users\Kaniii\AppData\Local\mysearchdial_speedial_v9.0.2.crx (PUP.Optional.MySearchDial.A) -> Nebyla provedena žádná instrukce.

(konec)

Vsechny nalezy nechte odstranit. Po restartu udelejte rychlou kontrolu a dejte vedet, zda neco nasel. Podle vysledku budeme pokracovat

nechala jsem to projet rychlout kontrolou a nic nenasel
zde je log mbam
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.21.10

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kaniii :: KANIII-DATOR [administrátor]

Ochrana: Povolena

2013-09-22 19:20:50
mbam-log-2013-09-22 (19-20-50).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 275719
Uplynulý čas: 2 hodin, 15 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 4
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.16.16 (PUP.Optional.Delta.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Kaniii\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

MBAM odinstalujte


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

tady je combofix
ComboFix 13-09-22.01 - Kaniii 2013-09-23 10:44:28.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1053.18.894.258 [GMT 2:00]
Spuštěný z: c:\users\Kaniii\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\64dlls.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\intel64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\Kernel32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\localsys64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\ntos.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\oembios.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra64.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\sdra73.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\swin32.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twex.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\twext.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\win32avs.exe
c:\documents and settings\ReleaseEngineer.MACROVISION\Application Data\wsnpoema.exe
c:\users\Kaniii\BOIE9_ENUS_BO0085_VIS.EXE
c:\users\Kaniii\SkypeIcon.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-23 do 2013-09-23 )))))))))))))))))))))))))))))))
.
.
2013-11-07 12:07 . 2013-07-16 23:40 -------- d-----w- c:\users\Kaniii\AppData\Roaming\PDF Creator Packages
2013-11-07 12:04 . 2013-11-07 12:04 -------- d-----w- c:\program files\GPLGS
2013-11-07 12:03 . 2013-11-08 14:53 -------- d-----w- c:\program files\PDFCreator
2013-11-05 20:09 . 2013-08-30 07:48 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-05 20:09 . 2013-08-30 07:48 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-05 20:09 . 2013-08-30 07:48 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-11-05 20:09 . 2013-08-30 07:48 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-05 20:09 . 2013-08-30 07:48 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-05 20:09 . 2013-08-30 07:48 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-05 20:09 . 2013-08-30 07:48 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-05 20:09 . 2013-08-30 07:48 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-05 20:06 . 2013-08-30 07:47 41664 ----a-w- c:\windows\avastSS.scr
2013-09-23 09:06 . 2013-09-23 09:13 -------- d-----w- c:\users\Kaniii\AppData\Local\temp
2013-09-23 09:06 . 2013-09-23 09:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-21 20:22 . 2013-09-21 20:22 -------- d-----w- c:\users\Kaniii\AppData\Roaming\Malwarebytes
2013-09-21 13:00 . 2013-09-15 22:50 7328304 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{AB095108-E52F-44F8-AF80-D3EC6241AD63}\mpengine.dll ERROR(0x00000005)
2013-09-21 12:22 . 2013-09-21 22:53 -------- d-----w- C:\AdwCleaner
2013-09-19 23:20 . 2013-07-31 09:54 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-09-19 23:20 . 2013-07-31 09:52 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-09-19 21:36 . 2013-09-19 21:38 -------- d-----w- C:\rsit
2013-09-19 18:26 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-09-19 18:26 . 2013-07-16 04:35 615936 ----a-w- c:\windows\system32\themeui.dll
2013-09-19 18:25 . 2013-08-08 01:45 2049536 ----a-w- c:\windows\system32\win32k.sys
2013-09-19 06:09 . 2013-07-08 04:16 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-09-19 06:09 . 2013-07-08 04:16 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-09-19 06:09 . 2013-07-08 04:20 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-09-19 06:08 . 2013-07-08 04:16 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-09-18 15:46 . 2013-09-18 15:44 64384 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2013-09-18 15:46 . 2013-09-18 15:44 26624 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2013-09-18 15:46 . 2013-09-18 15:44 90368 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2013-09-18 15:46 . 2013-09-18 15:44 73216 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2013-09-18 15:46 . 2013-09-18 15:44 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2013-09-18 15:46 . 2013-09-18 15:44 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2013-09-18 15:46 . 2013-09-18 15:44 235392 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2013-09-18 15:46 . 2013-09-18 15:44 194816 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2013-09-18 15:46 . 2013-09-18 15:44 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2013-09-18 15:46 . 2013-09-18 15:44 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2013-09-18 15:43 . 2013-09-18 15:48 -------- d-----w- c:\program files\Mobile Partner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-19 19:25 . 2012-08-30 16:29 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-19 19:25 . 2012-08-30 16:29 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-18 15:43 . 2012-05-08 14:28 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2013-09-18 15:43 . 2012-05-08 14:28 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2013-09-15 22:50 . 2012-09-22 10:59 7328304 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll ERROR(0x00000005)
2013-08-30 07:47 . 2012-05-08 09:59 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 02:22 . 2012-05-08 18:00 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-06 07:28 . 2012-05-08 18:00 7166848 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll ERROR(0x00000005)
2013-07-31 14:37 . 2011-06-10 23:58 773800 ----a-w- c:\windows\system32\msvcr100.dll
2013-07-31 14:37 . 2011-06-10 23:58 421032 ----a-w- c:\windows\system32\msvcp100.dll
2013-07-25 04:38 . 2013-07-25 04:38 0 ----a-w- c:\program files\GUT7F40.tmp
2013-07-17 19:41 . 2013-08-24 00:33 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-24 00:34 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-24 00:31 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-24 00:31 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-08 04:55 . 2013-08-24 00:31 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-05 03:20 . 2013-08-24 00:34 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-05 01:43 . 2013-08-24 00:34 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-04-10 06:57 . 2013-04-12 08:54 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2007-01-04 09:11 . 2013-04-12 08:54 141824 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2007-07-19 1120568]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-09 845360]
"BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-05-16 73728]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-01-11 232184]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-01-04 227328]
"MSPService"="c:\program files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe" [2007-06-12 102400]
"toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-01-10 18944]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-08-16 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-16 8478720]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-16 81920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"zLoader.exe"="c:\program files\Connect Manager\Bin\zLoader.exe" [2012-02-07 25872]
"CancelAutoPlay.exe"="c:\program files\Connect Manager\Bin\CancelAutoPlay.exe" [2012-02-07 73488]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
rsmsvcs REG_MULTI_SZ ntmssvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-19 18:33 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-30 19:25]
.
2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-10 13:35]
.
2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-05-10 13:35]
.
2013-09-23 c:\windows\Tasks\Recovery DVD Creator.job
- c:\program files\Packard Bell\SetupMyPc\MCDCheck.exe [2007-01-04 16:34]
.
2013-09-23 c:\windows\Tasks\Utökad garanti.job
- c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2007-01-04 16:38]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
uSearchAssistant = hxxp://www.google.com
TCP: DhcpNameServer = 80.251.201.177 80.251.201.178
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Toolbar-Locked - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Picasa2 - c:\program files\Picasa2\Uninstall.exe
AddRemove-VLC media player - c:\users\Kaniii\VLC\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-23 11:12
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
c:\programdata\DatacardService\HWDeviceService.exe
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\windows\System32\snmp.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
c:\windows\system32\conime.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Connect Manager\Bin\zLoggingDaemon.exe
c:\program files\Connect Manager\Bin\zConnectionManager.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
c:\program files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2013-09-23 11:28:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-23 09:28
ComboFix2.txt 2012-09-20 21:07
.
Před spuštěním: 96 562 282 496 byte ledigt
Po spuštění: 99 993 788 416 byte ledigt
.
- - End Of File - - B3562A0A96EE37FDB9E862458F708BAC
5C616939100B85E558DA92B899A0FC36