Avast nalezl win32 malware-gen

[gemars]

Ahoj, prosím pomoc.
Malwarebytes se nepodařilo úspěšně nainstalovat. pc pročištěn od ccleaneru, ale furt nic, zde log od hijackthis: (p.s. google mi hlásil už před napadením na všech pc v síti podezřelou aktivitu a chce po mě ověření, že nejsem robot)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:57:24, on 11.5.2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

FIREFOX: 29.0.1 (cs)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\DOMA\Dokumenty\Stažené soubory\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.toggle.com/?lang=en&cid=adfaa7a7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.toggle.com/?lang=en&cid=adfaa7a7&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Toggle Helper Object - {49502A6F-10AD-4EC1-8028-062D8CC5CC7F} - C:\Program Files\Toggle\toggle\1.8.18.5\bh\toggle.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Toggle Toolbar - {87E90E67-8655-4548-B037-03BA1158A487} - C:\Program Files\Toggle\toggle\1.8.18.5\toggleTlbr.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [tsiVideo] rundll32.exe C:\DOCUME~1\DOMA\LOCALS~1\Temp\\mdi064.dll,runme
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlé spuštění aplikace HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7113 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[gemars]

průvodce instalací malwarebytes vypsal následující chybu 3x během instalace: Expression error 'Runtime Error (at 57:177): External exception E06D7363.' A na konci instalace Runtime Error (at 49:252): External exception E06D7363. a hned na to Expression error 'Runtime Error (at 35:89): External exception E06D7363.'

Program se nespustil s následujícím hlášením:
AppName: mbam.exe AppVer: 1.0.0.500 ModName: msvcr100.dll
ModVer: 10.0.40219.325 Offset: 0008d6fd

a zde soubor náležející ke zpávě.

<?xml version="1.0" encoding="UTF-16"?>
<DATABASE>
<EXE NAME="mbam.exe" FILTER="GRABMI_FILTER_PRIVACY">
<MATCHING_FILE NAME="7z.dll" SIZE="920888" CHECKSUM="0xF83A3024" BIN_FILE_VERSION="9.20.0.0" BIN_PRODUCT_VERSION="9.20.0.0" PRODUCT_VERSION="9.20" FILE_DESCRIPTION="7z Standalone Plugin" COMPANY_NAME="Igor Pavlov" PRODUCT_NAME="7-Zip" FILE_VERSION="9.20" ORIGINAL_FILENAME="7za.dll" INTERNAL_NAME="7za" LEGAL_COPYRIGHT="Copyright (c) 1999-2010 Igor Pavlov" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEE742" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="9.20.0.0" UPTO_BIN_PRODUCT_VERSION="9.20.0.0" LINK_DATE="11/18/2010 16:27:29" UPTO_LINK_DATE="11/18/2010 16:27:29" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="atl100.dll" SIZE="138552" CHECKSUM="0x9AE032FC" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="ATL Module for Windows" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 10" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="ATL100.DLL" INTERNAL_NAME="ATL100.DLL" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x237F2" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:01:23" UPTO_LINK_DATE="06/11/2011 01:01:23" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbam.dll" SIZE="578872" CHECKSUM="0xF91E7A98" BIN_FILE_VERSION="0.4.64.0" BIN_PRODUCT_VERSION="0.4.64.0" PRODUCT_VERSION="0.4.64" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="0.4.64" ORIGINAL_FILENAME="mbam.dll" INTERNAL_NAME="mbam.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x986E1" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="0.4.64.0" UPTO_BIN_PRODUCT_VERSION="0.4.64.0" LINK_DATE="02/21/2014 02:05:54" UPTO_LINK_DATE="02/21/2014 02:05:54" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbam.exe" SIZE="6963512" CHECKSUM="0xDE929A05" BIN_FILE_VERSION="1.0.0.500" BIN_PRODUCT_VERSION="1.0.0.500" PRODUCT_VERSION="1.0.0.500" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="1.0.0.500" ORIGINAL_FILENAME="mbam.exe" INTERNAL_NAME="mbam.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x6ADFCF" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.0.0.500" UPTO_BIN_PRODUCT_VERSION="1.0.0.500" LINK_DATE="04/03/2014 16:35:46" UPTO_LINK_DATE="04/03/2014 16:35:46" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamcore.dll" SIZE="1675064" CHECKSUM="0x5856A06D" BIN_FILE_VERSION="0.6.7.0" BIN_PRODUCT_VERSION="0.6.7.0" PRODUCT_VERSION="0.6.7" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="0.6.7" ORIGINAL_FILENAME="mbamcore.dll" INTERNAL_NAME="mbamcore.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1A583C" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="0.6.7.0" UPTO_BIN_PRODUCT_VERSION="0.6.7.0" LINK_DATE="03/04/2014 15:08:05" UPTO_LINK_DATE="03/04/2014 15:08:05" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamext.dll" SIZE="99128" CHECKSUM="0x5C86D204" BIN_FILE_VERSION="2.1.4.0" BIN_PRODUCT_VERSION="2.1.4.0" PRODUCT_VERSION="2.1.4.0" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.1.4.0" ORIGINAL_FILENAME="mbamext.dll" INTERNAL_NAME="mbamext.dll" LEGAL_COPYRIGHT="(c) Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x2383A" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.1.4.0" UPTO_BIN_PRODUCT_VERSION="2.1.4.0" LINK_DATE="01/29/2014 17:35:27" UPTO_LINK_DATE="01/29/2014 17:35:27" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbampt.exe" SIZE="39736" CHECKSUM="0xB0E8AE1" BIN_FILE_VERSION="0.3.2.0" BIN_PRODUCT_VERSION="0.3.2.0" PRODUCT_VERSION="0.3.2" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="0.3.2" ORIGINAL_FILENAME="mbampt.exe" INTERNAL_NAME="mbampt.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x12599" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="0.3.2.0" UPTO_BIN_PRODUCT_VERSION="0.3.2.0" LINK_DATE="07/23/2013 20:36:26" UPTO_LINK_DATE="07/23/2013 20:36:26" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamscheduler.exe" SIZE="1809720" CHECKSUM="0xC98267FD" BIN_FILE_VERSION="2.0.23.0" BIN_PRODUCT_VERSION="2.0.23.0" PRODUCT_VERSION="2.0.23" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.23" ORIGINAL_FILENAME="mbamscheduler.exe" INTERNAL_NAME="mbamscheduler.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x1BDD3B" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.23.0" UPTO_BIN_PRODUCT_VERSION="2.0.23.0" LINK_DATE="02/05/2014 19:43:58" UPTO_LINK_DATE="02/05/2014 19:43:58" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamservice.exe" SIZE="857912" CHECKSUM="0x86B5FF68" BIN_FILE_VERSION="2.1.9.0" BIN_PRODUCT_VERSION="2.1.9.0" PRODUCT_VERSION="2.1.9" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.1.9" ORIGINAL_FILENAME="mbamservice.exe" INTERNAL_NAME="mbamservice.exe" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xDD3F4" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.1.9.0" UPTO_BIN_PRODUCT_VERSION="2.1.9.0" LINK_DATE="02/20/2014 15:05:27" UPTO_LINK_DATE="02/20/2014 15:05:27" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="mbamsrv.dll" SIZE="4434744" CHECKSUM="0xCC40E3A7" BIN_FILE_VERSION="0.2.10.1" BIN_PRODUCT_VERSION="0.2.10.1" PRODUCT_VERSION="0.2.10.1" FILE_DESCRIPTION="Malwarebytes Anti-Malware" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="0.2.10.1" ORIGINAL_FILENAME="mbamsrv.dll" INTERNAL_NAME="mbamsrv.dll" LEGAL_COPYRIGHT="© Malwarebytes Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x0" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x440FD7" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="0.2.10.1" UPTO_BIN_PRODUCT_VERSION="0.2.10.1" LINK_DATE="04/01/2014 16:28:12" UPTO_LINK_DATE="04/01/2014 16:28:12" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="msvcp100.dll" SIZE="421688" CHECKSUM="0x3660E406" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2010" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="msvcp100.dll" INTERNAL_NAME="msvcp100.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x6B75D" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:00:49" UPTO_LINK_DATE="06/11/2011 01:00:49" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="msvcr100.dll" SIZE="774456" CHECKSUM="0x6AD18B2" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2010" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="msvcr100_clr0400.dll" INTERNAL_NAME="msvcr100_clr0400.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xC7F07" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:00:14" UPTO_LINK_DATE="06/11/2011 01:00:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="QtCore4.dll" SIZE="2732856" CHECKSUM="0xB8BCAC7" BIN_FILE_VERSION="4.8.4.0" BIN_PRODUCT_VERSION="4.8.4.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt4" FILE_VERSION="4.8.4.0" ORIGINAL_FILENAME="QtCore4.dll" LEGAL_COPYRIGHT="Copyright (C) 2012 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x2A2552" LINKER_VERSION="0x40054" UPTO_BIN_FILE_VERSION="4.8.4.0" UPTO_BIN_PRODUCT_VERSION="4.8.4.0" LINK_DATE="03/04/2013 23:27:52" UPTO_LINK_DATE="03/04/2013 23:27:52" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="QtGui4.dll" SIZE="8575288" CHECKSUM="0xD4979177" BIN_FILE_VERSION="4.8.4.0" BIN_PRODUCT_VERSION="4.8.4.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt4" FILE_VERSION="4.8.4.0" ORIGINAL_FILENAME="QtGui4.dll" LEGAL_COPYRIGHT="Copyright (C) 2012 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0x836C1F" LINKER_VERSION="0x40054" UPTO_BIN_FILE_VERSION="4.8.4.0" UPTO_BIN_PRODUCT_VERSION="4.8.4.0" LINK_DATE="03/04/2013 23:38:47" UPTO_LINK_DATE="03/04/2013 23:38:47" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="QtNetwork4.dll" SIZE="909112" CHECKSUM="0x4F5FB8E0" BIN_FILE_VERSION="4.8.4.0" BIN_PRODUCT_VERSION="4.8.4.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt4" FILE_VERSION="4.8.4.0" ORIGINAL_FILENAME="QtNetwork4.dll" LEGAL_COPYRIGHT="Copyright (C) 2012 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xEB192" LINKER_VERSION="0x40054" UPTO_BIN_FILE_VERSION="4.8.4.0" UPTO_BIN_PRODUCT_VERSION="4.8.4.0" LINK_DATE="06/14/2013 16:06:26" UPTO_LINK_DATE="06/14/2013 16:06:26" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="unins000.exe" SIZE="719828" CHECKSUM="0x74E346D8" BIN_FILE_VERSION="51.52.0.0" BIN_PRODUCT_VERSION="0.0.0.0" FILE_DESCRIPTION="Setup/Uninstall" FILE_VERSION="51.52.0.0" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0x0" LINKER_VERSION="0x60000" UPTO_BIN_FILE_VERSION="51.52.0.0" UPTO_BIN_PRODUCT_VERSION="0.0.0.0" LINK_DATE="06/19/1992 22:22:17" UPTO_LINK_DATE="06/19/1992 22:22:17" VER_LANGUAGE="Jazykově neutrální [0x0]" />
<MATCHING_FILE NAME="Chameleon\Windows\firefox.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\iexplore.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\mbam-chameleon.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\mbam-killer.exe" SIZE="1180984" CHECKSUM="0x3B829A76" MODULE_TYPE="WIN32" PE_CHECKSUM="0x127292" LINKER_VERSION="0x0" LINK_DATE="02/18/2014 23:26:15" UPTO_LINK_DATE="02/18/2014 23:26:15" />
<MATCHING_FILE NAME="Chameleon\Windows\rundll32.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\svchost.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\windows.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Chameleon\Windows\winlogon.exe" SIZE="742200" CHECKSUM="0x5673449D" BIN_FILE_VERSION="2.0.26.0" BIN_PRODUCT_VERSION="2.0.26.0" PRODUCT_VERSION="2.0.26" FILE_DESCRIPTION="Chameleon" COMPANY_NAME="MalwareBytes" PRODUCT_NAME="Malwarebytes Anti-Malware" FILE_VERSION="2.0.26" ORIGINAL_FILENAME="mbam-chameleon.exe" INTERNAL_NAME="mbam-chameleon.exe" LEGAL_COPYRIGHT="Copyright (C) 2013" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xBFB02" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="2.0.26.0" UPTO_BIN_PRODUCT_VERSION="2.0.26.0" LINK_DATE="03/04/2014 05:27:06" UPTO_LINK_DATE="03/04/2014 05:27:06" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="imageformats\qgif4.dll" SIZE="32568" CHECKSUM="0x7BB220B7" BIN_FILE_VERSION="4.8.4.0" BIN_PRODUCT_VERSION="4.8.4.0" FILE_DESCRIPTION="C++ application development framework." COMPANY_NAME="Digia Plc and/or its subsidiary(-ies)" PRODUCT_NAME="Qt4" FILE_VERSION="4.8.4.0" ORIGINAL_FILENAME="qgif4.dll" LEGAL_COPYRIGHT="Copyright (C) 2012 Digia Plc and/or its subsidiary(-ies)." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x4" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xC94C" LINKER_VERSION="0x40054" UPTO_BIN_FILE_VERSION="4.8.4.0" UPTO_BIN_PRODUCT_VERSION="4.8.4.0" LINK_DATE="04/29/2013 20:05:47" UPTO_LINK_DATE="04/29/2013 20:05:47" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
<MATCHING_FILE NAME="Plugins\fixdamage.exe" SIZE="821560" CHECKSUM="0x4F144EEC" BIN_FILE_VERSION="1.1.0.1010" BIN_PRODUCT_VERSION="1.1.0.1010" PRODUCT_VERSION="1.1.0.1010" FILE_DESCRIPTION="fixdamage" COMPANY_NAME="Malwarebytes Corporation" PRODUCT_NAME="fixdamage.exe" FILE_VERSION="1.1.0.1010" ORIGINAL_FILENAME="fixdamage.exe" INTERNAL_NAME="fixdamage.exe" LEGAL_COPYRIGHT="Copyright (C) Malwarebytes Corporation 2012" VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x1" MODULE_TYPE="WIN32" PE_CHECKSUM="0xD2E49" LINKER_VERSION="0x0" UPTO_BIN_FILE_VERSION="1.1.0.1010" UPTO_BIN_PRODUCT_VERSION="1.1.0.1010" LINK_DATE="10/17/2013 00:41:14" UPTO_LINK_DATE="10/17/2013 00:41:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
</EXE>
<EXE NAME="MSVCR100.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="msvcr100.dll" SIZE="774456" CHECKSUM="0x6AD18B2" BIN_FILE_VERSION="10.0.40219.325" BIN_PRODUCT_VERSION="10.0.40219.325" PRODUCT_VERSION="10.00.40219.325" FILE_DESCRIPTION="Microsoft® C Runtime Library" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Microsoft® Visual Studio® 2010" FILE_VERSION="10.00.40219.325" ORIGINAL_FILENAME="msvcr100_clr0400.dll" INTERNAL_NAME="msvcr100_clr0400.dll" LEGAL_COPYRIGHT="© Microsoft Corporation. All rights reserved." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xC7F07" LINKER_VERSION="0xA0000" UPTO_BIN_FILE_VERSION="10.0.40219.325" UPTO_BIN_PRODUCT_VERSION="10.0.40219.325" LINK_DATE="06/11/2011 01:00:14" UPTO_LINK_DATE="06/11/2011 01:00:14" VER_LANGUAGE="Angličtina (Spojené státy) [0x409]" />
</EXE>
<EXE NAME="kernel32.dll" FILTER="GRABMI_FILTER_THISFILEONLY">
<MATCHING_FILE NAME="kernel32.dll" SIZE="982016" CHECKSUM="0x62CA9CF6" BIN_FILE_VERSION="5.1.2600.2180" BIN_PRODUCT_VERSION="5.1.2600.2180" PRODUCT_VERSION="5.1.2600.2180" FILE_DESCRIPTION="Windows NT BASE API Client DLL" COMPANY_NAME="Microsoft Corporation" PRODUCT_NAME="Operační systém Microsoft® Windows®" FILE_VERSION="5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)" ORIGINAL_FILENAME="kernel32" INTERNAL_NAME="kernel32" LEGAL_COPYRIGHT="© Microsoft Corporation. Všechna práva vyhrazena." VERFILEDATEHI="0x0" VERFILEDATELO="0x0" VERFILEOS="0x40004" VERFILETYPE="0x2" MODULE_TYPE="WIN32" PE_CHECKSUM="0xFEB39" LINKER_VERSION="0x50001" UPTO_BIN_FILE_VERSION="5.1.2600.2180" UPTO_BIN_PRODUCT_VERSION="5.1.2600.2180" LINK_DATE="08/17/2004 22:48:56" UPTO_LINK_DATE="08/17/2004 22:48:56" VER_LANGUAGE="Čeština [0x405]" />
</EXE>
</DATABASE>

a na závěr tohoto mi avast nahlásil dalších 47 pokusů o útok.

[gemars]

po neúspěchu s malwarebytes je zde alespoň log z Adwcleaner:
# AdwCleaner v3.207 - Report created 11/05/2014 at 15:38:10
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : DOMA - ZNOJMO-8C1BCA5A
# Running from : C:\Documents and Settings\DOMA\Dokumenty\Stažené soubory\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\DOMA\Data aplikací\Mozilla\Firefox\Profiles\7kohwnvb.default\searchplugins\Askcom.xml
File Found : C:\Documents and Settings\DOMA\Data aplikací\Mozilla\Firefox\Profiles\7kohwnvb.default\user.js
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\DOMA\Data aplikací\Mozilla\Firefox\Profiles\7kohwnvb.default\Extensions\toolbar@ask.com
Folder Found : C:\Documents and Settings\DOMA\Local Settings\Data aplikací\AskToolbar
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Documents and Settings\DOMA\Data aplikací\Mozilla\Firefox\Profiles\7kohwnvb.default\prefs.js ]

Line Found : user_pref("browser.search.defaultengine", "Ask.com");
Line Found : user_pref("browser.search.order.1", "Ask.com");
Line Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Found : user_pref("extensions.toggle.srchPrvdr", "Search the web (toggle)");

-\\ Google Chrome v34.0.1847.131

[ File : C:\Documents and Settings\DOMA\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8345 octets] - [11/05/2014 15:38:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8405 octets] ##########

[Orcus]

MBAM zkus instalovat v nouzovém režimu.

====================================================

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Smazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[tworums]

Na Windows XP musíš nainstalovat starší Malwarebytes, verzi 1.75 třeba. Nejnovější verze tam háže tyto chyby které zmiňuješ.
A doporučuju odinstalovat nejnovější verzi pomocí daného uninstalátoru k Mbam, než nainstaluješ tu starší.

[jaro3]

mbam-clean.exe
http://www.malwarebytes.org/mbam-clean.exe

zkus ho přejmenovat na nějaký systémový proces např. jako winlogon.exe atd. a pak spustit.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.