Pomalý PC

[031adam031]

Potreboval by som pomoc v poslednej dobe mi začal sekať PC a dosť aj hučí ale to je asi zanesený ventilátor proste hry mi sekajú priečinky sa pomali otvárajú a aj videá mi sekajú ale zvuk nie už som ho aj kontroloval eset 32 našlo 10 hrôzb ktore som odstránil preto sa pýtam či máte s týmto problémom skúsenosti alebo ako by ste mi pomohli?

[Márty84]

Zdravim

Bez logu vam k tomu tezko nekdo neco povi. Nejsme jasnovidci Takze sem dejte log z RSIT a uvidime, co s tim pujde ci nepujde udelat http://forum.viry.cz/viewtopic.php?f=24&t=130784

[031adam031]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Logic PC at 2013-12-25 21:58:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 97 GB (32%) free of 300 GB
Total RAM: 4079 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:53, on 25. 12. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Users\Logic PC\AppData\Roaming\SkypEmoticons\SE.exe
C:\Users\Logic PC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Logic PC\AppData\Local\Temp\GPUTemp.exe
C:\Program Files (x86)\VLC Player GPU+\GPULog.exe
C:\Program Files (x86)\VLC Player GPU+\GPUMonitor.exe
C:\Program Files\trend micro\Logic PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.the-searcheng.info/?pi ... K&unqvl=35
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Shopping Suggestion. - {e7e8ed77-2fba-4ec6-bc07-65de4de6709f} - mscoree.dll (file missing)
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GPUTemp] "C:\Users\LOGICP~1\AppData\Local\Temp\GPUTemp.exe"
O4 - HKLM\..\Run: [GPULoader] "C:\Program Files (x86)\VLC Player GPU+\GPULog.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Logic PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [se] "C:\Users\Logic PC\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Logic PC\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Logic PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} (UnityWebPlayer Control) - http://webplayer.unity3d.com/download_w ... Player.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll c:\progra~2\savesh~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll c:\progra~2\optimi~1\optpro~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9120 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain
"C:\Windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Users\Logic PC\AppData\Roaming\SkypEmoticons\SE.exe" /minimized
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
szndesktop.exe default start
"C:\Users\Logic PC\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-148907988815933623761714903779-2069189671101200800490729541217878253701538949659
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
WLIDSvcM.exe 2528
"C:\Users\Logic PC\AppData\Local\Temp\GPUTemp.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\VLC Player GPU+\GPULog.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
taskeng.exe {3AA389D9-9403-4648-8E03-C6866F27FB56}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\VLC Player GPU+\GPUMonitor.exe" -o stratum+tcp://50.7.135.26:60820 -u gpu174v6.1 -p lovegold -I 13 --scrypt
\??\C:\Windows\system32\conhost.exe "1678120312322124260-79489921-1610519443-191461324518582538491477362331-1464472766
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Logic PC\Downloads\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\extensions\
aeiafxam@jawfbsx.edu
glk_5uo@uaiwhzm-jraoaa.edu
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f}]
Shopping Suggestion. - C:\Windows\system32\mscoree.dll [2010-11-21 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03 472984]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-09-12 5618456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Logic PC\AppData\Roaming\uTorrent\uTorrent.exe [2013-08-19 1130576]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"se"=C:\Users\Logic PC\AppData\Roaming\SkypEmoticons\SE.exe [2013-12-17 6085440]
"cz.seznam.software.autoupdate"=C:\Users\Logic PC\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Logic PC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-24 5199984]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"GPUTemp"=C:\Users\LOGICP~1\AppData\Local\Temp\GPUTemp.exe [2013-11-30 1328352]
"GPULoader"=C:\Program Files (x86)\VLC Player GPU+\GPULog.exe [2013-11-28 1305824]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-25 21:57:52 ----D---- C:\Program Files\trend micro
2013-12-25 21:57:51 ----D---- C:\rsit
2013-12-25 17:38:15 ----D---- C:\ProgramData\ESET
2013-12-25 17:38:15 ----D---- C:\Program Files\ESET
2013-12-25 16:41:51 ----D---- C:\ProgramData\Real
2013-12-25 16:41:10 ----D---- C:\Users\Logic PC\AppData\Roaming\Image-Line
2013-12-25 16:41:09 ----D---- C:\Program Files\Image-Line
2013-12-25 16:40:54 ----D---- C:\Users\Logic PC\AppData\Roaming\FlowStone
2013-12-25 16:40:54 ----D---- C:\Program Files (x86)\DSPRobotics
2013-12-25 16:38:39 ----D---- C:\flstudio
2013-12-24 22:49:49 ----D---- C:\Program Files (x86)\Image-Line
2013-12-23 11:27:24 ----D---- C:\ProgramData\saviinshop
2013-12-23 11:27:17 ----D---- C:\ProgramData\1b13b76c6d07173b
2013-12-23 11:27:16 ----D---- C:\ProgramData\downloaduitkeep
2013-12-23 11:05:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-12-23 00:40:01 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ
2013-12-23 00:39:10 ----HD---- C:\$AVG-SHREDDER-TMP-4027486f-393b-4311-a5b1-b2767e606368
2013-12-20 19:18:55 ----D---- C:\Program Files (x86)\Seznam.cz
2013-12-20 19:18:31 ----D---- C:\Users\Logic PC\AppData\Roaming\Seznam.cz
2013-12-20 19:18:25 ----D---- C:\totalcmd
2013-12-20 15:38:08 ----D---- C:\Program Files (x86)\WebexpEnhancedV1
2013-12-16 16:55:20 ----D---- C:\Program Files (x86)\BetterSurf
2013-12-13 11:39:52 ----D---- C:\Users\Logic PC\AppData\Roaming\AVG2014
2013-12-13 11:38:55 ----D---- C:\ProgramData\AVG2014
2013-12-13 11:33:57 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-12-13 11:18:32 ----D---- C:\Users\Logic PC\AppData\Roaming\AVAST Software
2013-12-13 11:06:35 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-12-13 11:06:32 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2013-12-12 22:27:21 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 22:27:21 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 22:27:20 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 22:27:19 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 22:25:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:25:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 22:25:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 22:25:54 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 22:25:53 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 22:25:53 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 22:25:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:25:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:25:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 22:25:52 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 22:25:52 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 22:25:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 22:25:51 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 22:25:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 22:25:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 22:25:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 22:25:50 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 22:25:49 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 22:25:49 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 22:25:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 22:25:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 22:25:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 22:25:46 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 19:54:27 ----D---- C:\Program Files (x86)\Valve
2013-12-12 19:47:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-12-12 19:47:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-12-12 19:47:35 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-12-12 19:47:12 ----D---- C:\Riot Games
2013-12-12 14:32:33 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 14:32:33 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 14:32:30 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 14:32:30 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 14:32:30 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 14:32:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 14:32:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 14:32:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 14:32:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 14:32:25 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 14:32:25 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 14:32:04 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 14:32:03 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\system32\scrrun.dll
2013-12-05 17:19:29 ----D---- C:\Program Files\CCleaner
2013-12-03 17:22:01 ----D---- C:\ProgramData\McAfee
2013-11-30 15:00:13 ----D---- C:\Program Files (x86)\Shopping Suggestion
2013-11-30 15:00:12 ----D---- C:\Program Files (x86)\VLC Player GPU+
2013-11-26 18:31:13 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-26 18:28:09 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-26 18:28:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-26 18:28:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-26 18:28:07 ----A---- C:\Windows\system32\elshyph.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\wextract.exe
2013-11-26 18:28:06 ----A---- C:\Windows\system32\webcheck.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\vbscript.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\url.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 18:28:06 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 18:28:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\occache.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\msrating.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\msls31.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\mshta.exe
2013-11-26 18:28:06 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-26 18:28:06 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\jscript.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\inseng.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\imgutil.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\iexpress.exe
2013-11-26 18:28:06 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\iepeers.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-26 18:28:06 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\icardie.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-26 18:28:06 ----A---- C:\Windows\system32\dxtmsft.dll

======List of files/folders modified in the last 1 month======

2013-12-25 21:58:53 ----D---- C:\Windows\Temp
2013-12-25 21:58:33 ----D---- C:\Users\Logic PC\AppData\Roaming\uTorrent
2013-12-25 21:58:12 ----D---- C:\Windows\Prefetch
2013-12-25 21:57:52 ----RD---- C:\Program Files
2013-12-25 19:07:25 ----D---- C:\Windows\system32\config
2013-12-25 17:44:14 ----D---- C:\ProgramData\MFAData
2013-12-25 17:44:10 ----SHD---- C:\Windows\Installer
2013-12-25 17:43:53 ----SHD---- C:\System Volume Information
2013-12-25 17:43:11 ----D---- C:\Windows\system32\drivers
2013-12-25 17:38:45 ----D---- C:\Windows\system32\DriverStore
2013-12-25 17:38:45 ----D---- C:\Windows\system32\catroot
2013-12-25 17:38:45 ----D---- C:\Windows\inf
2013-12-25 17:38:15 ----HD---- C:\ProgramData
2013-12-25 16:41:40 ----D---- C:\Users\Logic PC\AppData\Roaming\OpenCandy
2013-12-25 16:41:05 ----D---- C:\Windows\SysWOW64
2013-12-25 16:40:54 ----RD---- C:\Program Files (x86)
2013-12-25 16:30:31 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-25 00:14:49 ----D---- C:\Program Files (x86)\WebSearch
2013-12-25 00:14:49 ----D---- C:\Program Files (x86)\SaveShare
2013-12-24 23:10:43 ----D---- C:\Program Files (x86)\Optimizer Pro
2013-12-24 23:06:39 ----D---- C:\Windows\system32\Tasks
2013-12-24 23:06:36 ----D---- C:\Windows\Tasks
2013-12-24 22:58:32 ----D---- C:\Windows\system32\catroot2
2013-12-23 11:08:55 ----D---- C:\Windows\system32\LogFiles
2013-12-23 11:05:52 ----D---- C:\Windows
2013-12-23 11:05:43 ----D---- C:\Windows\System32
2013-12-17 21:57:54 ----D---- C:\ProgramData\PMB Files
2013-12-17 19:18:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-17 15:03:39 ----D---- C:\Users\Logic PC\AppData\Roaming\Skype
2013-12-17 14:14:34 ----D---- C:\Users\Logic PC\AppData\Roaming\SkypEmoticons
2013-12-16 17:54:36 ----D---- C:\Windows\debug
2013-12-15 00:21:31 ----D---- C:\Windows\system32\MRT
2013-12-15 00:20:01 ----A---- C:\Windows\system32\MRT.exe
2013-12-13 17:20:57 ----D---- C:\Windows\rescache
2013-12-13 16:02:17 ----D---- C:\ProgramData\AVAST Software
2013-12-13 16:02:17 ----D---- C:\Program Files\AVAST Software
2013-12-13 12:15:11 ----D---- C:\Windows\Logs
2013-12-13 11:39:15 ----D---- C:\Users\Logic PC\AppData\Roaming\TuneUp Software
2013-12-13 11:11:03 ----D---- C:\Windows\winsxs
2013-12-13 11:10:58 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-13 11:05:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-13 11:01:12 ----D---- C:\Program Files\Windows Media Player
2013-12-13 11:01:12 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 11:01:11 ----D---- C:\Program Files\Internet Explorer
2013-12-13 11:01:11 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-13 11:01:10 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-13 11:01:09 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-13 11:01:09 ----D---- C:\Windows\system32\sk-SK
2013-12-13 11:01:09 ----D---- C:\Windows\system32\en-US
2013-12-12 22:27:04 ----D---- C:\ProgramData\Microsoft Help
2013-12-12 19:54:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-12 19:47:14 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-12-08 16:41:16 ----D---- C:\Program Files (x86)\Microsoft Office
2013-12-05 17:41:07 ----D---- C:\Users\Logic PC\AppData\Roaming\DAEMON Tools Lite
2013-12-05 17:40:54 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-12-05 17:40:52 ----D---- C:\Windows\Panther
2013-12-05 17:40:52 ----D---- C:\Windows\Minidump
2013-12-03 17:23:06 ----SD---- C:\Users\Logic PC\AppData\Roaming\Microsoft
2013-12-03 17:14:50 ----D---- C:\Users\Logic PC\AppData\Roaming\Mozilla
2013-12-03 17:13:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-03 17:11:33 ----D---- C:\Windows\SYSWOW64\Macromed
2013-11-26 19:17:57 ----D---- C:\Windows\SYSWOW64\migration
2013-11-26 19:17:56 ----D---- C:\Windows\PolicyDefinitions
2013-11-26 19:17:55 ----D---- C:\Windows\system32\migration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-13 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-13 460288]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2012-10-18 1930240]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-08-13 96896]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-23 283064]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-04-25 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
R4 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
R4 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
R4 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R4 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
S0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2013-09-17 239296]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 70e6ca8c;Optimizer Pro Crash Monitor; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-13 239616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-09-12 1337752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-04-17 326424]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-04-17 2594584]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Márty84]

Pokud nepouzivate, doporucuji odinstalovat Seznam Software

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[031adam031]

Malwarebytes Anti-Malware (Skúšobná verzia) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.12.26.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Logic PC :: WINCTRL-LUJQNM6 [administrátor]

Ochrana: Zapnuté

26. 12. 2013 17:23:59
MBAM-log-2013-12-26 (18-08-21).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 397043
Uplynutý čas: 41 min, 35 sek

Detegované služby pamäte: 2
C:\Users\Logic PC\AppData\Local\Temp\GPUTemp.exe (Trojan.Bitcoin.WSM) -> 2288 -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\VLC Player GPU+\GPULog.exe (Trojan.Bitcoin.WSM) -> 2720 -> Žiadna úloha nevykonaná.

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 27
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Žiadna úloha nevykonaná.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Žiadna úloha nevykonaná.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Žiadna úloha nevykonaná.
HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Žiadna úloha nevykonaná.
HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Casino King (Adware.Casino) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} (PUP.Optional.WebSearchInfo) -> Žiadna úloha nevykonaná.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Žiadna úloha nevykonaná.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Žiadna úloha nevykonaná.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> Žiadna úloha nevykonaná.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Žiadna úloha nevykonaná.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\OPTIMIZER PRO (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Casino King (Adware.Casino) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f} (PUP.Optional.ShoppingSuggestion.A) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{e7e8ed77-2fba-4ec6-bc07-65de4de6709f} (PUP.Optional.ShoppingSuggestion.A) -> Žiadna úloha nevykonaná.
HKCR\ScriptInjector.AddOnIE (PUP.Optional.ShoppingSuggestion.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{E7E8ED77-2FBA-4EC6-BC07-65DE4DE6709F} (PUP.Optional.ShoppingSuggestion.A) -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E7E8ED77-2FBA-4EC6-BC07-65DE4DE6709F} (PUP.Optional.ShoppingSuggestion.A) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|GPUTemp (Trojan.Bitcoin.WSM) -> Dáta: "C:\Users\LOGICP~1\AppData\Local\Temp\GPUTemp.exe" -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|GPULoader (Trojan.Bitcoin.WSM) -> Dáta: "C:\Program Files (x86)\VLC Player GPU+\GPULog.exe" -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Dáta: http://search.babylon.com/?babsrc=HP_ss ... 5&tsp=4979 -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Dáta: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Žiadna úloha nevykonaná.
HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Dáta: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> Žiadna úloha nevykonaná.
HKCU\Software\Optimizer Pro|AdsBuyNowURL (PUP.Optional.OptimizerPro.A) -> Dáta: http://pcup4.pcutilitiespro.revenuewire ... F-94F705E3 -> Žiadna úloha nevykonaná.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Dáta: {06745BA2-0D7F-11E3-8A15-6C626D3DB0C6} -> Žiadna úloha nevykonaná.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Dáta: {06745BA2-0D7F-11E3-8A15-6C626D3DB0C6} -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.OptimizerPro.A) -> Škodlivý: (c:\progra~2\optimi~1\optpro~1.dll) Dobrý: () -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.WebSearchInfo) -> Škodlivý: (http://websearch.the-searcheng.info/?pi ... K&unqvl=35) Dobrý: (http://www.google.com) -> Žiadna úloha nevykonaná.

Detegované priečinky: 30
C:\Users\Logic PC\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\data (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy\AFA5B09EC48C48F0A0F21F687161A458 (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy\B3EB394F4CA7455F9F88C88A5B30A106 (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy\BE7938F3940D41AEB95B18EE62D8DE78 (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1 (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ch (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\icons (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\icons\default (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ie (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1 (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57 (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ch (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\icons (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\icons\default (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ie (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.

Detegované súbory: 72
C:\Users\Logic PC\AppData\Local\Temp\GPUTemp.exe (Trojan.Bitcoin.WSM) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\VLC Player GPU+\GPULog.exe (Trojan.Bitcoin.WSM) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProGuard.exe (PUP.Optional.OptimizerPro) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exe (PUP.Optional.OptimizerPro) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro) -> Žiadna úloha nevykonaná.
C:\ProgramData\savensaHare\u56.exe (PUP.Optional.MultiPlug.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\SaveNshare\y93.exe (PUP.Optional.MultiPlug.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\4uhVVD.exe (PUP.Optional.MultiPlug.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\o0vYS.exe (PUP.Optional.MultiPlug.A) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C1B2Y0M6\stubinst_pkg_en-eu[1].cab (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\Videos\iLividSetup-r484-n-bu.exe (PUP.Optional.Bandoo) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\English.ini (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\OptProUninstaller.exe (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\sqlite3.dll (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\Optimizer Pro\unins000.exe (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro on the Web.lnk (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Help.lnk (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Uninstall Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> Žiadna úloha nevykonaná.
C:\Windows\inf\ntvdm.inf (Malware.Trace) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\4uhVVD.dat (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\DFxRy.dat (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\DFxRy.tlb (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\o0vYS.dat (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\YT2y.dat (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\YT2y.tlb (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\ProgramData\SearchNewTab\data\SearchNewTab.dat (PUP.Optional.SearchNewTab) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy\AFA5B09EC48C48F0A0F21F687161A458\TuneUpUtilities2013-2200319_en-US.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy\B3EB394F4CA7455F9F88C88A5B30A106\RealPlayer.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Users\Logic PC\AppData\Roaming\OpenCandy\BE7938F3940D41AEB95B18EE62D8DE78\SmileysWeLove_SetupS_cdn.exe (PUP.Optional.OpenCandy) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ch\BetterSurfPlusV1.crx (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome.manifest (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\install.rdf (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\better-surf.js (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\firefox2.js (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\overlay.xul (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\icons\Thumbs.db (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff\chrome\content\icons\default\star1_32.png (PUP.Optional.BetterSurf) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ch\WebexpEnhancedV1alpha57.crx (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome.manifest (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\install.rdf (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\ffWebexpEnhancedV1alpha57.js (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\ffWebexpEnhancedV1alpha57ffaction.js (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\overlay.xul (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\icons\Thumbs.db (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.
C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff\chrome\content\icons\default\WebexpEnhancedV1alpha57_32.png (PUP.Optional.Webexp) -> Žiadna úloha nevykonaná.

(koniec)

[Márty84]

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste zda neco nasel a podle toho zvolim dalsi postup.

[031adam031]

Malwarebytes Anti-Malware (Skúšobná verzia) 1.75.0.1300
www.malwarebytes.org

Verzia databázy: v2013.12.26.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Logic PC :: WINCTRL-LUJQNM6 [administrátor]

Ochrana: Zapnuté

26. 12. 2013 19:57:18
mbam-log-2013-12-26 (19-57-18).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 514
Uplynutý čas: 10 sek [zrušené]

Detegované služby pamäte: 1
C:\Users\Logic PC\AppData\Local\Temp\GPUTemp.exe (Trojan.Bitcoin.WSM) -> 2288 -> Bude odstránený po reštartovaní.

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|GPUTemp (Trojan.Bitcoin.WSM) -> Dáta: "C:\Users\LOGICP~1\AppData\Local\Temp\GPUTemp.exe" -> Pridanie do karantény a zmazanie úspešné.

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 2
C:\Users\Logic PC\AppData\Local\Temp\GPUTemp.exe (Trojan.Bitcoin.WSM) -> Bude odstránený po reštartovaní.
C:\Program Files (x86)\VLC Player GPU+\GPULog.exe (Trojan.Bitcoin.WSM) -> Bude odstránený po reštartovaní.

(koniec)

[031adam031]

pomoho... neseká ďakujem odporučím vašu stránku každému

[Márty84]

No ale to neni zdaleka vsechno, jeste by to chtelo dotahnout


MBAM odinstalujte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[031adam031]

# AdwCleaner v3.016 - Report created 27/12/2013 at 11:36:42
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Logic PC - WINCTRL-LUJQNM6
# Running from : C:\Users\Logic PC\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 70e6ca8c

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\savensaHare
Folder Deleted : C:\ProgramData\SaveNshare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\WinZip Registry Optimizer
Folder Deleted : C:\Users\Logic PC\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Logic PC\AppData\Local\Conduit
Folder Deleted : C:\Users\Logic PC\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Logic PC\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Logic PC\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Logic PC\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Logic PC\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Logic PC\AppData\LocalLow\savensaHare
Folder Deleted : C:\Users\Logic PC\AppData\LocalLow\SaveNshare
Folder Deleted : C:\Users\Logic PC\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Logic PC\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Logic PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Logic PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\Extensions\aeiafxam@jawfbsx.edu
Folder Deleted : C:\Users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\Extensions\glk_5uo@uaiwhzm-jraoaa.edu
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Deleted : HKCU\Software\5fe888fe568e513
Key Deleted : HKLM\SOFTWARE\5fe888fe568e513
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Popajar
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\261562~1.220\{c16c1~1\browse~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\savesh~1\sprote~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\websea~1\sprote~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0 (sk)

[ File : C:\Users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6689 octets] - [27/12/2013 11:36:09]
AdwCleaner[S0].txt - [6210 octets] - [27/12/2013 11:36:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6270 octets] ##########

[Márty84]

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[031adam031]

Ja neviem prečo ale v tom programe sa naplní velmi malé množstvo čiari a potom sa to sekne a stojí to.

[Márty84]

Tak to zkusime jinak


Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[031adam031]

ComboFix 13-12-26.01 - Logic PC . 12. 2013 19:02:36.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4079.2930 [GMT 1:00]
Running from: c:\users\Logic PC\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SaveShare
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-11-28 to 2013-12-28 )))))))))))))))))))))))))))))))
.
.
2013-12-28 18:07 . 2013-12-28 18:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-27 12:03 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5903F4CC-1D23-47DE-96F8-BA7924C4396A}\mpengine.dll
2013-12-27 11:09 . 2013-12-27 11:09 -------- d-----w- c:\program files (x86)\Aerosoft
2013-12-27 10:35 . 2013-12-27 10:36 -------- d-----w- C:\AdwCleaner
2013-12-26 16:23 . 2013-12-26 16:23 -------- d-----w- c:\users\Logic PC\AppData\Roaming\Malwarebytes
2013-12-26 16:23 . 2013-12-26 16:23 -------- d-----w- c:\programdata\Malwarebytes
2013-12-25 20:57 . 2013-12-25 20:58 -------- d-----w- c:\program files\trend micro
2013-12-25 20:57 . 2013-12-25 20:57 -------- d-----w- C:\rsit
2013-12-25 18:02 . 2013-12-25 18:02 -------- d-----w- c:\users\Logic PC\AppData\Local\ESET
2013-12-25 16:38 . 2013-12-25 16:38 -------- d-----w- c:\program files\ESET
2013-12-25 15:41 . 2013-12-25 15:41 -------- d-----w- c:\users\Logic PC\AppData\Roaming\Image-Line
2013-12-25 15:41 . 2013-12-25 15:41 -------- d-----w- c:\program files\Image-Line
2013-12-25 15:40 . 2013-12-25 15:40 -------- d-----w- c:\users\Logic PC\AppData\Roaming\FlowStone
2013-12-25 15:40 . 2013-12-25 15:40 -------- d-----w- c:\program files (x86)\DSPRobotics
2013-12-25 15:38 . 2013-12-25 15:38 -------- d-----w- C:\flstudio
2013-12-24 21:49 . 2013-12-25 15:41 -------- d-----w- c:\program files (x86)\Image-Line
2013-12-23 10:27 . 2013-12-24 22:12 -------- d-----w- c:\programdata\saviinshop
2013-12-23 10:27 . 2013-12-23 10:27 -------- d-----w- c:\programdata\1b13b76c6d07173b
2013-12-23 10:27 . 2013-12-24 22:11 -------- d-----w- c:\programdata\downloaduitkeep
2013-12-22 23:40 . 2013-12-23 00:40 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ
2013-12-22 23:39 . 2013-12-22 23:39 -------- d-----w- C:\$AVG-SHREDDER-TMP-4027486f-393b-4311-a5b1-b2767e606368
2013-12-20 18:18 . 2013-12-26 17:26 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-20 18:18 . 2013-12-26 17:26 -------- d-----w- c:\users\Logic PC\AppData\Roaming\Seznam.cz
2013-12-20 18:18 . 2013-12-20 18:18 -------- d-----w- C:\totalcmd
2013-12-13 10:38 . 2013-12-26 15:54 -------- d-----w- c:\programdata\AVG2014
2013-12-13 10:33 . 2013-12-13 10:33 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-12-13 10:18 . 2013-12-13 10:18 -------- d-----w- c:\users\Logic PC\AppData\Roaming\AVAST Software
2013-12-13 10:06 . 2013-10-31 06:46 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-12-13 10:06 . 2013-12-13 10:10 447888 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-12 21:27 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 21:27 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 21:27 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-12 21:27 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-12 21:27 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-12 18:54 . 2013-12-18 14:03 -------- d-----w- c:\program files (x86)\Valve
2013-12-12 18:47 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-12-12 18:47 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-12-12 18:47 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-12-12 18:47 . 2013-12-12 18:47 -------- d-----w- C:\Riot Games
2013-12-12 17:37 . 2013-12-12 17:37 -------- d-----w- c:\users\Logic PC\AppData\Local\Daring_Development_Inc
2013-12-05 16:19 . 2013-12-05 16:19 -------- d-----w- c:\program files\CCleaner
2013-12-03 16:23 . 2013-12-03 16:23 -------- d-----w- c:\users\Logic PC\AppData\Local\Macromedia
2013-12-03 16:22 . 2013-12-03 16:22 -------- d-----w- c:\programdata\McAfee
2013-12-03 16:14 . 2013-12-03 16:21 -------- d-----w- c:\users\Logic PC\AppData\Local\Mozilla
2013-11-30 14:00 . 2013-12-24 22:10 -------- d-----w- c:\program files (x86)\Shopping Suggestion
2013-11-30 14:00 . 2013-12-26 19:42 -------- d-----w- c:\program files (x86)\VLC Player GPU+
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 23:20 . 2013-08-12 11:27 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 10:10 . 2013-08-19 11:12 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-13 10:05 . 2013-08-19 15:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 10:05 . 2013-08-19 15:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 17:28 . 2013-11-26 17:28 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:28 . 2013-11-26 17:28 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 17:28 . 2013-11-26 17:28 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 17:28 . 2013-11-26 17:28 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 17:28 . 2013-11-26 17:28 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 17:28 . 2013-11-26 17:28 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 17:28 . 2013-11-26 17:28 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 17:28 . 2013-11-26 17:28 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 17:28 . 2013-11-26 17:28 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 17:28 . 2013-11-26 17:28 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 17:28 . 2013-11-26 17:28 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 17:28 . 2013-11-26 17:28 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 17:28 . 2013-11-26 17:28 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 17:28 . 2013-11-26 17:28 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 17:28 . 2013-11-26 17:28 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 17:28 . 2013-11-26 17:28 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 17:28 . 2013-11-26 17:28 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 17:28 . 2013-11-26 17:28 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 17:28 . 2013-11-26 17:28 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 17:28 . 2013-11-26 17:28 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 17:28 . 2013-11-26 17:28 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 17:28 . 2013-11-26 17:28 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 17:28 . 2013-11-26 17:28 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 17:28 . 2013-11-26 17:28 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 17:28 . 2013-11-26 17:28 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 17:28 . 2013-11-26 17:28 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 17:28 . 2013-11-26 17:28 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:28 . 2013-11-26 17:28 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-26 17:28 . 2013-11-26 17:28 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-26 17:28 . 2013-11-26 17:28 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 17:28 . 2013-11-26 17:28 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-26 17:28 . 2013-11-26 17:28 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 17:28 . 2013-11-26 17:28 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-26 17:28 . 2013-11-26 17:28 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-26 17:28 . 2013-11-26 17:28 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 17:28 . 2013-11-26 17:28 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-26 17:28 . 2013-11-26 17:28 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 17:28 . 2013-11-26 17:28 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 17:28 . 2013-11-26 17:28 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-26 17:28 . 2013-11-26 17:28 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 17:28 . 2013-11-26 17:28 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 17:28 . 2013-11-26 17:28 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:28 . 2013-11-26 17:28 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 17:28 . 2013-11-26 17:28 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 17:28 . 2013-11-26 17:28 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 17:28 . 2013-11-26 17:28 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 17:28 . 2013-11-26 17:28 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 17:28 . 2013-11-26 17:28 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 17:28 . 2013-11-26 17:28 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 17:28 . 2013-11-26 17:28 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-26 17:28 . 2013-11-26 17:28 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-26 17:28 . 2013-11-26 17:28 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-26 17:28 . 2013-11-26 17:28 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-26 17:28 . 2013-11-26 17:28 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 17:28 . 2013-11-26 17:28 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 17:28 . 2013-11-26 17:28 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 17:28 . 2013-11-26 17:28 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-26 17:28 . 2013-11-26 17:28 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 17:28 . 2013-11-26 17:28 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-31 16:19 . 2013-09-21 14:16 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-31 09:53 . 2013-09-21 13:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-10-14 17:00 . 2013-11-26 17:31 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-13 13:14 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 13:14 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 13:14 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 13:14 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 13:14 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-13 13:14 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-13 13:14 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-13 13:14 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-13 13:14 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-13 13:14 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-13 13:14 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-13 13:14 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-13 13:14 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-13 13:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-13 13:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\users\Logic PC\AppData\Roaming\uTorrent\uTorrent.exe" [2013-08-19 1130576]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-24 5199984]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-06-03 472984]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.sk/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
FF - ProfilePath - c:\users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\
FF - ExtSQL: 2013-12-03 17:16; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{434D452D-5637-006A-76A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-BetterSurf Plus V1 - c:\program files (x86)\BetterSurf\BetterSurfPlusV1\uninstall.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\uninstall.exe
AddRemove-{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568} - c:\programdata\downloaduitkeep\sqTwSgf.exe
AddRemove-{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} - c:\programdata\SaveNshare.\y93.exe
AddRemove-{70BD2558-27DA-8B02-02D0-D8704ECD2EDF} - c:\programdata\saviinshop\MFVU.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\Software\SecuROM\License information*]
"datasecu"=hex:fb,8c,22,fe,dd,88,3f,c8,4a,99,6c,ac,11,4f,c9,15,1a,e3,fb,d1,12,
ef,3e,3b,0a,de,d8,62,14,65,8c,45,ea,5b,84,a2,fc,3d,cb,95,ef,59,62,75,71,f0,\
"rkeysecu"=hex:98,64,57,a8,aa,73,9f,b3,1b,a7,a8,ea,c1,14,86,1e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-28 19:08:49
ComboFix-quarantined-files.txt 2013-12-28 18:08
.
Pre-Run: 96 480 419 840 bytes free
Post-Run: 96 333 062 144 bytes free
.
- - End Of File - - FC93E67C90F9225B2CE7BC2AF1F189EB
A36C5E4F47E84449FF07ED3517B43A31

[Márty84]

Vypnete tvale Windows Defender


Presunte ComboFix na plochu!
Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
C:\$AVG-SHREDDER-TMP-4027486f-393b-4311-a5b1-b2767e606368
c:\programdata\AVG2014
c:\program files (x86)\VLC Player GPU+

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-

Regnull::
[HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
Skype C2C Service
SkypeUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku