prosím o pomoc s odstraněním virů .

Zpráva

Jerry20Sprinta · #1 Příspěvek od **Jerry20Sprinta** » 09 dub 2013 11:27

Zdravím potřeboval bych poradit jak dostat ze svého počítače FBI money pack virus a nežádoucí certified toolbar díky moc za pomoc .
Zde je můj log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by OOH at 2013-04-09 12:25:59
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 149 GB (62%) free of 238 GB
Total RAM: 8159 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:26:01, on 9.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Origin\OriginClientService.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe
C:\Program Files\trend micro\OOH.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... =chrome&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... 959-872245
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... =chrome&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\OOH\AppData\Roaming\Complitly\Complitly.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [RoccatKone+] "C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE"
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [SpyHunter] C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13254 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=b1c6df10-fc9f-4e04-a086-5a65f96c4d28 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\55b82b05-64cc-4a5e-aed6-1e24079e823e-1bc-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {F9936431-03F7-4945-A428-0CFBF2F23246}
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe"
"C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=5eaae060-f88f-4325-ad3f-687440657329 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\19e2c810-844f-441b-8680-314ba2d8e675-b48-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Origin\OriginClientService.exe" C:/Program Files (x86)/Origin\OriginClientService.exe -args:8acVgSjSfRabllAwzsFpTJUnWqHg3ii3
taskeng.exe {D19C5B3E-EEDA-4F3F-8549-9B05ED32FCB1}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe" 譕菬⃬䖋匌墣@謐ᑅ岣@謐၅鹨ꌐ䁠က㗿䀸က䖋８౐Ū痨謀姘�萏ċ
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=5912.f212c00.1229437945 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 5912 "\\.\pipe\gecko-crash-server-pipe.5912" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --proxy-stub-channel=Flash3152.671B63D8.19849 --host-broker-channel=Flash3152.671B63D8.8221 --host-pid=3152 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe" --channel=5260.0039F5C0.1665355812 --proxy-stub-channel=Flash3152.671B63D8.19849 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\Dowload\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\OOH\AppData\Roaming\Mozilla\Firefox\Profiles\ykpq3o58.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.certified-toolbar.com?si= ... =chrome&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
Web Search.xml
wikipedia-cz.xml

C:\Users\OOH\AppData\Roaming\Mozilla\Firefox\Profiles\ykpq3o58.default\extensions\
jid1-qQSMEVsYTOjgYA@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\OOH\AppData\Roaming\Complitly\64\Complitly64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 6718864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\OOH\AppData\Roaming\Complitly\Complitly.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-07 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-07 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-02 11545192]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2013-03-26 3497552]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2012-12-11 3147384]
"RoccatKone+"=C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [2011-07-12 552960]
"RoccatIsku"=C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [2012-11-09 542560]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"SpyHunter"=C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter.exe [2007-04-26 2693248]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-02-12 6718864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-09 11:53:28 ----D---- C:\rsit
2013-04-09 11:53:28 ----D---- C:\Program Files\trend micro
2013-04-09 11:46:23 ----D---- C:\ProgramData\McAfee Security Scan
2013-04-09 11:46:19 ----D---- C:\ProgramData\McAfee
2013-04-09 11:46:18 ----D---- C:\Program Files (x86)\McAfee Security Scan
2013-04-09 11:43:45 ----D---- C:\Windows\Minidump
2013-04-08 12:42:46 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-08 12:42:40 ----A---- C:\Windows\system32\sdnclean64.exe
2013-04-08 12:42:35 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-08 12:34:08 ----D---- C:\ProgramData\Kaspersky Lab
2013-04-08 12:08:11 ----D---- C:\Program Files (x86)\Enigma Software Group
2013-04-08 12:07:33 ----D---- C:\Windows\46B04D534E344388B6EE80FAB66AEF9B.TMP
2013-04-08 11:51:45 ----A---- C:\Windows\system32\drivers\stflt.sys
2013-04-08 11:06:21 ----A---- C:\autoexec.bat
2013-04-08 11:05:28 ----D---- C:\Program Files\Enigma Software Group
2013-04-08 11:04:55 ----D---- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP
2013-04-08 00:55:54 ----D---- C:\Program Files (x86)\Toolbar Cleaner
2013-04-08 00:29:11 ----D---- C:\Program Files (x86)\Protected Search
2013-04-08 00:29:11 ----A---- C:\Windows\Launcher.exe
2013-04-08 00:29:11 ----A---- C:\SetSearchAndHomepageInBrowserLog.txt
2013-04-08 00:28:50 ----D---- C:\Program Files (x86)\Red Sky
2013-04-07 23:54:49 ----D---- C:\ProgramData\Tarma Installer
2013-04-05 14:01:29 ----A---- C:\Users\OOH\AppData\Roaming\SQLite3.dll
2013-04-05 14:01:23 ----D---- C:\Users\OOH\AppData\Roaming\Windows
2013-04-04 22:56:58 ----D---- C:\Program Files (x86)\The KMPlayer
2013-03-26 12:23:26 ----D---- C:\Users\OOH\AppData\Roaming\Canneverbe Limited
2013-03-26 12:23:26 ----D---- C:\ProgramData\Canneverbe Limited
2013-03-26 12:23:06 ----D---- C:\Program Files (x86)\CDBurnerXP
2013-03-23 02:12:02 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-03-23 02:11:53 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-22 18:16:32 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-03-22 18:16:32 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-22 18:16:32 ----A---- C:\Windows\system32\elshyph.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-22 18:16:31 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-03-22 18:16:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\wininet.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\webcheck.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\urlmon.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\url.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-22 18:16:30 ----A---- C:\Windows\system32\msrating.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\msls31.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\licmgr10.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\inseng.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\iesetup.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\iertutil.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\iernonce.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\iedkcs32.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\ieapfltr.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\ieapfltr.dat
2013-03-22 18:16:30 ----A---- C:\Windows\system32\ie4uinit.exe
2013-03-22 18:16:30 ----A---- C:\Windows\system32\icardie.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\dxtrans.dll
2013-03-22 18:16:30 ----A---- C:\Windows\system32\dxtmsft.dll
2013-03-22 18:16:29 ----A---- C:\Windows\system32\wextract.exe
2013-03-22 18:16:29 ----A---- C:\Windows\system32\vbscript.dll
2013-03-22 18:16:29 ----A---- C:\Windows\system32\mshtml.dll
2013-03-22 18:16:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-22 18:16:29 ----A---- C:\Windows\system32\iexpress.exe
2013-03-22 18:16:28 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-22 18:16:28 ----A---- C:\Windows\system32\pngfilt.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\occache.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\mshtmler.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\mshta.exe
2013-03-22 18:16:28 ----A---- C:\Windows\system32\msfeedssync.exe
2013-03-22 18:16:28 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\jscript9.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\jscript.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\imgutil.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-22 18:16:28 ----A---- C:\Windows\system32\ieui.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\iesysprep.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\iepeers.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\ieframe.dll
2013-03-22 18:16:28 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-03-21 16:27:15 ----A---- C:\Windows\system32\drivers\usb8023.sys

======List of files/folders modified in the last 1 month======

2013-04-09 12:26:01 ----D---- C:\Windows\Temp
2013-04-09 12:24:30 ----D---- C:\ProgramData\MFAData
2013-04-09 12:04:44 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2013-04-09 11:53:28 ----D---- C:\Program Files
2013-04-09 11:49:30 ----D---- C:\Windows\System32
2013-04-09 11:49:30 ----D---- C:\Windows\inf
2013-04-09 11:49:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-09 11:46:23 ----HD---- C:\ProgramData
2013-04-09 11:46:18 ----RD---- C:\Program Files (x86)
2013-04-09 11:46:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-09 11:45:47 ----D---- C:\ProgramData\Adobe
2013-04-09 11:43:45 ----D---- C:\Windows
2013-04-09 11:43:36 ----D---- C:\ProgramData\NVIDIA
2013-04-09 00:01:38 ----D---- C:\Windows\system32\config
2013-04-08 23:40:12 ----D---- C:\Windows\SysWOW64
2013-04-08 23:39:59 ----D---- C:\Windows\system32\Tasks
2013-04-08 23:38:38 ----SHD---- C:\Windows\Installer
2013-04-08 23:38:33 ----SD---- C:\Users\OOH\AppData\Roaming\Microsoft
2013-04-08 23:38:22 ----D---- C:\Windows\SYSWOW64\drivers
2013-04-08 23:38:14 ----SHD---- C:\System Volume Information
2013-04-08 22:55:19 ----D---- C:\Windows\system32\drivers
2013-04-08 12:42:44 ----SD---- C:\ProgramData\Microsoft
2013-04-08 12:02:44 ----D---- C:\Windows\system32\appmgmt
2013-04-08 11:04:54 ----D---- C:\Program Files (x86)\Common Files
2013-04-07 23:51:36 ----D---- C:\Windows\Prefetch
2013-04-06 15:24:14 ----D---- C:\Users\OOH\AppData\Roaming\TS3Client
2013-04-05 22:07:20 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-04-05 14:02:04 ----D---- C:\ProgramData\AVG2013
2013-04-04 22:51:42 ----D---- C:\Users\OOH\AppData\Roaming\vlc
2013-04-04 17:09:12 ----D---- C:\Windows\system32\catroot2
2013-04-03 18:11:28 ----D---- C:\Windows\rescache
2013-04-02 20:37:35 ----D---- C:\Users\OOH\AppData\Roaming\uTorrent
2013-03-26 13:16:27 ----D---- C:\Program Files (x86)\MSI Afterburner
2013-03-26 07:50:33 ----D---- C:\Program Files (x86)\Origin
2013-03-24 12:38:17 ----D---- C:\Program Files\EslWire
2013-03-23 03:07:35 ----D---- C:\Windows\system32\catroot
2013-03-23 02:36:33 ----D---- C:\Windows\SYSWOW64\directx
2013-03-23 02:12:21 ----D---- C:\Windows\system32\DriverStore
2013-03-22 19:14:49 ----D---- C:\Windows\winsxs
2013-03-22 19:13:56 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-03-22 19:13:56 ----D---- C:\Windows\system32\cs-CZ
2013-03-22 19:13:56 ----D---- C:\Program Files\Internet Explorer
2013-03-22 19:13:56 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-22 19:13:54 ----D---- C:\Windows\SYSWOW64\migration
2013-03-22 19:13:53 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-22 19:13:50 ----D---- C:\Windows\system32\migration
2013-03-22 19:13:50 ----D---- C:\Windows\system32\en-US
2013-03-22 19:13:50 ----D---- C:\Windows\PolicyDefinitions
2013-03-22 18:20:11 ----D---- C:\Windows\Logs
2013-03-14 05:44:08 ----D---- C:\Windows\AppPatch
2013-03-14 04:01:39 ----A---- C:\Windows\system32\MRT.exe
2013-03-12 01:10:56 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2012-11-16 111968]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2012-09-14 40800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-23 283200]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\system32\DRIVERS\ICCWDT.sys [2010-08-17 26136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-02 2536040]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 XENfiltv;XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [2009-07-31 25600]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2010-11-03 918144]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2010-12-02 915584]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2010-10-21 586880]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2011-10-19 423424]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-02-21 76888]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-03 1258856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-09 256904]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-03-05 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-03-05 79360]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-28 51727736]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-14 1255736]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 09 dub 2013 12:56

Zdravim a pekny den preji

Vas log se studuje Obrázek

a pracuje se na nem Obrázek

.
Prosim o strpeni! Obrázek

#3 Příspěvek od **vyosek** » 09 dub 2013 13:04

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Spustte tradicne dvouklikem
Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Jerry20Sprinta · #4 Příspěvek od **Jerry20Sprinta** » 09 dub 2013 22:49

Dobrý večer přeju moc se omlouvám ,ale musel sem jít na odpolední zde zasílam ty Logy a děkuji moc za pomoc .)

SC-Cleaner :

Shortcut Cleaner 1.2.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 04/09/2013 11:34:26 PM.

Scanning for registry hijacks:

* HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs "Tabs" hijacked to http://newtab.certified-toolbar.com/nie ... 959-872245

Backup Registry file created at:
C:\Users\OOH\Desktop\sc-cleaner\sc-cleaner-04-09-2013-11-34-26.reg

Searching for Hijacked Shortcuts:

Searching C:\Users\OOH\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\OOH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\OOH\Desktop

0 bad shortcuts found.

Program finished at: 04/09/2013 11:34:28 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

AdW Cleaner :

# AdwCleaner v2.200 - Log vytvooen 09/04/2013 v 23:40:30
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : OOH - OOH-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\OOH\Desktop\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Protected Search
Složka Nalezeno : C:\Program Files (x86)\Red Sky
Složka Nalezeno : C:\ProgramData\Tarma Installer
Složka Nalezeno : C:\Users\OOH\AppData\Local\DownTango
Složka Nalezeno : C:\Users\OOH\AppData\Local\PutLockerDownloader
Složka Nalezeno : C:\Users\OOH\AppData\Local\Temp\AskSearch
Složka Nalezeno : C:\Users\OOH\AppData\LocalLow\simplytech
Složka Nalezeno : C:\Users\OOH\AppData\Roaming\Mozilla\Firefox\Profiles\ykpq3o58.default\jetpack
Soubor Nalezeno : C:\END

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\Complitly
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\ad76a6098df431046ffdf41b1a2ed40a
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\Software\SimplyGen
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Tarma Installer
Klíe Nalezeno : HKU\S-1-5-21-2836483055-3734208260-2870930687-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&q=%s
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\OOH\AppData\Roaming\Mozilla\Firefox\Profiles\ykpq3o58.default\prefs.js

Nalezeno : user_pref("browser.search.defaultengine", "Web Search");
Nalezeno : user_pref("browser.search.defaultenginename", "Web Search");
Nalezeno : user_pref("browser.search.order.1", "Web Search");
Nalezeno : user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tgu[...]

*************************

AdwCleaner[R1].txt - [6397 octets] - [09/04/2013 23:40:30]

########## EOF - C:\AdwCleaner[R1].txt - [6457 octets] ##########

Junkware removal tool:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by OOH on Łt 09.04.2013 at 23:41:47,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\1clickdownload
Successfully deleted: [Registry Key] hkey_current_user\software\complitly
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\complitly.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\suggestmeyes.suggestmeyesbho
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\suggestmeyes.suggestmeyesbho.1
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0fb6a909-6086-458f-bd92-1f8ee10042a0}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0fb6a909-6086-458f-bd92-1f8ee10042a0}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

~~~ Files

Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\Windows\prefetch\APNSTUB.EXE-80E21B0A.pf
Successfully deleted: [File] C:\Windows\prefetch\ASKDIALOG.EXE-92E7D54C.pf
Successfully deleted: [File] C:\Windows\prefetch\ASKPARTNERCOBRANDINGTOOL.EXE-A0B740B1.pf
Successfully deleted: [File] C:\Windows\prefetch\ASKSLIB.EXE-ECD4150F.pf

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\OOH\appdata\local\downtango"
Successfully deleted: [Folder] "C:\Users\OOH\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files (x86)\protected search"

~~~ FireFox

Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] C:\Users\OOH\AppData\Roaming\mozilla\firefox\profiles\ykpq3o58.default\user.js
Successfully deleted: [Folder] C:\Users\OOH\AppData\Roaming\mozilla\firefox\profiles\ykpq3o58.default\jetpack
Successfully deleted: [Folder] C:\Users\OOH\AppData\Roaming\mozilla\firefox\profiles\ykpq3o58.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack
Successfully deleted the following from C:\Users\OOH\AppData\Roaming\mozilla\firefox\profiles\ykpq3o58.default\prefs.js

user_pref("browser.search.defaultengine", "Web Search");
user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.order.1", "Web Search");
user_pref("keyword.URL", "hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q=");
Emptied folder: C:\Users\OOH\AppData\Roaming\mozilla\firefox\profiles\ykpq3o58.default\minidumps [39 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 09.04.2013 at 23:47:20,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#5 Příspěvek od **vyosek** » 09 dub 2013 23:35

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Smazat
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Jerry20Sprinta · #6 Příspěvek od **Jerry20Sprinta** » 10 dub 2013 09:25

Zdravím tady zasílam ten log :

Adw cleaner

# AdwCleaner v2.200 - Log vytvooen 10/04/2013 v 10:06:45
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : OOH - OOH-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\OOH\Desktop\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Red Sky
Složka Vymazáno : C:\Users\OOH\AppData\Local\PutLockerDownloader
Složka Vymazáno : C:\Users\OOH\AppData\Local\Temp\AskSearch

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKCU\Software\ad76a6098df431046ffdf41b1a2ed40a
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Vymazáno : HKLM\Software\SimplyGen
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - (Default)] = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&q=%s --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245 --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ts=1365373749759&tguid=41460-2938-1365373722959-872245&st=chrome&q= --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\OOH\AppData\Roaming\Mozilla\Firefox\Profiles\ykpq3o58.default\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [6512 octets] - [09/04/2013 23:40:30]
AdwCleaner[S1].txt - [4909 octets] - [10/04/2013 10:06:45]

########## EOF - C:\AdwCleaner[S1].txt - [4969 octets] ##########

#7 Příspěvek od **vyosek** » 10 dub 2013 14:35

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna.

#8 Příspěvek od **vyosek** » 10 dub 2013 18:03

Na zaklade mailu tema zamykam z duvodu poruseni pravidel fora - nelegalni OS

VIRY.CZ

prosím o pomoc s odstraněním virů .

prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .

Re: prosím o pomoc s odstraněním virů .