Výpadky internetu

Zpráva

Anomiki · #1 Příspěvek od **Anomiki** » 20 dub 2014 22:25

Dobrý den, chtěl bych požádat o pomoc. Najednou mi začal neustále vypadávat internet. Přes mobil nebo notebook internet funguje. Počítač sem projel pomocí programu AdvanceSystemCare a ještě i Microsoft Security Essentials. Výpadek trvá většinou 2-10 sekund. Někdy téměř každou minutu jindy jednou za hodinu a už opravdu nevím co stím. Neví někdo co bych měl zkusit ?
Předem moc děkuju

#2 Příspěvek od **Márty84** » 20 dub 2014 22:52

Zdravim

Anomiki píše:Neví někdo co bych měl zkusit ?

V prve rade odinstalovat Advanced SystemCare. To dokaze nadelat vic skody nez uzitku

Pak vyzkouset, jestli to vypadava i v nouzovem rezimu s praci v siti.

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=130786

Anomiki · #3 Příspěvek od **Anomiki** » 20 dub 2014 23:08

AdvanceSystemCare sem odinstaloval. Internet vypadává i v Nouzovém režimu se sítí.

A zde log :
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2014-04-21 00:04:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 469 GB (77%) free of 610 GB
Total RAM: 2943 MB (66% free)

#4 Příspěvek od **Márty84** » 20 dub 2014 23:12

Odinstalujte vse od IObit, pokud tam jeste neco mate.

Ten log musi byt cely, tenhle kousek mi toho moc nerekne

Anomiki · #5 Příspěvek od **Anomiki** » 20 dub 2014 23:15

Pardon nějak se to seklo tak sem myslel že to je celý

Tady to je :

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2014-04-21 00:14:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 469 GB (77%) free of 610 GB
Total RAM: 2943 MB (56% free)

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{855F3B16-6D32-4FE6-8A56-BBB695989046}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
{EEE6C35B-6118-11DC-9C72-001320C79847}
{4924fded-cb88-443f-9d2d-75bf1043dccc}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-08-28 1486848]
""= []
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs [2013-12-04 559]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstall ... er=9.0.872 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"MKLOL"=C:\Program Files\MKJogo\MKLOL\MK.exe [2014-04-18 1107144]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wi3c8a~1\datamngr\datamngr.dll c:\progra~1\wi3c8a~1\datamngr\iebho.dll c:\progra~1\google\google~4\go36f4~1.dll c:\progra~1\bandoo\bndhook.dll ile㗮㋰ࠀ瓱*"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"vidc.yv12"=yv12vfw.dll
"vidc.MPG4"=MPG4c32.dll
"vidc.MP42"=MPG4c32.dll
"vidc.MP43"=MPG4c32.dll
"msacm.msaudio1"=msaud32.acm
"msacm.siren"=sirenacm.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"VIDC.FMVC"=fmcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-04-21 00:04:41 ----D---- C:\rsit
2014-04-21 00:04:41 ----D---- C:\Program Files\trend micro
2014-04-21 00:00:37 ----A---- C:\Windows\ntbtlog.txt
2014-04-20 23:01:21 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 23:01:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-20 23:00:59 ----D---- C:\ProgramData\Malwarebytes
2014-04-20 23:00:59 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-04-20 23:00:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-04-20 23:00:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-04-20 22:50:56 ----D---- C:\_OTM
2014-04-19 13:11:40 ----D---- C:\Program Files\Razer
2014-04-19 13:11:38 ----D---- C:\ProgramData\Razer
2014-04-14 18:06:47 ----A---- C:\Windows\system32\wininet.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\jsproxy.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\dxtrans.dll
2014-04-14 18:06:47 ----A---- C:\Windows\system32\dxtmsft.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\urlmon.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\msrating.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\mshtml.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\msfeeds.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieUnatt.exe
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieui.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\iertutil.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieframe.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-04-14 18:06:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-04-14 18:06:45 ----A---- C:\Windows\system32\vbscript.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-14 18:06:45 ----A---- C:\Windows\system32\jscript9diag.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\jscript9.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\iesetup.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\iernonce.dll
2014-04-14 18:06:45 ----A---- C:\Windows\system32\ie4uinit.exe
2014-04-13 19:48:19 ----D---- C:\Users\Jakub\AppData\Roaming\Hive Cluster
2014-04-13 14:07:45 ----D---- C:\Program Files\The Binding of Isaac
2014-04-11 12:02:46 ----D---- C:\Program Files\Microsoft Security Client
2014-04-09 22:52:15 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-09 22:52:15 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-09 22:52:15 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-09 22:52:15 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-09 22:52:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-09 22:48:46 ----A---- C:\Windows\system32\kernel32.dll
2014-04-09 20:13:29 ----D---- C:\Program Files\BestGameEver
2014-03-31 18:33:08 ----A---- C:\Windows\system32\msonpmon.dll
2014-03-31 18:30:05 ----D---- C:\Program Files\Microsoft Works
2014-03-31 18:29:20 ----D---- C:\Program Files\Microsoft Visual Studio
2014-03-31 18:29:20 ----D---- C:\Program Files\Common Files\DESIGNER
2014-03-31 18:22:44 ----D---- C:\Program Files\Microsoft Visual Studio 8
2014-03-31 18:20:58 ----D---- C:\ProgramData\Microsoft Help
2014-03-31 18:19:32 ----RHD---- C:\MSOCache
2014-03-31 17:44:24 ----D---- C:\Program Files\DAEMON Tools Lite

======List of files/folders modified in the last 1 month======

2014-04-21 00:14:08 ----D---- C:\Windows\Temp
2014-04-21 00:12:55 ----D---- C:\Windows\Prefetch
2014-04-21 00:10:54 ----D---- C:\Windows\system32\drivers
2014-04-21 00:10:54 ----D---- C:\Windows\System32
2014-04-21 00:10:50 ----D---- C:\Windows\system32\Tasks
2014-04-21 00:08:38 ----D---- C:\Users\Jakub\AppData\Roaming\Seznam.cz
2014-04-21 00:06:16 ----D---- C:\Windows\system32\config
2014-04-21 00:04:41 ----RD---- C:\Program Files
2014-04-21 00:00:37 ----D---- C:\Windows
2014-04-20 23:57:02 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2014-04-20 23:56:16 ----D---- C:\Windows\Tasks
2014-04-20 23:16:29 ----D---- C:\Windows\Speech
2014-04-20 23:15:31 ----D---- C:\Program Files\Common Files\Spigot
2014-04-20 23:15:30 ----D---- C:\Windows\inf
2014-04-20 23:00:59 ----HD---- C:\ProgramData
2014-04-20 22:55:04 ----D---- C:\Windows\system32\catroot2
2014-04-20 22:51:08 ----D---- C:\Windows\system32\drivers\etc
2014-04-20 22:40:58 ----SHD---- C:\Windows\Installer
2014-04-20 22:40:57 ----SHD---- C:\Config.Msi
2014-04-20 22:40:12 ----SHD---- C:\System Volume Information
2014-04-20 22:28:17 ----D---- C:\Windows\system32\NDF
2014-04-20 09:30:11 ----D---- C:\Users\Jakub\AppData\Roaming\uTorrent
2014-04-19 23:55:44 ----D---- C:\Users\Jakub\AppData\Roaming\vlc
2014-04-19 14:18:18 ----D---- C:\Windows\SoftwareDistribution
2014-04-19 14:11:43 ----D---- C:\Windows\debug
2014-04-16 20:54:45 ----D---- C:\Windows\rescache
2014-04-15 08:27:26 ----D---- C:\ProgramData\ProductData
2014-04-15 08:26:13 ----D---- C:\Windows\winsxs
2014-04-15 02:52:57 ----D---- C:\Windows\system32\cs-CZ
2014-04-15 02:52:57 ----D---- C:\Windows\PolicyDefinitions
2014-04-15 02:52:56 ----D---- C:\Windows\system32\en-US
2014-04-15 02:52:56 ----D---- C:\Program Files\Internet Explorer
2014-04-14 18:06:44 ----D---- C:\Windows\system32\catroot
2014-04-13 13:17:28 ----D---- C:\Windows\Microsoft.NET
2014-04-13 13:17:26 ----RSD---- C:\Windows\assembly
2014-04-12 09:15:13 ----D---- C:\Windows\system32\DriverStore
2014-04-11 12:29:24 ----D---- C:\Windows\Minidump
2014-04-11 12:29:15 ----D---- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2014-04-11 12:02:48 ----SD---- C:\ProgramData\Microsoft
2014-04-11 12:01:21 ----HD---- C:\Program Files\InstallShield Installation Information
2014-04-11 11:59:24 ----D---- C:\Program Files\Autodesk
2014-04-11 11:58:02 ----D---- C:\Program Files\Common Files
2014-04-11 11:51:19 ----D---- C:\ProgramData\Autodesk
2014-04-11 11:44:31 ----D---- C:\Users\Jakub\AppData\Roaming\Autodesk
2014-04-11 11:44:30 ----RSD---- C:\Windows\Fonts
2014-04-11 11:35:46 ----D---- C:\Program Files\Common Files\Adobe
2014-04-11 10:49:51 ----D---- C:\ProgramData\Adobe
2014-04-11 10:47:55 ----D---- C:\Users\Jakub\AppData\Roaming\Adobe
2014-04-11 10:47:12 ----D---- C:\Program Files\Adobe
2014-04-10 03:03:07 ----D---- C:\Windows\system32\MRT
2014-04-10 03:01:14 ----A---- C:\Windows\system32\MRT.exe
2014-04-08 22:53:53 ----D---- C:\temp
2014-04-04 15:31:10 ----D---- C:\Program Files\Microsoft Office
2014-04-01 06:11:59 ----A---- C:\Windows\win.ini
2014-04-01 06:11:57 ----D---- C:\Program Files\Common Files\System
2014-03-31 21:17:45 ----D---- C:\Program Files\Common Files\microsoft shared
2014-03-31 18:54:18 ----SD---- C:\Users\Jakub\AppData\Roaming\Microsoft
2014-03-31 18:29:53 ----D---- C:\Program Files\MSBuild
2014-03-31 18:29:16 ----D---- C:\Windows\ShellNew
2014-03-31 18:28:26 ----D---- C:\Program Files\Microsoft.NET
2014-03-31 17:46:30 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-03-27 18:56:07 ----D---- C:\ProgramData\IObit

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-31 320120]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 MpKsl8d4e1bda;MpKsl8d4e1bda; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsl8d4e1bda.sys [2014-04-21 39464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-11-22 83872]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-11-22 25888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-03-09 1501696]
R3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [2009-12-22 18136]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2005-08-10 50688]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\Windows\System32\drivers\sfvfs02.sys [2005-11-03 63488]
S1 MpKsldb75f26c;MpKsldb75f26c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys [2014-04-20 39464]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2004-10-25 21664]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 49664]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-05-21 13224]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-05-21 25512]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\Windows\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 rt2870;Belkin 802.11n USB Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\rt2870.sys [2008-10-29 644096]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-11-23 49664]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 dgdersvc;Device Error Recovery Service; C:\Windows\system32\dgdersvc.exe [2009-12-22 95568]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-12-22 217088]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2010-06-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2010-06-04 214864]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-08 711112]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate1cac9dd563a9e30;Služba Google Update (gupdate1cac9dd563a9e30); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 RzKLService;RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-03-11 1044816]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-04-14 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#6 Příspěvek od **Márty84** » 20 dub 2014 23:26

Co jste provadel s OTM?

Vidim tam MBAM. Nasel neco pri kompletni kontrole?

Anomiki · #7 Příspěvek od **Anomiki** » 20 dub 2014 23:30

OTM MBAM ? No už sem hledal na internetu nějaké rady jak na to a něco sem zkoušel. A jestli to MBAM je Malwerbyte tak ten našel 10 souborů a dal sem je odstranit.

#8 Příspěvek od **Márty84** » 20 dub 2014 23:35

Zkopirujte mi sem skript, ktery jste pouzil pro OTM.

A spustte znovu MBAM a v zalozce protokoly najdete vysledek posledniho testu, nechte si ho zobrazit a obsah sem taky zkopirujte, abych videl, co nasel.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Anomiki · #9 Příspěvek od **Anomiki** » 20 dub 2014 23:51

Zde je script pro OTM :
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"QuickTime Task"=-
"iTunesHelper"=-
"StartCCC"=-
"AMD AVT"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-

:services
AdobeARMservice
BBUpdate
BBSvc
SkypeUpdate
AdobeFlashPlayerUpdateSvc
gusvc
McComponentHostService

:commands
[RESETHOSTS]
[Purity]
[EMPTYTEMP]
[EMPTYFLASH]

MBAM poslední kontrola :

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 20.4.2014
Scan Time: 23:15:27
Logfile: protokoly.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.20.07
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Jakub

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 265078
Time Elapsed: 13 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0D7562AE-8EF6-416d-A838-AB665251703A}, Quarantined, [0196e64686f5f64092b2041223df16ea],
PUP.Optional.SearchQu, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Quarantined, [9ff89696e39864d26d7db36624de57a9],
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Quarantined, [9ff89696e39864d26d7db36624de57a9],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Quarantined, [e7b04eded6a578beadbdd07d51b1c23e],
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\facemoods.com, Quarantined, [0295ed3f166537ffd3be0b661be74ab6],
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ihflimipbcaljfnojhhknppphnnciiif, Quarantined, [d4c3d458e99257dfff91adc4b74b6b95],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\poheodfamflhhhdcmjfeggbgigeefaco, Quarantined, [efa81c104734b284482a363d837f9f61],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, Quarantined, [9205a3896b10db5be7dcb0e58e75cc34],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Quarantined, [a3f42efe9be0c4727250b9dcde2559a7],
PUP.Optional.FaceMoods.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\facemoods.com, Quarantined, [8b0c84a8473464d2e4aefe73d42e7090],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [c4d389a3a0db4bebab36204dfc069e62],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Quarantined, [1a7d85a79ae12b0bc1164b4bb74cd22e],

Registry Values: 9
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Searchqu Toolbar, Quarantined, [9ff89696e39864d26d7db36624de57a9]
PUP.Optional.uTorrenToolBar.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}, Quarantined, [c3d463c97b0039fd8348c253d1316e92],
PUP.Optional.uTorrenToolBar.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}, Quarantined, [c3d463c97b0039fd8348c253d1316e92],
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}, Quarantined, [8c0b8ba1c2b93204271cff177191ed13],
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, facemoods Toolbar, Quarantined, [8c0b8ba1c2b93204271cff177191ed13]
PUP.Optional.SearchQu, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{99079a25-328f-4bd4-be04-00955acaa0a7}, Quarantined, [dcbbe24a5f1c65d19654a67352b08779],
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://start.facemoods.com/?a=ironto&f=2, Quarantined, [1d7a79b3d7a461d58510b4bd27dbe917]
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@bettersurfplus.com, C:\Program Files\BetterSurf\BetterSurfPlus\ff, Quarantined, [42555cd03d3e70c61ccafc7b55ad19e7]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-2460206527-1493759754-90791392-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {DCBDC970-7FC0-11DF-8973-00158305947A}, Quarantined, [1a7d85a79ae12b0bc1164b4bb74cd22e]

Registry Data: 1
PUP.Optional.FaceMoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://start.facemoods.com/?a=ironto&s= ... Terms}&f=4, Good: (http://www.google.com), Bad: (http://start.facemoods.com/?a=ironto&s= ... Terms}&f=4),Replaced,[dcbb83a93f3cab8b0b8ae04a6d97f20e]

Folders: 7
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy\7CAF92C25C894725BD7C6EAAABA4F78E, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy\7DA00514A5F841AAA721273A1696CD48, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy\D810D28B5A104B75A11BD06CE0D4C5D1, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Res, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],

Files: 18
Malware.Trace, C:\Windows\inf\ntvdm.inf, Quarantined, [069138f4a2d9e84ebc67564113f017e9],
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy\7CAF92C25C894725BD7C6EAAABA4F78E\chrometest.html, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy\7DA00514A5F841AAA721273A1696CD48\chrometest3.html, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.OpenCandy, C:\Users\Jakub\AppData\Roaming\OpenCandy\D810D28B5A104B75A11BD06CE0D4C5D1\avg_tuht_stf_cs_2014_206_CZ.exe, Quarantined, [fe99a983c9b2f6402043342be022ee12],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\config.ini, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ff.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ie.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ff.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ie.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1031.ini, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1033.ini, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1034.ini, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1036.ini, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],
PUP.Optional.Spigot.A, C:\Program Files\Common Files\Spigot\Search Settings\Lang\res1040.ini, Quarantined, [8a0d3af2c2b959ddd6ba71f9de24827e],

Physical Sectors: 0
(No malicious items detected)

(end)

A nakonec AdwCleaner :

# AdwCleaner v3.023 - Report created 21/04/2014 at 00:47:28
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Jakub - JAKUB-PC
# Running from : C:\Users\Jakub\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Bandoo
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\uniblue
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\Windows iLivid Toolbar
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Windows\system32\AI_RecycleBin
Folder Deleted : C:\Users\Jakub\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Jakub\AppData\Local\PackageAware
Folder Deleted : C:\Users\Jakub\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Jakub\AppData\LocalLow\Musicbario
File Deleted : C:\Windows\system32\bandoolmx.dll

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCoordinator.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_microsoft-office-word-viewer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_microsoft-office-word-viewer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_microsoft-powerpoint-viewer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_microsoft-powerpoint-viewer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5ECE72D9-C65E-4A16-A1D8-623DE9E95CEF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4924FDED-CB88-443F-9D2D-75BF1043DCCC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4924FDED-CB88-443F-9D2D-75BF1043DCCC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4924FDED-CB88-443F-9D2D-75BF1043DCCC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{4924FDED-CB88-443F-9D2D-75BF1043DCCC}]
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Musicbario
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Bandoo
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Musicbario
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\wi3c8a~1\datamngr\datamngr.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\wi3c8a~1\datamngr\iebho.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\bandoo\bndhook.dll
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [15064 octets] - [21/04/2014 00:46:51]
AdwCleaner[S0].txt - [15011 octets] - [21/04/2014 00:47:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15072 octets] ##########

#10 Příspěvek od **Márty84** » 21 dub 2014 07:25

Ten skript pro OTM jste si sepsal sam?

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Anomiki · #11 Příspěvek od **Anomiki** » 21 dub 2014 11:32

No jak sem psal už sem s tím zkoušel něco dělat a hledal sem nějakou pomoc. Ten skript sem já nenapsal to je nad moje možnosti

a vlastně je přímo váš. Někdo tady měl podobný problém, ale pak se to nějak nevyřešilo, takže sem došel jen k tomu. Jinak restart proběhl a počítač normálně pracoval a žádné (osobní) soubory nebyly smazány. Internet ale pořád vypadává, připadá mi ale že se zrychlil.

Zde je log :

ComboFix 14-04-20.01 - Jakub 21.04.2014 12:13:13.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2943.1593 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Readme.txt
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\logs
c:\windows\system32\logs\Game - R3d Logs\2013-06-19T22-51-11_r3dlog.txt
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-21 do 2014-04-21 )))))))))))))))))))))))))))))))
.
.
2014-04-21 10:21 . 2014-04-21 10:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-21 10:21 . 2014-04-21 10:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-21 10:02 . 2014-04-21 10:02 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsl61e326e8.sys
2014-04-20 22:46 . 2014-04-20 22:47 -------- d-----w- C:\AdwCleaner
2014-04-20 22:04 . 2014-04-20 22:14 -------- d-----w- c:\program files\trend micro
2014-04-20 22:04 . 2014-04-20 22:13 -------- d-----w- C:\rsit
2014-04-20 21:07 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\mpengine.dll
2014-04-20 21:01 . 2014-04-20 22:38 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 21:01 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-20 21:00 . 2014-04-20 21:01 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-20 21:00 . 2014-04-20 21:00 -------- d-----w- c:\programdata\Malwarebytes
2014-04-20 21:00 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-20 21:00 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-20 20:50 . 2014-04-20 20:50 -------- d-----w- C:\_OTM
2014-04-19 11:59 . 2014-04-11 10:07 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-19 11:59 . 2014-04-11 10:07 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F829B361-5A45-43BA-89E0-EC159E000F72}\gapaengine.dll
2014-04-19 11:58 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-19 11:12 . 2014-04-19 11:38 -------- d-----w- c:\users\Jakub\AppData\Local\Razer
2014-04-19 11:11 . 2014-04-19 11:38 -------- d-----w- c:\program files\Razer
2014-04-19 11:11 . 2014-04-19 11:38 -------- d-----w- c:\programdata\Razer
2014-04-13 17:48 . 2014-04-13 17:48 -------- d-----w- c:\users\Jakub\AppData\Roaming\Hive Cluster
2014-04-13 12:07 . 2014-04-13 12:07 -------- d-----w- c:\program files\The Binding of Isaac
2014-04-11 10:02 . 2014-04-11 10:03 -------- d-----w- c:\program files\Microsoft Security Client
2014-04-09 20:52 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 20:52 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 20:52 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 20:52 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 20:52 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-09 18:13 . 2014-04-09 18:13 -------- d-----w- c:\program files\BestGameEver
2014-03-31 19:16 . 2014-03-31 19:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-03-31 16:33 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2014-03-31 16:33 . 2009-02-27 01:42 31640 ----a-w- c:\windows\system32\msonpmon.dll
2014-03-31 16:30 . 2014-03-31 19:17 -------- d-----w- c:\program files\Microsoft Works
2014-03-31 16:22 . 2014-03-31 16:22 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2014-03-31 16:21 . 2014-03-31 16:21 -------- d-----w- c:\users\Jakub\AppData\Local\Microsoft Help
2014-03-31 16:20 . 2014-04-10 01:04 -------- d-----w- c:\programdata\Microsoft Help
2014-03-31 16:19 . 2014-03-31 16:19 -------- d-----r- C:\MSOCache
2014-03-31 15:44 . 2014-03-31 15:44 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 15:45 . 2010-04-23 16:40 320120 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-03-11 23:24 . 2014-03-01 11:18 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-11 23:24 . 2013-08-23 00:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 07:52 . 2014-03-11 07:52 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-07 04:35 . 2014-04-11 08:15 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C78EF8CF-C5A2-47D5-B4EE-1342D6155711}\mpengine.dll
2014-02-17 12:41 . 2013-07-08 09:01 24384 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-02-07 01:07 . 2014-03-12 11:21 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 11:21 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 11:23 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 11:21 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 11:22 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-24 23:19 . 2014-01-24 23:19 231960 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"MKLOL"="c:\program files\MKJogo\MKLOL\MK.exe" [2014-04-18 1107144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 1486848]
"Printsrv"="c:\windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs" [2013-12-04 559]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.872" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"UVS10 Preload"=c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
.
R1 MpKsldb75f26c;MpKsldb75f26c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys [2014-04-20 39464]
R2 gupdate1cac9dd563a9e30;Služba Google Update (gupdate1cac9dd563a9e30);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 RzKLService;RzKLService;c:\program files\Razer\Razer Game Booster\RzKLService.exe [x]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-05-21 13224]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-14 108032]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 25112]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-11-23 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-11-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 MpKsl61e326e8;MpKsl61e326e8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsl61e326e8.sys [2014-04-21 39464]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-12-22 217088]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-03-09 1501696]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 22:36 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 16:32]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9}: NameServer = 217.77.165.81 217.77.161.131
TCP: Interfaces\{C41D5A94-13E6-4703-B67A-62416F999917}: NameServer = 217.77.165.81 217.77.161.131
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{10921475-03CE-4E04-90CE-E2E7EF20C814} - c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-SkyDriveSetup.exe - c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveSetup.exe
AddRemove-uTorrent - c:\program files\uTorrent\uTorrent.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\AUDIODG.EXE
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-04-21 12:27:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-21 10:27
.
Před spuštěním: Volných bajtů: 491 185 573 888
Po spuštění: Volných bajtů: 491 090 669 568
.
- - End Of File - - CA2AF01C0D8B7E447BDB1DF3882E1AE0
A36C5E4F47E84449FF07ED3517B43A31

#12 Příspěvek od **Márty84** » 21 dub 2014 11:46

Tak to mate stesti, ze jste si system neposkodil! Na kazdy pc se pise jiny skript, mohlo v nem byt i neco, co by vasemu pc vubec neprospelo.

Presunte ComboFix na plochu

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-
"MKLOL"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"=-
"UVS10 Preload"=-

RegLock::
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Driver::
gupdate1cac9dd563a9e30
LiveUpdateSvc
vToolbarUpdater13.2.0
c2cautoupdatesvc
c2cpnrsvc

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Anomiki · #13 Příspěvek od **Anomiki** » 21 dub 2014 12:02

Takže hotovo, restart neproběhl, jinak děkuji že mi pomáháte

Zde je log :

ComboFix 14-04-20.01 - Jakub 21.04.2014 12:51:49.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2943.1480 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Downloads\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-21 do 2014-04-21 )))))))))))))))))))))))))))))))
.
.
2014-04-21 10:59 . 2014-04-21 10:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-04-21 10:59 . 2014-04-21 10:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-21 10:02 . 2014-04-21 10:02 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsl61e326e8.sys
2014-04-20 22:46 . 2014-04-20 22:47 -------- d-----w- C:\AdwCleaner
2014-04-20 22:04 . 2014-04-20 22:14 -------- d-----w- c:\program files\trend micro
2014-04-20 22:04 . 2014-04-20 22:13 -------- d-----w- C:\rsit
2014-04-20 21:07 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\mpengine.dll
2014-04-20 21:01 . 2014-04-20 22:38 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-20 21:01 . 2014-04-03 07:51 73432 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-04-20 21:00 . 2014-04-20 21:01 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-04-20 21:00 . 2014-04-20 21:00 -------- d-----w- c:\programdata\Malwarebytes
2014-04-20 21:00 . 2014-04-03 07:51 51416 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-04-20 21:00 . 2014-04-03 07:50 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-04-20 20:50 . 2014-04-20 20:50 -------- d-----w- C:\_OTM
2014-04-19 11:59 . 2014-04-11 10:07 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-19 11:59 . 2014-04-11 10:07 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F829B361-5A45-43BA-89E0-EC159E000F72}\gapaengine.dll
2014-04-19 11:58 . 2014-04-16 09:25 8050496 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-19 11:12 . 2014-04-19 11:38 -------- d-----w- c:\users\Jakub\AppData\Local\Razer
2014-04-19 11:11 . 2014-04-19 11:38 -------- d-----w- c:\program files\Razer
2014-04-19 11:11 . 2014-04-19 11:38 -------- d-----w- c:\programdata\Razer
2014-04-13 17:48 . 2014-04-13 17:48 -------- d-----w- c:\users\Jakub\AppData\Roaming\Hive Cluster
2014-04-13 12:07 . 2014-04-13 12:07 -------- d-----w- c:\program files\The Binding of Isaac
2014-04-11 10:02 . 2014-04-11 10:03 -------- d-----w- c:\program files\Microsoft Security Client
2014-04-11 08:15 . 2014-03-07 04:35 7969936 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C78EF8CF-C5A2-47D5-B4EE-1342D6155711}\mpengine.dll
2014-04-09 20:52 . 2014-02-04 02:07 149440 ----a-w- c:\windows\system32\drivers\storport.sys
2014-04-09 20:52 . 2014-02-04 02:07 234432 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-04-09 20:52 . 2014-02-04 02:07 27072 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-04-09 20:52 . 2014-02-04 02:00 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-04-09 20:52 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-04-09 18:13 . 2014-04-09 18:13 -------- d-----w- c:\program files\BestGameEver
2014-03-31 19:16 . 2014-03-31 19:16 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-03-31 16:33 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2014-03-31 16:33 . 2009-02-27 01:42 31640 ----a-w- c:\windows\system32\msonpmon.dll
2014-03-31 16:30 . 2014-03-31 19:17 -------- d-----w- c:\program files\Microsoft Works
2014-03-31 16:22 . 2014-03-31 16:22 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2014-03-31 16:21 . 2014-03-31 16:21 -------- d-----w- c:\users\Jakub\AppData\Local\Microsoft Help
2014-03-31 16:20 . 2014-04-10 01:04 -------- d-----w- c:\programdata\Microsoft Help
2014-03-31 16:19 . 2014-03-31 16:19 -------- d-----r- C:\MSOCache
2014-03-31 15:44 . 2014-03-31 15:44 -------- d-----w- c:\program files\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-31 15:45 . 2010-04-23 16:40 320120 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-03-11 23:24 . 2014-03-01 11:18 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-11 23:24 . 2013-08-23 00:15 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-11 07:52 . 2014-03-11 07:52 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-17 12:41 . 2013-07-08 09:01 24384 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2014-02-07 01:07 . 2014-03-12 11:21 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 11:21 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 11:23 509440 ----a-w- c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 11:21 381440 ----a-w- c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 11:22 185344 ----a-w- c:\windows\system32\wwansvc.dll
2014-01-24 23:19 . 2014-01-24 23:19 231960 ----a-w- c:\windows\system32\drivers\MpFilter.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-08-21 18:19 222832 ---ha-w- c:\users\Jakub\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"="c:\users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"MKLOL"="c:\program files\MKJogo\MKLOL\MK.exe" [2014-04-18 1107144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 1486848]
"Printsrv"="c:\windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs" [2013-12-04 559]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstall ... er=9.0.872" [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"UVS10 Preload"=c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe
.
R1 MpKsldb75f26c;MpKsldb75f26c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsldb75f26c.sys [2014-04-20 39464]
R2 gupdate1cac9dd563a9e30;Služba Google Update (gupdate1cac9dd563a9e30);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 133104]
R2 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
R2 RzKLService;RzKLService;c:\program files\Razer\Razer Game Booster\RzKLService.exe [x]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2011-07-12 102784]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2011-07-12 11136]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-05-21 13224]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2011-07-12 89856]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [2011-07-12 26624]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [2011-07-12 182272]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-14 108032]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 25112]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\DRIVERS\massfilter.sys [2008-12-08 7680]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-11-23 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 100224]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-11-23 49664]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-07 1343400]
R3 ZTEusbnet;ZTE USB-NDIS miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2008-12-08 110080]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 MpKsl61e326e8;MpKsl61e326e8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E00FCA90-8912-4471-86D4-C84B279C5B02}\MpKsl61e326e8.sys [2014-04-21 39464]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2009-12-22 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-12-22 217088]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [2010-03-09 1501696]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2009-12-22 18136]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-12-22 36640]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-08-17 1077760]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 22:36 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 16:32]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-22 16:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{193D7CE4-0F3E-4A7A-A4E1-D365391AA1A9}: NameServer = 217.77.165.81 217.77.161.131
TCP: Interfaces\{C41D5A94-13E6-4703-B67A-62416F999917}: NameServer = 217.77.165.81 217.77.161.131
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0010\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0011\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-04-21 13:00:44
ComboFix-quarantined-files.txt 2014-04-21 11:00
ComboFix2.txt 2014-04-21 10:27
.
Před spuštěním: Volných bajtů: 491 187 019 776
Po spuštění: Volných bajtů: 491 137 540 096
.
- - End Of File - - BEAA8905C30A248662A3E34D34432C7B
A36C5E4F47E84449FF07ED3517B43A31

#14 Příspěvek od **Márty84** » 21 dub 2014 12:49

Jasne ze restart neprobehl, kdyz CF nemazal. Nebyl totiz na plose.

Anomiki píše:Spuštěný z: c:\users\Jakub\Downloads\Desktop\ComboFix.exe

On musi byt primo na plose, stejne jako ten CFScript

Anomiki · #15 Příspěvek od **Anomiki** » 21 dub 2014 12:51

? Ale já to mám přímo na ploše.

VIRY.CZ

Výpadky internetu

Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu

Re: Výpadky internetu