Prosím o kontrolu logu - zpomalený web, problém s připojením

Zpráva

Rose · #1 Příspěvek od **Rose** » 03 čer 2014 07:35

Dobrý den,

obávám se zda sem nechytla po letech havěť. Nejprve problém s připojením po restartu posledních aktualizací od microsoftu - a to ten, že musím po každém restartu jít do sítová připojení a zakázat a povolit síťovku, tím se jakoby restartuje. Pak je vše OK, pokud to neudělám, tak se mi přípojí neznámá síť a dál to nejde a logicky internet nefunguje.
Router mám dlink DIR 600 a internet od netboxu, u nich bylo vše OK, a nejelo to ale ani na přímo bez routeru. Čili odhaduji že problém v routeru není.
Dnes sem možná chytla něco na netu, začalo to po snaze instalovat program brát 100 CPU a defragmentovat, proces jsem zrušila hned jak sem ho našla, asi za pár vteřin, ale asi stihl už udělat paseku, jednu knihovnu sem smazala, ale nic víc nenašla.
Poté mi jde špatně internet, některé weby se nenačtou, vše je pomalejší atd. Děkuji moc za pomoc.

Prosím moc o kontrolu logu:

Kód: Vybrat vše

Logfile of random's system information tool 1.06 (written by random/random)
Run by Nicole at 2014-06-03 08:25:33
Microsoft® Windows Vista™ Ultimate  Service Pack 2
System drive C: has 30 GB (12%) free of 239 GB
Total RAM: 3582 MB (40% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001UA.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001UA.job
C:\Windows\tasks\XoftSpySE.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
RoboForm Toolbar Helper - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2013-07-29 4868096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2013-03-19 583008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-30 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-05 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2013-07-29 4868096]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-30 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-07-07 10754664]
"LWS"=C:\Program Files\Logitech\HD Webcam C270\LWS\Webcam Software\LWS.exe [2012-09-13 204136]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-07-31 2296600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"=C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-09-20 109336]
"Google Update"=C:\Users\Nicole\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 135664]
"HDDefrag"=wscript C:\Users\Nicole\AppData\Roaming\Adobe\Flash Player\File Cache\file.vbs C:\Users\Nicole\AppData\Roaming\Adobe\Flash Player\File Cache\hddef.bat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\365dni]
C:\Program Files\365dníNET\365dniNET.exe [2007-01-06 753664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe [2010-02-13 3214272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2012-12-17 59872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
C:\PROGRA~1\AVG\AVG9\avgtray.exe [2012-01-26 2077536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Detective]
C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Nicole\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-21 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HF_G_Jul]
C:\Program Files\AVG Secure Search\HF_G_Jul.exe  /DoAction []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2012-12-17 59872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero 9\InCD\InCD.exe [2009-05-08 1116696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2013-11-02 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV]
C:\Program Files\iTV\iTV.exe [2012-01-15 669184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
C:\Windows\RaidTool\xInsIDE.exe [2007-03-21 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2009-09-01 1086760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBHGui]
C:\Program Files\Nero\Nero 9\InCD\NBHGui.exe [2009-05-08 1593880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroRebootSetup]
C:\Users\Nicole\AppData\Local\Temp\nro.tmp\SetupX.exe SC -Reboot PIINSTALLTYPE=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ReadyNAS Remote]
C:\Program Files\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe [2010-03-29 354888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_dec12]
C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe /PROMPT /CMPID=roc_dec12 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_JULY_P1]
C:\Program Files\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-11 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2013-10-31 2166552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk]
C:\PROGRA~1\Canon\IMAGEB~1\MFMANA~1.EXE [2013-01-29 69120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MI1933~1\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Nicole^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Nicole\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-05-08 32668056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Nicole^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MI1933~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL,C:\Windows\Jaksta\AC\x86\jaudcap.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-07-20 233888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVD Region+CSS Free\DVDShell.dll [2004-06-08 49152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1612582e-a9dc-11e2-a406-001a4d45a6b9}]
shell\AutoRun\command - M:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1612585d-a9dc-11e2-a406-001a4d45a6b9}]
shell\AutoRun\command - M:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24cc4b62-bf2d-11e3-8d0e-001a4d45a6b9}]
shell\AutoRun\command - M:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a69b09d0-e92a-11df-9f7d-001a4d45a6b9}]
shell\AutoRun\command - S:\Launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a69b09e6-e92a-11df-9f7d-001a4d45a6b9}]
shell\AutoRun\command - S:\Launcher.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2014-05-31 14:56:22 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-31 14:13:54 ----A---- C:\Windows\system32\shell32.dll
2014-05-31 14:13:51 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-31 14:13:51 ----A---- C:\Windows\system32\mshtml.dll
2014-05-30 23:31:43 ----A---- C:\Windows\system32\ieframe.dll
2014-05-30 23:31:42 ----A---- C:\Windows\system32\urlmon.dll
2014-05-30 23:31:42 ----A---- C:\Windows\system32\msfeeds.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\wininet.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\url.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\occache.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\mstime.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\msfeedssync.exe
2014-05-30 23:31:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\licmgr10.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-05-30 23:31:41 ----A---- C:\Windows\system32\ieui.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\iesysprep.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\iesetup.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\iertutil.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\iernonce.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\iepeers.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\iedkcs32.dll
2014-05-30 23:31:41 ----A---- C:\Windows\system32\ie4uinit.exe
2014-05-30 23:31:41 ----A---- C:\Windows\system32\corpol.dll
2014-05-30 23:30:44 ----A---- C:\Windows\system32\kernel32.dll
2014-05-22 22:11:51 ----D---- C:\Users\Nicole\AppData\Roaming\Replay Media Catcher 5
2014-05-22 22:06:14 ----D---- C:\Windows\Jaksta
2014-05-22 22:06:14 ----D---- C:\Program Files\Applian Technologies
2014-05-19 10:39:03 ----D---- C:\Users\Nicole\AppData\Roaming\DropboxMaster

======List of files/folders modified in the last 1 months======

2014-06-03 08:25:35 ----D---- C:\Program Files\trend micro
2014-06-03 08:25:34 ----D---- C:\Windows\Prefetch
2014-06-03 08:25:32 ----D---- C:\Windows\Temp
2014-06-03 07:29:32 ----D---- C:\Users\Nicole\AppData\Roaming\uTorrent
2014-05-31 15:37:28 ----D---- C:\Windows\System32
2014-05-31 15:37:28 ----D---- C:\Windows\inf
2014-05-31 15:37:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-31 15:05:35 ----D---- C:\ProgramData\NVIDIA
2014-05-31 15:02:37 ----D---- C:\Windows\winsxs
2014-05-31 15:02:18 ----SHD---- C:\Windows\Installer
2014-05-31 15:02:18 ----SHD---- C:\Config.Msi
2014-05-31 15:02:09 ----D---- C:\ProgramData\Microsoft Help
2014-05-31 15:01:42 ----D---- C:\Windows\system32\MRT
2014-05-31 14:56:22 ----D---- C:\Program Files\Common Files
2014-05-31 14:32:54 ----D---- C:\Windows\Microsoft.NET
2014-05-31 14:32:11 ----RSD---- C:\Windows\assembly
2014-05-31 14:14:56 ----SHD---- C:\System Volume Information
2014-05-31 14:13:43 ----D---- C:\Windows\system32\catroot
2014-05-31 14:13:10 ----D---- C:\Windows\system32\catroot2
2014-05-31 14:10:30 ----D---- C:\Windows
2014-05-31 13:09:35 ----D---- C:\Windows\pss
2014-05-31 12:01:47 ----D---- C:\Users\Nicole\AppData\Roaming\Dropbox
2014-05-30 23:39:12 ----D---- C:\Windows\system32\migration
2014-05-30 23:39:12 ----D---- C:\Program Files\Internet Explorer
2014-05-30 23:36:30 ----D---- C:\Program Files\MSXML 4.0
2014-05-25 12:09:33 ----D---- C:\Users\Nicole\AppData\Roaming\Mozilla
2014-05-22 22:08:56 ----D---- C:\Windows\system32\drivers
2014-05-22 22:06:14 ----RD---- C:\Program Files
2014-05-18 06:45:39 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-05-05 10:32:07 ----D---- C:\Windows\Minidump
2014-05-04 17:14:30 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 appliand;Applian LightWeight Filter; C:\Windows\system32\DRIVERS\appliand.sys [2013-02-06 25696]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-02-11 24856]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2013-01-15 226016]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2011-09-13 29712]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2011-09-07 243152]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-05-08 19096]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2009-02-10 82320]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-12-19 104512]
R3 cpuz135;cpuz135; \??\C:\Users\Nicole\AppData\Local\Temp\cpuz135\cpuz135_x32.sys []
R3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
R3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
R3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
R3 Fwleaf;NETGEAR Firewall Driver; C:\Windows\system32\DRIVERS\fwleaf.sys [2010-03-29 23624]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-05-08 129944]
R3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-05-08 48280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-07-07 3531176]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-05-23 43800]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-05-23 37528]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2013-05-23 28312]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2012-09-21 310504]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
R3 LVUVC;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2012-09-21 4261224]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-10-10 10837352]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-06-23 259176]
R3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
S3 AVGIDSDrivervtx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys [2010-06-22 122448]
S3 AVGIDSFiltervtx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys [2010-06-22 30288]
S3 AVGIDSShimvtx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys [2010-06-22 27216]
S3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\Windows\system32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 95616]
S3 huawei_cdcecm;huawei_cdcecm; C:\Windows\system32\DRIVERS\ew_jucdcecm.sys [2012-04-23 70016]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 27520]
S3 leafnets;Leaf Networks Adapter; C:\Windows\system32\DRIVERS\leafnets.sys [2010-02-20 55296]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NPF;Netgroup Packet Filter; C:\Windows\system32\drivers\npf.sys [2010-02-10 42512]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-02-12 47360]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr61.sys [2006-08-25 274432]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2010-04-23 26112]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WPRO_40_1123;WinPcap Packet Driver (WPRO_40_1123); C:\Windows\system32\drivers\WPRO_40_1123.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Nero 9\InCD\InCDSrv.exe [2009-05-08 1493528]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 645992]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2009-09-01 87344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-03 194032]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-10 1258856]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-18 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-21 523776]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-11 655624]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-07-21 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-11 135664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-11-02 553288]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-06-13 293144]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-08 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S4 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-21 921952]
S4 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
S4 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-11-25 2331544]
S4 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-06-22 5897808]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]
S4 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe [2009-05-08 109080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe []
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Rose · #2 Příspěvek od **Rose** » 03 čer 2014 16:34

Je tu prosím někdo, kdo by mi mohl pomoci? Nemohu restartovat dokud nebudu vědět zda je vše OK. Děkuji.

#3 Příspěvek od **vyosek** » 03 čer 2014 16:36

Zdravim

Nedavejte prosim logy do code

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Rose · #4 Příspěvek od **Rose** » 03 čer 2014 18:49

Děkuji moc za odpověď. Zde jsou logy z obou skenů:

Rkill 2.6.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/03/2014 06:24:53 PM in x86 mode.
Windows Version: Windows Vista (TM) Ultimate Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost
127.0.0.1 activate.adobe.com

Program finished at: 06/03/2014 06:27:12 PM
Execution time: 0 hours(s), 2 minute(s), and 18 seconds(s)

-----------------------------------------------------------------------------

ComboFix 14-06-03.01 - Nicole 03.06.2014 18:40:27.1.4 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1250.420.1029.18.3582.2183 [GMT 2:00]
Spuštěný z: c:\users\Nicole\Desktop\ComboFix.exe
AV: AVG Internet Security *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nicole\AppData\Local\Microsoft\Windows\Temporary Internet Files\ApnStub.exe
c:\users\Nicole\ColorPix_20100423084011.705.exe
c:\users\Nicole\ColorPix_20100423084044.314.exe
c:\windows\msxml4-KB2758694-enu.LOG
c:\windows\system32\Packet.dll
c:\windows\system32\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-03 do 2014-06-03 )))))))))))))))))))))))))))))))
.
.
2014-06-03 16:51 . 2014-06-03 16:56 -------- d-----w- c:\users\Nicole\AppData\Local\temp
2014-06-03 16:51 . 2014-06-03 16:51 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-03 16:51 . 2014-06-03 16:51 -------- d-----w- c:\users\o\AppData\Local\temp
2014-06-03 13:27 . 2014-04-30 23:37 8073384 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0EE1F1D-DCA6-4BA3-92D9-DB394E290E5A}\mpengine.dll
2014-05-31 12:13 . 2014-05-05 18:47 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-22 20:11 . 2014-05-22 20:11 -------- d-----w- c:\users\Nicole\AppData\Roaming\Replay Media Catcher 5
2014-05-22 20:11 . 2014-05-22 20:11 -------- d-----w- c:\users\Nicole\AppData\Local\Replay Media Catcher 5
2014-05-22 20:11 . 2014-05-22 20:11 -------- d-----w- c:\users\Nicole\AppData\Local\Jaksta_Technologies_Pty_L
2014-05-22 20:08 . 2013-02-06 06:25 25696 ----a-w- c:\windows\system32\drivers\appliand.sys
2014-05-22 20:06 . 2014-05-22 20:08 -------- d-----w- c:\program files\Applian Technologies
2014-05-22 20:06 . 2014-05-22 20:06 -------- d-----w- c:\windows\Jaksta
2014-05-19 08:39 . 2014-05-23 02:06 -------- d-----w- c:\users\Nicole\AppData\Roaming\DropboxMaster
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-18 04:45 . 2012-04-25 17:09 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-18 04:45 . 2011-09-07 22:59 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-31 07:35 . 2010-02-09 21:00 231584 ------w- c:\windows\system32\MpSigStub.exe
2010-04-23 08:58 . 2010-04-23 08:58 619520 ----a-w- c:\program files\ColorPix.exe
2012-07-07 22:05 . 2012-05-10 03:22 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Nicole\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Nicole\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Nicole\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-04-25 08:03 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-04-25 08:03 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-04-25 08:03 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-04-25 08:03 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-04-25 08:03 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2009-05-08 16:14 97816 ----a-w- c:\program files\Nero\Nero 9\InCD\NBHshx.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-09-20 109336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-07-07 10754664]
"LWS"="c:\program files\Logitech\HD Webcam C270\LWS\Webcam Software\LWS.exe" [2012-09-12 204136]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 2296600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region+CSS Free\DVDShell.dll" [2004-06-08 49152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll c:\windows\Jaksta\AC\x86\jaudcap.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
backup=c:\windows\pss\ImageBrowser EX Agent.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Nicole^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Nicole^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Nicole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\365dni]
2007-01-06 17:16 753664 ----a-w- c:\program files\365dníNET\365dniNET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2008-06-11 21:43 640376 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2008-06-12 01:25 37232 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-09-20 05:27 444904 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2010-02-13 03:29 3214272 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
2012-12-17 16:14 59872 ----a-w- c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-09-13 18:51 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2012-01-26 16:48 2077536 ----a-w- c:\progra~1\AVG\AVG9\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-07-21 02:11 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
2012-12-17 15:48 59872 ----a-w- c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
2009-05-08 16:14 1116696 ----a-w- c:\program files\Nero\Nero 9\InCD\InCD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-11-01 23:29 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV]
2012-01-15 00:08 669184 ----a-w- c:\program files\iTV\iTV.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup]
2007-03-20 22:36 36864 ----a-w- c:\windows\RaidTool\xInsIDE.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-03-08 16:50 4280184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
2009-09-01 15:31 1086760 ----a-w- c:\program files\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBHGui]
2009-05-08 16:14 1593880 ----a-w- c:\program files\Nero\Nero 9\InCD\NBHGui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 02:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ReadyNAS Remote]
2010-03-29 19:00 354888 ----a-w- c:\program files\NETGEAR ReadyNAS\Remote\bin\ReadyNASRemote.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-02-11 01:10 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
2013-10-31 16:11 2166552 ----a-w- c:\program files\T-Mobile\Web'n'walk Manager\Manager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]
2009-04-11 06:28 2153472 ----a-w- c:\windows\System32\oobefldr.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [2007-11-14 100992]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 16:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 09:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-25 04:45]
.
2014-06-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-11 12:32]
.
2014-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 01:11]
.
2014-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-11 01:11]
.
2014-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001Core.job
- c:\users\Nicole\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 21:20]
.
2014-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001UA.job
- c:\users\Nicole\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-10 21:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://oriflame.mydigest.net/
uInternet Settings,ProxyServer = 80.188.29.234:8080
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Clip selection - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - c:\program files\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Generátor hesel - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
IE: Ikona RoboForm na liště úloh - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
IE: Nastavit políčka - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSetFields.html
IE: Nová poznámka - c:\program files\Evernote\Evernote\\EvernoteIERes\NewNote.html
IE: Obnovit políčka - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComResetFields.html
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: RoboForm Editor - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComEditIdent.html
IE: RoboForm Nastavení - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComOptions.html
IE: Sync RoboForm Data - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSync.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Vyčistit políčka - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComClearFields.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{320AF880-6646-11D3-ABEE-C5DBF3571F4D} - {320AF880-6646-11D3-ABEE-C5DBF3571F4D} - c:\program files\Siber Systems\AI RoboForm\roboform.dll
IE: {{320AF880-6646-11D3-ABEE-C5DBF3571F4E} - {320AF880-6646-11D3-ABEE-C5DBF3571F4E} - c:\program files\Siber Systems\AI RoboForm\roboform.dll
TCP: DhcpNameServer = 192.168.0.1
Handler: leaf - {3c4a8a13-029e-430d-b8c1-46e834d20b31} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\fbf8yau4.default\
FF - prefs.js: browser.startup.homepage - hxxp://oriflame.mydigest.net/
FF - ExtSQL: !HIDDEN! 2010-02-11 16:10; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-HDDefrag - wscript c:\users\Nicole\AppData\Roaming\Adobe\Flash Player\File Cache\file.vbs
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Driver Detective - c:\program files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
MSConfigStartUp-Facebook Update - c:\users\Nicole\AppData\Local\Facebook\Update\FacebookUpdate.exe
MSConfigStartUp-HF_G_Jul - c:\program files\AVG Secure Search\HF_G_Jul.exe
MSConfigStartUp-NeroRebootSetup - c:\users\Nicole\AppData\Local\Temp\nro.tmp\SetupX.exe
MSConfigStartUp-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe
MSConfigStartUp-ROC_ROC_JULY_P1 - c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-03 18:57
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-171076164-4115729517-1122896547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11o\UserChoice]
@Denied: (2) (S-1-5-21-171076164-4115729517-1122896547-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11o"
.
[HKEY_USERS\S-1-5-21-171076164-4115729517-1122896547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11p\UserChoice]
@Denied: (2) (S-1-5-21-171076164-4115729517-1122896547-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11p"
.
[HKEY_USERS\S-1-5-21-171076164-4115729517-1122896547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v11pf\UserChoice]
@Denied: (2) (S-1-5-21-171076164-4115729517-1122896547-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.v11pf"
.
[HKEY_USERS\S-1-5-21-171076164-4115729517-1122896547-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-171076164-4115729517-1122896547-1001)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Photo Manager 2009.xmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3376)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Nero\Nero 9\InCD\InCDSrv.exe
c:\windows\System32\lpksetup.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\IoctlSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\System32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\proXPN\bin\proxpn.exe
c:\windows\system32\conime.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\proXPN\bin\openvpn.exe
.
**************************************************************************
.
Celkový čas: 2014-06-03 19:05:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-03 17:04
.
Před spuštěním: Volných bajtů: 28 338 450 432
Po spuštění: Volných bajtů: 32 475 111 424
.
- - End Of File - - 36E8C04A7D6823F09B16C6511D139B39
5C616939100B85E558DA92B899A0FC36

#5 Příspěvek od **vyosek** » 03 čer 2014 20:00

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Rose · #6 Příspěvek od **Rose** » 03 čer 2014 20:24

A nemůže ten cleaner nějak poškodit PC? Doufám, že mi to nic nesmaže. Budu Vám věřit.

#7 Příspěvek od **vyosek** » 03 čer 2014 20:36

Je to overeny nastroj na odstranovani zbytecnych a otravnych reklamnich SW...

Samozejme, pokud nechcete, nic z mych kroku podnikat nemusite

Rose · #8 Příspěvek od **Rose** » 03 čer 2014 23:06

Zde je můj log na adwcleaner, problém s internetem po restartu přetrvává - prostě se připojí k neznámé síti namísto k síti 3 v routeru, nevím proč, nic jsem po posledních aktualizacích od microsoftu kdy to začalo zlobit neměnila:

# AdwCleaner v3.211 - Report created 03/06/2014 at 23:45:53
# Updated 26/05/2014 by Xplode
# Operating System : Windows Vista (TM) Ultimate Service Pack 2 (32 bits)
# Username : Nicole - NIKOLKY-POCITAC
# Running from : D:\Download\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Security Toolbar
[x] Not Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\Program Files\iLivid
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Nicole\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Nicole\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Nicole\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Nicole\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Nicole\AppData\Roaming\DriverCure
[x] Not Deleted : C:\Users\Nicole\AppData\Roaming\ParetoLogic
[x] Not Deleted : C:\Users\Nicole\AppData\Roaming\ZoomBrowser EX
Folder Deleted : C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\fbf8yau4.default\FoxTab
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D064C2AA-801C-4CCF-8CDB-1E02D5C73E50}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D064C2AA-801C-4CCF-8CDB-1E02D5C73E50}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{456D2AE0-5A38-4E22-AEE3-6AD470DA2315}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E601996F-E400-41CA-804B-CD6373A7EEE2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\ilivid
[x] Not Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskBarDis
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\ilivid
[x] Not Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19518

-\\ Mozilla Firefox v13.0.1 (cs)

[ File : C:\Users\Nicole\AppData\Roaming\Mozilla\Firefox\Profiles\fbf8yau4.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("de.soerenrinne.googlebuttons.userlist", "Mail,Maps,Reader,Scholar,Wave,Web Search,YouTube,Google Shortcuts Settings,Web History,Web Toolkit,Website Optimizer,Webmaster-Tools,Trends for Webs[...]
Line Deleted : user_pref("extensions.aniweather.timeShifted", 1698755);
Line Deleted : user_pref("extensions.asktb.cbid", "RY");
Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}");
Line Deleted : user_pref("extensions.asktb.fresh-install", false);
Line Deleted : user_pref("extensions.asktb.l", "dis");
Line Deleted : user_pref("extensions.asktb.last-config-req", "1268010380506");
Line Deleted : user_pref("extensions.asktb.locale", "en_US");
Line Deleted : user_pref("extensions.asktb.o", "15184");
Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
Line Deleted : user_pref("extensions.asktb.r", "2");
Line Deleted : user_pref("extensions.facetweak.addit.remoteInstallItems", "{ \"software\": {\"11\": {\"id\": \"11\",\"title\": \"KwiClick\",\"type\": \"XPI\",\"url\": \"hxxps://addons.mozilla.org/en-US/firefox/downl[...]
Line Deleted : user_pref("extensions.likethepage.addit.remoteInstallItems", "{ \"software\": {\"89\": {\"id\": \"89\",\"title\": \"SmartSuggestor\",\"type\": \"EXE\",\"url\": \"hxxps://www.softpublisher.com/download[...]
Line Deleted : user_pref("extensions.ntk.love", "\n<stuff><site><url><![CDATA[mail.com]]></url><desc><![CDATA[Mail.com the best personalized free web-based email]]></desc><navUrl><![CDATA[hxxp://mail.google.com]]></[...]
Line Deleted : user_pref("extensions.ntk.ntkAnalytics-1", "<td id=\"row_1\" height=130 valign=top width=33%><div onclick=\"nav('hxxps://mail.google.com/mail/?uip=1#inbox')\" class=\"lgThumb\"><div class=\"rDiv thumb[...]
Line Deleted : user_pref("integratedgmail-expanded-inbox", true);
Line Deleted : user_pref("surfcanyon.fractions", "0.0_0.0\r\n");
Line Deleted : user_pref("surfcanyon.last_checked_ts", "1266966470498");

[ File : C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\7od259z3.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Nicole\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={38E335A9-097C-4AE3-AAD2-FF9F0BC45A8B}&mid=c0d617d50bc991c0f724d586fccd86df-20a52e45b75d63eb9ca0e871b989036f599d859f&lang=cz&ds=AVG&pr=pa&d=2011-12-10 21:18:52&v=10.0.0.7&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.velkoobchodscajem.cz/inshop/scripts ... earchTerms}
Deleted [Search Provider] : hxxp://pekarskyraj.cz/inshop/scripts/shop.aspx?action=dosearch&searchphrase={searchTerms}
Deleted [Search Provider] : hxxp://redoxsignal.cz/?mact=Search%2Ccntnt01%2Cdosearch%2C0&cntnt01returnid=15&cntnt01searchinput={searchTerms}&submit=Odeslat
Deleted [Search Provider] : hxxp://www.eshop-svet-zdravi.cz/inshop/scripts ... earchTerms}
Deleted [Search Provider] : hxxp://www.vymyslicky.cz/?page=websearch&srchtext={searchTerms}
Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [8530 octets] - [03/06/2014 23:31:49]
AdwCleaner[S0].txt - [8576 octets] - [03/06/2014 23:45:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8636 octets] ##########

#9 Příspěvek od **vyosek** » 05 čer 2014 06:36

Spustte MiniTool dle kolegy

stell píše:daj spustit tento program
http://www.bleepingcomputer.com/downloa ... box/dl/65/

Spustit>.zafajknut.
1:Report IEPROXY
2:Report FFPROXY
3:List comtent OFF HOSTS
4:List IP CONFIGURATION
5:LIST WINSOCK...
6:List Last 10 EvENTS..
7:Only problems
8:Klik GO a log nech ti da do fora.

Rose · #10 Příspěvek od **Rose** » 05 čer 2014 13:10

Tady je log:

MiniToolBox by Farbar Version: 23-01-2014
Ran by Nicole (administrator) on 05-06-2014 at 14:08:25
Running from "D:\Download"
Microsoft® Windows Vista™ Ultimate Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 80.188.29.234:8080

========================= FF Proxy Settings: ==============================

"network.proxy.http", "190.200.151.23"
"network.proxy.http_port", 8080
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Připojení k místní síti (Connected)

# ----------------------------------
# Konfigurace protokolu IPv4
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled

popd
# Konec konfigurace protokolu IPv4

Konfigurace protokolu IP syst‚mu Windows

N zev hostitele . . . . . . . . . : Nikolky-pocitac
Prim rnˇ pýˇpona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : hybridnˇ
Povoleno smŘrov nˇ IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne
Prohled vacˇ seznam pýˇpon DNS. . : cust.nbox.cz

Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:

Pýˇpona DNS podle pýipojenˇ . . . : cust.nbox.cz
Popis . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fyzick Adresa. . . . . . . . . . : 00-1A-4D-45-A6-B9
Protokol DHCP povolen . . . . . . : Ano
Automatick konfigurace povolena : Ano
Spojenˇ - mˇstnˇ adresa IPv6 . . . : fe80::bdf6

440d:174c%20(Preferovan‚)
Adresa IPv4 . . . . . . . . . . . : 192.168.0.100(Preferovan‚)
Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0
Zap…jźeno . . . . . . . . . . . . : 4. źervna 2014 0:01:47
Z p…jźka vyprçˇ . . . . . . . . . : 11. źervna 2014 0:01:37
Věchozˇ br na . . . . . . . . . . : 192.168.0.1
Server DHCP . . . . . . . . . . . : 192.168.0.1
IAID DHCPv6 . . . . . . . . . . . : 167778893
DUID klienta DHCPv6. . . . . . . . : 00-01-00-01-12-F3-64-23-00-1A-4D-44-C7-79
Servery DNS . . . . . . . . . . . : 192.168.0.1
Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno

Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti* 7:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . : cust.nbox.cz
Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti* 6:

Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzick Adresa. . . . . . . . . . : 02-00-54-55-4E-01
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
Adresa IPv6. . . . . . . . . . . : 2001:0:5ef5:79fd:406:f3f:ac0f:b33c(Preferovan‚)
Spojenˇ - mˇstnˇ adresa IPv6 . . . : fe80::406:f3f:ac0f:b33c%10(Preferovan‚)
Věchozˇ br na . . . . . . . . . . : ::
NetBIOS nad TCP/IP. . . . . . . . : zak z no
Server: UnKnown
Address: 192.168.0.1

N zev: google.com
Addresses: 2a00

400d:803::1006
173.194.39.104
173.194.39.105
173.194.39.110
173.194.39.96
173.194.39.97
173.194.39.98
173.194.39.99
173.194.39.100
173.194.39.101
173.194.39.102
173.194.39.103

Pýˇkaz PING na google.com [173.194.39.105] - 32 bajt… dat:

OdpovŘÔ od 173.194.39.105: bajty=32 źas=19ms TTL=55

OdpovŘÔ od 173.194.39.105: bajty=32 źas=19ms TTL=55

Statistika ping pro 173.194.39.105:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 19ms, Maximum = 19ms, Pr…mŘr = 19ms

Server: UnKnown
Address: 192.168.0.1

N zev: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24

Pýˇkaz PING na yahoo.com [206.190.36.45] - 32 bajt… dat:

OdpovŘÔ od 206.190.36.45: bajty=32 źas=197ms TTL=46

OdpovŘÔ od 206.190.36.45: bajty=32 źas=196ms TTL=46

Statistika ping pro 206.190.36.45:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 196ms, Maximum = 197ms, Pr…mŘr = 196ms

Pýˇkaz PING na 127.0.0.1 - 32 bajt… dat:

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

Statistika ping pro 127.0.0.1:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms

===========================================================================
Seznam rozhranˇ
20 ...00 1a 4d 45 a6 b9 ...... Realtek PCIe GBE Family Controller
1 ........................... Software Loopback Interface 1
34 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306
127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306
127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
192.168.0.0 255.255.255.0 Propojen‚ 192.168.0.100 276
192.168.0.100 255.255.255.255 Propojen‚ 192.168.0.100 276
192.168.0.255 255.255.255.255 Propojen‚ 192.168.0.100 276
224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 192.168.0.100 276
255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
255.255.255.255 255.255.255.255 Propojen‚ 192.168.0.100 276
===========================================================================
Trval‚ trasy:
¦ dn‚

IPv6 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Rozhranˇ Metrika Cˇl v sˇti Br na
10 18 ::/0 Propojen‚
1 306 ::1/128 Propojen‚
10 18 2001::/32 Propojen‚
10 266 2001:0:5ef5:79fd:406:f3f:ac0f:b33c/128
Propojen‚
20 276 fe80::/64 Propojen‚
10 266 fe80::/64 Propojen‚
10 266 fe80::406:f3f:ac0f:b33c/128
Propojen‚
20 276 fe80::bdf6

440d:174c/128
Propojen‚
1 306 ff00::/8 Propojen‚
10 266 ff00::/8 Propojen‚
20 276 ff00::/8 Propojen‚
===========================================================================
Trval‚ trasy:
¦ dn‚
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/05/2014 04:29:13 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro 35.0.1916.114,language="*",type="win32",version="35.0.1916.114"1 se nezdařilo.
Závislé sestavení 35.0.1916.114,language="*",type="win32",version="35.0.1916.114" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/05/2014 04:29:13 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro 35.0.1916.114,language="*",type="win32",version="35.0.1916.114"1 se nezdařilo.
Závislé sestavení 35.0.1916.114,language="*",type="win32",version="35.0.1916.114" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (06/04/2014 00:00:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 06:55:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2014 04:55:28 AM) (Source: Application Error) (User: )
Description: Chybující aplikace chrome.exe, verze 35.0.1916.114, časové razítko 0x53726019, chybující modul RPCRT4.dll, verze 6.0.6002.18882, časové razítko 0x51dd2d9c, kód výjimky 0xc0000005, posun chyby 0x000b11c1,
ID procesu 0x1468, čas spuštění aplikace 0xchrome.exe0.

Error: (05/31/2014 03:06:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:56:40 PM) (Source: Windows Search Service) (User: )
Description: Sledování výkonu objektu sběrače nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (05/31/2014 02:56:40 PM) (Source: Windows Search Service) (User: )
Description: Sledování výkonu služby sběrače nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Error: (05/31/2014 01:23:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 00:23:50 PM) (Source: Application Error) (User: )
Description: Chybující aplikace RtHDVCpl.exe, verze 1.0.0.710, časové razítko 0x4e152755, chybující modul RtHDVCpl.exe, verze 1.0.0.710, časové razítko 0x4e152755, kód výjimky 0xc0000005, posun chyby 0x00148f0e,
ID procesu 0xc60, čas spuštění aplikace 0xRtHDVCpl.exe0.

System errors:
=============
Error: (06/05/2014 04:38:12 AM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/05/2014 04:37:02 AM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:32:08 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:25:24 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:24:25 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:23:57 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:19:12 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:18:16 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 07:12:53 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (06/04/2014 06:57:56 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Microsoft Office Sessions:
=========================
Error: (04/16/2014 11:56:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 338171 seconds with 480 seconds of active time. This session ended with a crash.

Error: (04/13/2014 02:00:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 274356 seconds with 2580 seconds of active time. This session ended with a crash.

Error: (06/11/2013 11:13:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 79182 seconds with 60 seconds of active time. This session ended with a crash.

Error: (06/10/2013 05:19:50 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

Error: (06/10/2013 05:14:12 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1468 seconds with 240 seconds of active time. This session ended with a crash.

Error: (06/05/2013 11:18:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5952 seconds with 600 seconds of active time. This session ended with a crash.

Error: (06/05/2013 09:38:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 351084 seconds with 1020 seconds of active time. This session ended with a crash.

Error: (05/16/2013 05:09:52 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 69 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/16/2013 05:07:34 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/16/2013 05:07:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6652.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 135 seconds with 0 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2012-07-30 11:47:57.205
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\pavboot.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-07-30 11:47:56.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\pavboot.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-07-30 11:47:56.698
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\pavboot.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-07-30 11:47:56.440
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\pavboot.sys because the set of per-page image hashes could not be found on the system.

Date: 2011-09-23 22:55:25.980
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SlySoft\AnyDVD\ADvdDiscHlp.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-09-23 22:55:25.692
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\SlySoft\AnyDVD\ADvdDiscHlp.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-09-09 07:05:39.785
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-09-09 07:05:39.583
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-09-09 07:05:37.002
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

Date: 2011-09-09 07:05:36.791
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\RtkAPO.dll because the set of per-page image hashes could not be found on the system.

**** End of log ****

#11 Příspěvek od **vyosek** » 06 čer 2014 07:00

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBHGui]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

File::
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-171076164-4115729517-1122896547-1001UA.job

DDS::
uInternet Settings,ProxyServer = 80.188.29.234:8080

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

VIRY.CZ

Prosím o kontrolu logu - zpomalený web, problém s připojením

Prosím o kontrolu logu - zpomalený web, problém s připojením

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj

Re: Prosím o kontrolu logu - zpomalený web, problém s připoj