Problemy s internetem behem hrani her

[balix]

Dobry den, vsiml jsem si ze mam posledni dobou pomalejsi notebook a hlavne pri hrani online her dostavam connection lost problemy, nikdy driv mi to nedelalo, posledni dobou to dela casto. Prosim o nakouknuti do logu, dekuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by G575 at 2014-06-16 11:58:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (45%) free of 114 GB
Total RAM: 3691 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:58:51, on 16.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
C:\Program Files (x86)\O2\Nori\Nori.exe
C:\Program Files\trend micro\G575.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [icq] C:\Users\G575\AppData\Roaming\ICQM\icq.exe -CU
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\G575\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\G575\AppData\Roaming\ICQM\icq.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5EAB935A-A9CD-47DE-8CAF-D438317DFB84}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CS1\Services\Tcpip\..\{5EAB935A-A9CD-47DE-8CAF-D438317DFB84}: NameServer = 160.218.161.60 194.228.211.33
O17 - HKLM\System\CS2\Services\Tcpip\..\{5EAB935A-A9CD-47DE-8CAF-D438317DFB84}: NameServer = 160.218.167.5 160.218.161.60
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5976 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f76c92f4-bde9-4fed-963b-d6f1588067d0 -SystemEventPortName:HostProcess-9c2cbfbe-1b75-4975-97f3-d570f1c9479a -IoCancelEventPortName:HostProcess-42ba780a-b73b-41cd-affb-32b0dd575f5a -NonStateChangingEventPortName:HostProcess-ae5be39b-f722-4d1f-b538-bd7e2f849ab3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:90214b73-53a7-49dc-9326-f64abd8146d6
notepad.exe "C:\Users\G575\AppData\Local\Temp\log.txt"
C:\Windows\explorer.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\O2\O2CZ\EMMSN.exe"
"C:\Program Files (x86)\O2\Nori\Nori.exe" -Embedding
taskeng.exe {17B2AB5E-6F3B-4C97-BE50-84BD8FCF2CE2}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\G575\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\WerFault.exe -u -p 2840 -s 2556

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-09-03 2294568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"icq"=C:\Users\G575\AppData\Roaming\ICQM\icq.exe [2013-12-05 29919576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 115200]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2014-06-16 11:54:59 ----SHD---- C:\$RECYCLE.BIN
2014-06-16 11:54:55 ----D---- C:\Windows\temp
2014-06-16 11:54:53 ----A---- C:\ComboFix.txt
2014-06-02 21:02:24 ----A---- C:\Windows\zip.exe
2014-06-02 21:02:24 ----A---- C:\Windows\SWSC.exe
2014-06-02 21:02:24 ----A---- C:\Windows\SWREG.exe
2014-06-02 21:02:24 ----A---- C:\Windows\sed.exe
2014-06-02 21:02:24 ----A---- C:\Windows\PEV.exe
2014-06-02 21:02:24 ----A---- C:\Windows\NIRCMD.exe
2014-06-02 21:02:24 ----A---- C:\Windows\MBR.exe
2014-06-02 21:02:24 ----A---- C:\Windows\grep.exe
2014-06-02 21:01:51 ----D---- C:\Windows\erdnt
2014-06-02 03:19:22 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-06-02 02:53:49 ----D---- C:\ProgramData\RogueKiller
2014-05-29 14:06:54 ----D---- C:\Users\G575\AppData\Roaming\AVG
2014-05-29 14:06:46 ----D---- C:\ProgramData\AVG
2014-05-29 14:06:37 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-29 14:06:36 ----HD---- C:\ProgramData\Common Files
2014-05-29 14:05:47 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2014-05-26 15:00:49 ----D---- C:\Users\G575\AppData\Roaming\Tunngle
2014-05-26 15:00:48 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2014-05-25 23:33:38 ----D---- C:\Users\G575\AppData\Roaming\Garena
2014-05-25 23:33:38 ----D---- C:\ProgramData\Garena
2014-05-25 23:06:00 ----D---- C:\ProgramData\LogMeIn
2014-05-25 23:05:53 ----AH---- C:\Windows\system32\hamachi.sys
2014-05-25 22:04:49 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-05-25 22:04:49 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-05-25 22:04:49 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-05-25 22:04:49 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-05-25 22:04:49 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-05-25 22:04:49 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-05-25 22:04:48 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-05-25 22:04:48 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-05-25 22:04:48 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-05-25 22:04:48 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-05-25 22:04:48 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll

======List of files/folders modified in the last 1 months======

2014-06-16 11:58:51 ----D---- C:\Program Files\trend micro
2014-06-16 11:54:56 ----D---- C:\Qoobox
2014-06-16 11:54:55 ----D---- C:\Windows
2014-06-16 11:52:15 ----A---- C:\Windows\system.ini
2014-06-16 11:52:10 ----D---- C:\Windows\system32\drivers\etc
2014-06-16 11:48:46 ----D---- C:\Windows\SYSWOW64\drivers
2014-06-16 11:48:46 ----D---- C:\Windows\SysWOW64
2014-06-16 11:48:46 ----D---- C:\Windows\AppPatch
2014-06-16 11:48:45 ----D---- C:\Program Files (x86)\Common Files
2014-06-16 11:43:26 ----SHD---- C:\System Volume Information
2014-06-16 11:42:59 ----D---- C:\Windows\system32\drivers
2014-06-16 11:42:21 ----D---- C:\Program Files (x86)\Steam
2014-06-16 09:27:44 ----D---- C:\Windows\System32
2014-06-16 09:27:44 ----D---- C:\Windows\inf
2014-06-16 09:27:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-15 13:08:14 ----D---- C:\Users\G575\AppData\Roaming\TS3Client
2014-06-15 09:18:15 ----D---- C:\Windows\system32\catroot2
2014-06-13 11:33:01 ----D---- C:\Windows\system32\config
2014-06-08 18:02:59 ----D---- C:\Program Files (x86)\SpeedFan
2014-06-02 18:00:14 ----D---- C:\Windows\system32\Tasks
2014-06-02 04:27:26 ----D---- C:\ProgramData
2014-06-02 03:33:54 ----D---- C:\Windows\ModemLogs
2014-06-02 02:24:49 ----RD---- C:\Program Files (x86)
2014-06-02 02:23:22 ----D---- C:\Program Files (x86)\Razor
2014-06-02 01:32:38 ----D---- C:\AdwCleaner
2014-05-29 14:09:05 ----SHD---- C:\Windows\Installer
2014-05-28 20:01:02 ----D---- C:\Users\G575\AppData\Roaming\DAEMON Tools Lite
2014-05-27 00:02:38 ----D---- C:\Users\G575\AppData\Roaming\Skype
2014-05-26 15:22:10 ----RSD---- C:\Windows\Fonts
2014-05-26 15:01:19 ----D---- C:\Windows\system32\catroot
2014-05-26 15:01:18 ----D---- C:\Windows\system32\DriverStore
2014-05-25 22:46:55 ----D---- C:\Windows\winsxs
2014-05-21 22:23:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-19 13:53:44 ----D---- C:\Windows\Tasks
2014-05-19 13:53:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2013-11-06 83176]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2013-11-06 43240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-31 12528640]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-31 618496]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-24 2673664]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-30 283064]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
R3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-06-25 76912]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-09-03 1392688]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-08-28 58536]
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-04-26 21712]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-31 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-09-30 76888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-10-11 49152]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]

-----------------EOF-----------------


A jeste vypis z ComboFixu:

ComboFix 14-05-29.01 - G575 16.06.2014 11:45:10.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3691.2895 [GMT 2:00]
Spuštěný z: c:\users\G575\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\G575\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\inf\msstp.vbe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\G575\AppData\Roaming\BCWorker.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-16 do 2014-06-16 )))))))))))))))))))))))))))))))
.
.
2014-06-16 09:52 . 2014-06-16 09:52 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-06-16 09:52 . 2014-06-16 09:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-02 14:30 . 2014-06-13 07:27 -------- d-----w- c:\users\G575\AppData\Local\CrashDumps
2014-06-02 01:19 . 2014-06-02 01:19 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-02 00:53 . 2014-06-02 00:53 -------- d-----w- c:\programdata\RogueKiller
2014-05-29 12:06 . 2014-05-29 12:06 -------- d-----w- c:\users\G575\AppData\Roaming\AVG
2014-05-29 12:06 . 2014-05-29 12:06 -------- d-----w- c:\users\G575\AppData\Local\AVG
2014-05-29 12:06 . 2014-05-29 12:07 -------- d-----w- c:\programdata\AVG
2014-05-29 12:06 . 2014-05-29 12:06 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-29 12:06 . 2014-05-29 12:06 -------- d--h--w- c:\programdata\Common Files
2014-05-29 12:05 . 2014-05-29 12:05 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-05-26 13:00 . 2014-05-26 13:09 -------- d-----w- c:\users\G575\AppData\Roaming\Tunngle
2014-05-26 13:00 . 2009-09-16 05:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2014-05-25 21:33 . 2014-05-25 21:33 -------- d-----w- c:\users\G575\AppData\Roaming\Garena
2014-05-25 21:33 . 2014-05-25 21:33 -------- d-----w- c:\programdata\Garena
2014-05-25 21:06 . 2014-05-25 21:06 -------- d-----w- c:\users\G575\AppData\Local\LogMeIn
2014-05-25 21:06 . 2014-05-25 21:06 -------- d-----w- c:\programdata\LogMeIn
2014-05-25 21:05 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2014-05-25 20:04 . 2014-03-05 20:19 7670 --s-a-w- c:\windows\SysWow64\mnchgpm.vbe
2014-05-25 20:04 . 2014-05-25 20:04 -------- d-----w- c:\windows\SysWow64\bitstreams
2014-05-25 20:04 . 2013-10-26 18:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2014-05-25 20:04 . 2013-10-26 18:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2014-05-25 20:04 . 2013-06-12 13:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-05-25 20:04 . 2013-06-12 13:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2014-05-25 20:04 . 2012-05-26 23:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2014-05-25 20:04 . 2013-10-26 18:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2014-05-25 20:04 . 2013-10-26 18:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2014-05-25 20:04 . 2013-10-26 18:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2014-05-25 20:04 . 2013-10-26 18:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2014-05-25 20:04 . 2012-09-25 21:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 11:53 . 2013-09-30 10:11 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-19 11:53 . 2013-09-30 10:11 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-26 00:51 . 2014-04-26 00:51 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2014-03-31 02:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-03-31 02:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-03-22 21:38 . 2013-10-01 10:32 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-22 21:38 . 2013-09-30 13:40 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-22 19:51 . 2013-09-30 13:40 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"icq"="c:\users\G575\AppData\Roaming\ICQM\icq.exe" [2013-12-05 29919576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\G575\AppData\Roaming\Mozilla\Firefox\Profiles\yovmq6s8.default-1388494153560\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-GarenaPlus - c:\program files (x86)\Garena Plus\GarenaMessenger.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-16 11:54:53
ComboFix-quarantined-files.txt 2014-06-16 09:54
.
Před spuštěním: Volných bajtů: 54 510 411 776
Po spuštění: Volných bajtů: 54 136 283 136
.
- - End Of File - - 1ACC1E86B094E6F89F7A65CFE4F8348C
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[balix]

# AdwCleaner v3.212 - Report created 17/06/2014 at 20:05:18
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : G575 - G575-PC
# Running from : C:\Users\G575\Downloads\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\G575\AppData\Roaming\Mozilla\Firefox\Profiles\yovmq6s8.default-1388494153560\prefs.js ]


*************************

AdwCleaner[R0].txt - [1621 octets] - [07/05/2014 22:54:03]
AdwCleaner[R1].txt - [1272 octets] - [02/06/2014 01:31:34]
AdwCleaner[R2].txt - [1027 octets] - [16/06/2014 15:55:58]
AdwCleaner[R3].txt - [1148 octets] - [17/06/2014 20:04:33]
AdwCleaner[S0].txt - [1663 octets] - [07/05/2014 22:55:17]
AdwCleaner[S1].txt - [1345 octets] - [02/06/2014 01:32:37]
AdwCleaner[S2].txt - [1089 octets] - [16/06/2014 15:58:40]
AdwCleaner[S3].txt - [1070 octets] - [17/06/2014 20:05:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1130 octets] ##########

[Rudy]

Proč spouštíte ComboFix, utilitu určenou pouze profesinálům? Hodláte si nabořit systém, nebo některo aplikaci?


Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[balix]

ComboFix 14-06-16.01 - G575 18.06.2014 14:54:41.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3691.2843 [GMT 2:00]
Spuštěný z: c:\users\G575\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\G575\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-18 do 2014-06-18 )))))))))))))))))))))))))))))))
.
.
2014-06-18 13:01 . 2014-06-18 13:01 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-06-18 13:01 . 2014-06-18 13:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-16 17:08 . 2014-06-16 17:08 -------- d-----w- c:\users\G575\AppData\Local\Adobe
2014-06-16 17:07 . 2014-06-16 17:07 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-06-16 15:08 . 2014-06-18 12:50 -------- d-----w- c:\program files (x86)\Steam
2014-06-02 14:30 . 2014-06-17 09:13 -------- d-----w- c:\users\G575\AppData\Local\CrashDumps
2014-06-02 01:19 . 2014-06-02 01:19 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-02 00:53 . 2014-06-02 00:53 -------- d-----w- c:\programdata\RogueKiller
2014-05-29 12:06 . 2014-05-29 12:06 -------- d-----w- c:\users\G575\AppData\Roaming\AVG
2014-05-29 12:06 . 2014-05-29 12:06 -------- d-----w- c:\users\G575\AppData\Local\AVG
2014-05-29 12:06 . 2014-05-29 12:07 -------- d-----w- c:\programdata\AVG
2014-05-29 12:06 . 2014-05-29 12:06 -------- d-sh--w- c:\programdata\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-05-29 12:06 . 2014-05-29 12:06 -------- d--h--w- c:\programdata\Common Files
2014-05-29 12:05 . 2014-05-29 12:05 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2014-05-26 13:00 . 2014-05-26 13:09 -------- d-----w- c:\users\G575\AppData\Roaming\Tunngle
2014-05-26 13:00 . 2009-09-16 05:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2014-05-25 21:33 . 2014-05-25 21:33 -------- d-----w- c:\users\G575\AppData\Roaming\Garena
2014-05-25 21:33 . 2014-05-25 21:33 -------- d-----w- c:\programdata\Garena
2014-05-25 21:06 . 2014-05-25 21:06 -------- d-----w- c:\users\G575\AppData\Local\LogMeIn
2014-05-25 21:06 . 2014-05-25 21:06 -------- d-----w- c:\programdata\LogMeIn
2014-05-25 21:05 . 2009-03-18 16:35 33856 ---ha-w- c:\windows\system32\hamachi.sys
2014-05-25 20:04 . 2014-03-05 20:19 7670 --s-a-w- c:\windows\SysWow64\mnchgpm.vbe
2014-05-25 20:04 . 2014-05-25 20:04 -------- d-----w- c:\windows\SysWow64\bitstreams
2014-05-25 20:04 . 2013-10-26 18:30 364544 --s-a-w- c:\windows\SysWow64\ssleay32.dll
2014-05-25 20:04 . 2013-10-26 18:30 171008 --s-a-w- c:\windows\SysWow64\libssh2.dll
2014-05-25 20:04 . 2013-06-12 13:15 119888 --s-a-w- c:\windows\SysWow64\pthreadGC2.dll
2014-05-25 20:04 . 2013-06-12 13:15 100864 --s-a-w- c:\windows\SysWow64\zlib1.dll
2014-05-25 20:04 . 2012-05-26 23:36 55808 --s-a-w- c:\windows\SysWow64\pthreadVC2.dll
2014-05-25 20:04 . 2013-10-26 18:30 538126 --s-a-w- c:\windows\SysWow64\libcurl-4.dll
2014-05-25 20:04 . 2013-10-26 18:30 192512 --s-a-w- c:\windows\SysWow64\libidn-11.dll
2014-05-25 20:04 . 2013-10-26 18:30 1704448 --s-a-w- c:\windows\SysWow64\libeay32.dll
2014-05-25 20:04 . 2013-10-26 18:30 133632 --s-a-w- c:\windows\SysWow64\librtmp.dll
2014-05-25 20:04 . 2012-09-25 21:46 472424 --s-a-w- c:\windows\SysWow64\cudart32_50_35.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 11:53 . 2013-09-30 10:11 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-19 11:53 . 2013-09-30 10:11 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-26 00:51 . 2014-04-26 00:51 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2014-03-31 02:17 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-03-31 02:17 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-03-22 21:38 . 2013-10-01 10:32 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-22 21:38 . 2013-09-30 13:40 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-22 19:51 . 2013-09-30 13:40 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
"icq"="c:\users\G575\AppData\Roaming\ICQM\icq.exe" [2013-12-05 29919576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\G575\AppData\Roaming\Mozilla\Firefox\Profiles\yovmq6s8.default-1388494153560\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2014-06-18 15:05:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-18 13:05
ComboFix2.txt 2014-06-16 09:54
.
Před spuštěním: Volných bajtů: 56 071 049 216
Po spuštění: Volných bajtů: 55 730 094 080
.
- - End Of File - - 51BA0EB3BEA3D2CBAAE6D6F04E5C630D
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Smazáno. CF odinastalujte pomocí T-Cleaneru: http://vyosek.tym.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

[balix]

Děkuji moc, myslíte že to bylo tím co my CF smazalo? Zatim sem hrat zatim jen jednu hru a nelagovalo to, takze super.. chce to jeste par her abych si byl jisty A jeste by me zajimalo co to bylo za veci co CF vubec smazalo jestli muzu?

[Rudy]

V prvním skenu smazal CF skriptový virus a adware, ve druhém jsme jen odemykali zamčené reg. klíče.

[balix]

Tak dnes se zase zacaly lagy obevovat, znovu random connection problem apod.. 2 nebo 3 dny to nedelalo vubec, uplne bez problemu, po projeti PC ComboFixem s tim Vasim scriptem, ale jak rikam dnes to zase zacalo(sice uz ne tak moc, ale bojim se ze se to bude stupnovat - tak jako predtim.)

[Rudy]

On také může být problém v připojení k internetu. Jaké máte připojení?

[balix]

V pripojeni to nebude - mam tenhle internet 2 roky a nikdy mi to nedelalo .. jinak mam neomezeny mobilni internet od o2.

[Rudy]

On podstatě jiný důvod není, alespoň podle logů. Zkuste restart modemu a uvidíte. U připojení neznamená, že když šlo 2roky dobře, že to tak musí být pořád. Neinstaloval jste něco, po čem se tyto problémy objevily?

[balix]

Restart modemu jsem zkousel snad tisickrat .. nevim o tom ze bych v nedavne dobe neco instaloval. Tak netusim cim to muze byt. Je divne ze potom co ste mi pomohl tak byl 3 dny klid a ted to zase zacina.

[Rudy]

Je divne ze potom co ste mi pomohl tak byl 3 dny klid a ted to zase zacina.

To mi právě napovídá, že s připojením nemusí být vše v pořádku. Udělejte tedy ještě jeden sken ComboFix a uvidíme.