Přihlášení do mojebanka.cz

[abrit]

Přeji pěkný den. Dnes jsem se přihlašoval do banky (KB) a nešlo mi zobrazit nic na účtech. Po zavolání operátorovi mi bylo sděleno, že mám pravděpodobně malware. Poradil mi udělat scan anti virem - essential. Našlo to nějaké věci, které jsem v karanténě smazal. Udělal jsem také scan Malwarebytes anti malware. Taky to našlo asi 10 problémů. Včištěno. Každou operaci jsem opakoval 2x. Nebylo nalezeno nic nového. Přesto problém přetrvává. Když otevřu Firefox, tak mi to ukáže v pravém horním rohu - Ad by prricEchop | Close This Ad. Toto odkliknu na close this ad a potom to zmizí. Nicméně stále do banky nemůžu. Nechci formátovat systém. Poradíte mi? Předem moc děkuji.

tady je log z RSIT:

info.txt logfile of random's system information tool 1.10 2014-08-01 11:53:41

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A0100000000008001010007FEFFFF3F0000008DF2340C00FEFFFF07FEFFFFCCF2340CF5895E22000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

µTorrent CZ 1.7.7 (build 8179)-->"C:\Program Files\uTorrent\unins000.exe"
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe Acrobat 7.0 Professional - Czech, Polish, Greek-->msiexec /I {AC76BA86-1033-C740-7760-100000000002}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 14 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_14_0_0_145_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Aktualizace NVIDIA 10.4.0-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6A13B28B-1C36-4379-8167-7D7E3322980C}\NVI2.DLL",UninstallPackage Display.Update
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
AVG Security Toolbar-->C:\Program Files\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL
BusinessCardsMX 3.91-->"C:\Program Files\MOJOSOFT\BusinessCardsMX3\unins000.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Defraggler-->"C:\Program Files\Defraggler\uninst.exe"
Epson Easy Photo Print 2-->C:\Program Files\InstallShield Installation Information\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}\SETUP.EXE -runfromtemp -l0x0009 UNINST -removeonly
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
Epson Stylus SX110_TX110 Manuál-->C:\Program Files\EPSON\TPMANUAL\ESSX110_TX110\CZE\USE_G\DOCUNINS.EXE
Google Chrome-->"C:\Program Files\Google\Chrome\Application\34.0.1847.116\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Malwarebytes Anti-Malware verze 2.0.2.1012-->"C:\Program Files\Malwarebytes Anti-Malware\unins000.exe"
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Security Client-->MsiExec.exe /X{36A345C9-0691-45A1-AEEF-29ECEC8B5014}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 31.0 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscCopy Gadget 10-->MsiExec.exe /X{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}
Nero DiscCopyGadget 10 Help (CHM)-->MsiExec.exe /X{5F548A02-80BC-404D-BAE6-F05F9BF6B449}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
NVIDIA Ovladač 3D Vision 335.23-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6A13B28B-1C36-4379-8167-7D7E3322980C}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladače grafiky 335.23-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6A13B28B-1C36-4379-8167-7D7E3322980C}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
Odinstalace tiskárny EPSON SX110 Series-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSFBE.EXE /R /APD /P:"EPSON SX110 Series"
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {054F96E9-E89B-3DDB-AA70-A65194B921B4}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7DFD2B8-0CD1-4A51-AC71-A0582FE796C2}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A514D470-B2E9-43BC-865B-5ECEE29AD33F}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {25E99E7A-DEA7-4077-856B-9DBA15BEE045}
Silver Efex Pro 2-->C:\Program Files\Nik Software\Silver Efex Pro 2\Uninstall Silver Efex Pro 2.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy 2\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
TuneUp Utilities 2013-->C:\Program Files\TuneUp Utilities 2013\TUInstallHelper.exe --Trigger-Uninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}
VLC media player 2.1.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Your Uninstaller! 2010-->"C:\Program Files\Your Uninstaller 2010\unins000.exe"
Zoner Photo Studio 15-->"C:\Program Files\Zoner\Photo Studio 15\unins000.exe"
Zoner Photo Studio 16 - Obálky a šablony-->"C:\Program Files\Zoner\Photo Studio 16\unins001.exe"
Zoner Photo Studio 16-->"C:\Program Files\Zoner\Photo Studio 16\unins000.exe"

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======System event log======

Computer Name: Juraj-PC
Event Code: 7036
Message: Stav služby MBAMService byl změněn na: Spuštěno
Record Number: 45791
Source Name: Service Control Manager
Time Written: 20140801091318.706054-000
Event Type: Informace
User:

Computer Name: Juraj-PC
Event Code: 7036
Message: Stav služby Instalační služba modulů systému Windows byl změněn na: Spuštěno
Record Number: 45790
Source Name: Service Control Manager
Time Written: 20140801091305.112304-000
Event Type: Informace
User:

Computer Name: Juraj-PC
Event Code: 104
Message: Byl vymazán soubor protokolu Windows PowerShell.
Record Number: 45789
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140801091217.627929-000
Event Type: Informace
User: Juraj-PC\Juraj

Computer Name: Juraj-PC
Event Code: 104
Message: Byl vymazán soubor protokolu TuneUp.
Record Number: 45788
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140801091217.581054-000
Event Type: Informace
User: Juraj-PC\Juraj

Computer Name: Juraj-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 45787
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140801091217.440429-000
Event Type: Informace
User: Juraj-PC\Juraj

=====Application event log=====

Computer Name: Juraj-PC
Event Code: 1903
Message:
Record Number: 9141
Source Name: HHCTRL
Time Written: 20140801091943.000000-000
Event Type: Informace
User:

Computer Name: Juraj-PC
Event Code: 903
Message: Služba Ochrana softwaru byla ukončena.

Record Number: 9140
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20140801091713.000000-000
Event Type: Informace
User:

Computer Name: Juraj-PC
Event Code: 1000
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně načteny. Data záznamu v datové části obsahují nové indexové hodnoty přiřazené této službě.
Record Number: 9139
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20140801091702.166992-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Juraj-PC
Event Code: 1001
Message: Čítače výkonu pro službu WmiApRpl (WmiApRpl) byly úspěšně odstraněny. Data záznamu obsahují nové hodnoty položek Last Counter a Last Help systémového registru.
Record Number: 9138
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20140801091702.010742-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Juraj-PC
Event Code: 1903
Message:
Record Number: 9137
Source Name: HHCTRL
Time Written: 20140801091448.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Juraj-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13444
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140801094716.682617-000
Event Type: Úspěšný audit
User:

Computer Name: Juraj-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: JURAJ-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x1ec
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 13443
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140801094716.682617-000
Event Type: Úspěšný audit
User:

Computer Name: Juraj-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 13442
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140801091303.831054-000
Event Type: Úspěšný audit
User:

Computer Name: Juraj-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: JURAJ-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x1ec
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 13441
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140801091303.831054-000
Event Type: Úspěšný audit
User:

Computer Name: Juraj-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-2899014422-936247723-3131638600-1001
Název účtu: Juraj
Název domény: Juraj-PC
ID přihlášení: 0x1c610
Record Number: 13440
Source Name: Microsoft-Windows-Eventlog
Time Written: 20140801091217.315429-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02

-----------------EOF-----------------

[JaRon]

ahoj,
1. prescanuj PC s MBAM - kompletna kontrola - log sem
2. je problem s bankou aj cez MSIE a Chrome ?

[abrit]

Problem je pouze u Firefox a Chrome. U IE jsem se v pohodě dostal na všechny bankovní položky. Přescanuju MBAM a pošlu log. Díky. JM

[abrit]

Tady je čerstvý log MBAM. Nic to nenašlo a přesto je stále problém ve FIREFOX a Chrome:

<?xml version="1.0" encoding="UTF-8"?>

-<logs>

<record toVersion="2014.8.1.1" name="Malware Database" last_modified_tag="d14e4149-695d-4762-a440-40ffdec912db" fromVersion="2014.7.31.3" systemname="JURAJ-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-08-01T08:04:14.234375+02:00" LoggingEventType="1" severity="debug"/>

<record last_modified_tag="b3ad0951-8383-482f-81ce-28d6255f5ff8" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T08:04:18.296875+02:00" LoggingEventType="2" severity="debug" subtype="Refresh" result="Starting"/>

<record last_modified_tag="5921a616-2b56-4cd2-925f-b0ad17133544" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T08:04:23.890625+02:00" LoggingEventType="2" severity="debug" subtype="Refresh" result="Success"/>

<record last_modified_tag="4df7158d-3587-4575-9425-7e3b37aee96c" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T09:18:15.107421+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Stopping"/>

<record last_modified_tag="1ae34b3d-06b0-4b87-baaf-4294c7e09dcd" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T09:18:15.873046+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Stopped"/>

<record last_modified_tag="306f51f7-6a37-41a5-8ae7-132aedbb8028" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T11:14:17.198242+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Starting"/>

<record last_modified_tag="22049531-ace5-4d06-a44e-982eb7d637ad" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T11:14:17.229492+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Started"/>

<record last_modified_tag="7fd50cd3-df22-4119-9b85-e0c5722abc07" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T11:14:19.307617+02:00" LoggingEventType="2" severity="debug" subtype="Malicious Website Protection" result="Starting"/>

<record last_modified_tag="be7d29cf-aa38-4ce0-a21e-29a1355443e9" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T11:14:43.807617+02:00" LoggingEventType="2" severity="debug" subtype="Malicious Website Protection" result="Started"/>

<record last_modified_tag="1ee65dc1-62fc-49d7-9851-f7ef5bac316e" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:11:29.628906+02:00" LoggingEventType="2" severity="debug" subtype="Malicious Website Protection" result="Stopping"/>

<record last_modified_tag="1478b402-5f7e-47c8-a69f-db0873010d20" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:11:29.941406+02:00" LoggingEventType="2" severity="debug" subtype="Malicious Website Protection" result="Stopped"/>

<record last_modified_tag="48fc39ee-2407-46d9-ac1f-e0af13f7259d" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:11:29.957031+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Stopping"/>

<record last_modified_tag="7ca94681-7c7f-4356-abc2-a619e8355a8c" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:11:42.644531+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Stopped"/>

<record toVersion="2014.7.17.1" name="Rootkit Database" last_modified_tag="764eda3a-f297-4bc3-aec3-ab747aed5590" fromVersion="2014.2.20.1" systemname="JURAJ-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-08-01T14:19:29.955078+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.8.1.1" name="Malware Database" last_modified_tag="e25e927b-7f86-45c7-a0e4-c470e106210a" fromVersion="2014.3.4.9" systemname="JURAJ-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-08-01T14:19:36.126953+02:00" LoggingEventType="1" severity="debug"/>

<record last_modified_tag="b4ef125e-969a-40ec-afed-22312256ab87" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:19:37.345703+02:00" LoggingEventType="2" severity="debug" subtype="Refresh" result="Starting"/>

<record last_modified_tag="1895b7b0-cd30-437d-82a3-df2200b794ce" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:19:42.767578+02:00" LoggingEventType="2" severity="debug" subtype="Refresh" result="Success"/>

<record last_modified_tag="3fc51229-c542-4359-9aba-9db1a9d97ac8" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:19:44.611328+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Starting"/>

<record last_modified_tag="d40f1ea7-f8c8-46db-a401-33c34cedd811" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:19:44.626953+02:00" LoggingEventType="2" severity="debug" subtype="Malware Protection" result="Started"/>

<record last_modified_tag="ffef7e0f-207a-45fa-ba5a-14103c585b0a" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:19:45.767578+02:00" LoggingEventType="2" severity="debug" subtype="Malicious Website Protection" result="Starting"/>

<record last_modified_tag="e97a1915-01b7-4690-9f84-e29469661898" systemname="JURAJ-PC" username="SYSTEM" type="Protection" source="Protection" datetime="2014-08-01T14:20:12.745117+02:00" LoggingEventType="2" severity="debug" subtype="Malicious Website Protection" result="Started"/>

</logs>

[abrit]

Pomůže mi udělat čištění s ComboFix?

[abrit]

Udělal jsem LOG z HiJack. Snad se tady něco najde. Problém stále přetrvává. Díky za vaší pomoc.JM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:43:45, on 1.8.2014
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\VM305_STI.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Juraj\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [BigDog305] C:\Windows\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\system32\nlssrv32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

--
End of file - 7216 bytes

[abrit]

Udělal jsem pro jistotu log z ComboFix. Vážně uvažuju o formát - c.
Prosím co mám v PC? Jsem už z toho, že nic nemůžu najít unavený a jdu spát. V noci se tady podívám. Pro jistotu jsem taky smazal Spybot & destory. Díky za vaši pomoc. JM

ComboFix 14-08-02.02 - Juraj 01.08.2014 21:59:05.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.2086 [GMT 2:00]
Spuštěný z: c:\users\Juraj\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Guest\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Juraj\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Juraj\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Juraj\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Juraj\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Juraj\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Juraj\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Juraj\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ggliacnokikgcpkdcgmllkkecjdjemll_0.localstorage
c:\users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Juraj\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Juraj\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Juraj\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Juraj\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Juraj\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Juraj\AppData\Local\Chromatic Browser\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Juraj\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol
c:\users\Juraj\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\background.html
c:\users\Juraj\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\content.js
c:\users\Juraj\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\Jx9nAa4.js
c:\users\Juraj\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\lsdb.js
c:\users\Juraj\AppData\Local\Torch\User Data\Default\Extensions\nipddbpjffdodmpnimbndomjoackpbol\3.9\manifest.json
c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\j5kngbbe.default\extensions\aga@jieeu.edu
c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\j5kngbbe.default\extensions\aga@jieeu.edu\bootstrap.js
c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\j5kngbbe.default\extensions\aga@jieeu.edu\content\bg.js
c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\j5kngbbe.default\extensions\aga@jieeu.edu\chrome.manifest
c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\j5kngbbe.default\extensions\aga@jieeu.edu\install.rdf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-07-01 do 2014-08-01 )))))))))))))))))))))))))))))))
.
.
2014-08-01 20:04 . 2014-08-01 20:04 -------- d-----w- c:\users\Juraj\AppData\Local\temp
2014-08-01 20:04 . 2014-08-01 20:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-01 19:51 . 2014-08-01 19:51 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CDAAC489-DA83-4C71-9EAF-9221B46BDD2D}\MpKsl59577ef9.sys
2014-08-01 12:19 . 2014-08-01 17:06 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-01 12:18 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-01 12:18 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-01 12:18 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-01 12:03 . 2014-08-01 12:03 -------- d-sh--w- c:\users\Juraj\AppData\Local\EmieUserList
2014-08-01 12:03 . 2014-08-01 12:03 -------- d-sh--w- c:\users\Juraj\AppData\Local\EmieSiteList
2014-08-01 09:53 . 2014-08-01 09:53 -------- d-----w- C:\rsit
2014-08-01 09:53 . 2014-08-01 09:53 -------- d-----w- c:\program files\trend micro
2014-08-01 05:56 . 2014-07-02 03:11 8217224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CDAAC489-DA83-4C71-9EAF-9221B46BDD2D}\mpengine.dll
2014-07-30 21:00 . 2014-07-02 03:11 8217224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-29 18:35 . 2014-05-02 05:04 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{36933F19-E7D0-4357-BDF4-A82A9A1601BB}\gapaengine.dll
2014-07-29 07:24 . 2014-08-01 06:15 -------- d-----w- c:\program files\GS Supporter
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\users\Juraj\AppData\Local\Torch
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\users\Juraj\AppData\Local\Chromatic Browser
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\programdata\38ac4cfc01e439c0
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\users\Juraj\AppData\Local\Comodo
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\users\HomeGroupUser$
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\users\Guest
2014-07-29 07:21 . 2014-07-29 07:21 -------- d-----w- c:\users\Administrator
2014-07-27 09:50 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-07-27 09:50 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2014-07-27 09:50 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-07-27 09:50 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-07-27 09:50 . 2001-09-05 13:24 610436 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-07-27 09:44 . 2003-09-03 00:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2014-07-27 09:44 . 2003-09-03 00:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2014-07-27 09:44 . 2003-09-03 00:23 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2014-07-27 09:44 . 2014-07-27 09:44 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2014-07-27 09:44 . 2014-07-27 09:44 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2014-07-27 09:44 . 2003-09-03 00:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2014-07-27 09:44 . 2003-09-03 00:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2014-07-27 09:44 . 2003-09-03 00:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2014-07-13 20:26 . 2014-08-01 19:57 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-07-13 20:25 . 2014-08-01 19:57 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2014-07-10 19:38 . 2014-05-30 06:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-10 19:38 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-10 19:38 . 2014-06-30 01:40 404480 ----a-w- c:\windows\system32\aepdu.dll
2014-07-10 19:38 . 2014-06-30 01:36 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-07-10 19:38 . 2014-06-05 14:26 1059840 ----a-w- c:\windows\system32\lsasrv.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-10 07:02 . 2014-04-06 16:58 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-10 07:02 . 2014-04-06 16:58 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-08 09:06 . 2014-06-12 14:35 2742784 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-08 09:06 . 2014-06-12 14:35 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"BigDog305"="c:\windows\VM305_STI.EXE" [2005-08-05 61440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-04-10 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe [2014-4-7 25214]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-18 108032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-04-06 1343400]
R4 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-06 243128]
S1 MpKsl59577ef9;MpKsl59577ef9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CDAAC489-DA83-4C71-9EAF-9221B46BDD2D}\MpKsl59577ef9.sys [2014-08-01 39464]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [2011-02-21 66560]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-03-04 411936]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-12-10 1729336]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-18 10088]
S3 ZSMC0305;A4 TECH PC Camera V;c:\windows\system32\Drivers\usbVM305.sys [2006-05-08 391688]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL59577EF9
*Deregistered* - avgtp
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-09 17:52 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-06 07:02]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.gboxapp.com/
mStart Page = hxxp://search.gboxapp.com/
uInternet Settings,ProxyServer = localhost:8080
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést vybrané vazby do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
TCP: DhcpNameServer = 82.99.136.18 79.170.251.166 212.158.128.2
FF - ProfilePath - c:\users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\j5kngbbe.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG15.00.00.01PROFESSIONAL"="FCDEAB4FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667C038D530D6EB34529DB7CE019D40AA5C0F726B0C6D933A5393C75ABE7E78A247E6B8E3A76A9AF0FBA720EBBBEDFCF9DE4FC6DD6D1936263327236872035A363FBC6D4CD989321DC86DF9BD6CA6C360E202EECD65D42D968856C26EF3FA4A678B188D7C9375AEA5CF0FA86229A6ECF3D4F51F408295B17D99E7EEB38EA6A738C05A979CFBD9354192240082989F033C471E1F80863851D1A34802C3402A25B167079C18EF43BD26876BE48C122861C1BA12C81CE57BEC8FD607EE6CBB8F485EFDC74020FE23931319C6D132203BB712278B8D654B84BB345658384266C06CCEF36ABDA76A4E5647A53C556686370EBE78E9EE7114584742BB14769BDB1041952F5E61E72C7E7A09FEF59164B75E3BDD8C31841D51646DC0913756956B3049CB09B80CDCED51C62069C03D285DD6EA0A36067A0348765F3BD8DE170C953BDA8C4DB3344691C75758210F2173D12C9FDEBDB50F887343A3BD84D00F24922C9FF6BDABE2A727C79C83D3F71D4BA84A2E7F5D2E96D00061925E7EF5A445CBE418AE9020344A791AD9F523B224782585BD914480F6C8CECCDA31A0D7D499E02918DB6CB75ABA83ED2608A420BA87BF144DBD95E62C1D7664FE523C28AF11A321C3AAEF3B9AC77252EE96E2BF7A4B2490ABB1E73AC5BFBE6AD3DE93395A5F9A59164A2C964E862C3E7282DAB99458B3787E2046F9E667288803FA62050B790142DFECA5DAE2CD488945B00155C807832FBEBEAFC8460F61C98BCCD026109B43AFC1CCD4BD58BB90F34F88B9036F755BF9B9C5986D3073511DBD7E01DCC9C506DA34A3A7174630061C4B775E53700537840F74E55303971155403F868B2B3BA0DF0131FEE453CD5C89CA6FBEFCCA5949DC330BF488B2C1ED2A0DC1E9BC3C811BBEC73BAF47BEFDF825AF629BD8925C73F3EF5091C046F96A37703D261B9BE4355DFA86040359EBF93B33CBABE4ECBBD122620E03D3D8913B7C8EEA2CF576F4E08260E0B58287882DFE60A698C313682E217A117C3A9998CADBDA895E429303465A931879D04487170596F2003BD4170A8F7D2A2B94CC66B49D205E9718C9A83E778302F21F9AE1EEC60B37F3B49341996F03B12DA548144C6EFC2D21B1863F57CBF2F43A44AD522021C37BFB3F4624C527F87E1553F77F17DB62C0BDEFC9E655B1F8CB5D36325AC9D51E4B900BF5C02A81A0F0EB2A5A4D4D5915691ED7A6022E64FEE7DD94703E408BC8399FEEC1DC992D8D672BD705615DBF31786C8E47388B05C52C2F9E48058A49C8D70D65DC80953BA9CA41AE9C65E8492245C562E5744D165E00BBB8287B657DF441AC8A8C78D8A2B10392A75E49C595ABAA3743536604"
"OODEFRAG11.00.00.01WORKSTATION"="0AE6B482144B0BDB9F3039CA3854B60DE39E0FFAEEE16DE2318F52885ED8815EA36A1AD18FBF75C193B434DF93D99D2D5CB4AFC66F5B91B9F631390B5F24F7AFDE2FCBA1E70C1649D04BA8F433C6B5834AA1250545CE57006BC5490D79673BF9984139BED42431C8F5B5F211A50F41EDB278DB15F4529CBE18CF9A64447A648E7D384719A4C0BD79793966DB8C6C3430EC4CB0F7943F72605BD6380E6D78422011295047B75D6678211EC6241F5B37F0A73977D650B41E35E5E324A93441D8C8AA309F8003BA0B470930D0DB279DA538625B78F9E5931A6F3F874F7CEBFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D14078EDD5E5BE2F6E667C038D530D6EB34529DB7CE019D40AA5C6028030B6863117100B6E2C2C2AEF93784AD5B0DE2863A51078F6AD54E72EBE3CB7622E05A9D89FCADBF881D1F779B121F1C8CD4841A70D436D78A9C50096B4B4C8BD8265142D9CA2C06F04E9712E131D2159A0E37C6FBF33A9E362F9FA8798B3AFC0BD405CC25157637A753D1A8EADE5B08595DB10511B2B0ADAC74A63804F734127CB92DB2B224C8BB9CFEF6DC757C37960238AFC2892379850DA84F0F1EFB1AC75A7488596DD9A72C23F6B842E47EA918AF697061E170375ADE5A0CFC7D16124E32FA581D632757D5F1B447E1C16D3996658F3835BAD753910BEE52C3FAD8858B7517624B4993E2BA25865936B764B250041F4F07592A7A495E9D981A15E82097F9E370A8F33C1910BC0D2B30969523B7565D0095A7CC1BCE0AF15D286D02D4BC7C52CFEB5F4F8A409ABFFAB252435F7488E41B10B0386BA7234CA08E4A72D67E99A653BF2B8F0EE687668A9703C67EDFA9A5F29CA6FAE10A255FE6DC951CA08FD47BCEC218D4BD572DA021A9E30C5A883061E0D25DB5BAE16CB4B71BDD756ED9933C9D088F8AF8961DDD0A2AD51392B272AEBF414F1E77CDB92623C15309C27721A99B181AAFDF5DC86791CA5D710C522EF96EE8177DDB23B264B5BECC7361BB2C592CEA68575A1A09D30D35204E6B930400523DF7AFEE68607287F545E8542A45B3B373CCA992ED1912D1866CE59DD377D4D029D5A7FC59312AAD3C582FE8FA64F49C913DE0F4AF97E43BCB3009CFA7EF5FD708B8EA186476B4C8DA4AA0AF9AE32ED41ED64D34E688E0278B011CF754BCD9D4AC4F9013AEE494F6917F2A7EA901444DE2D65147D15370F8BD94164BD30C52BDDA6948058F961BDC9181D0EC7DDFF0FBA020E368E1C2CF164C4984C455F2AD084B7C52CB11877024000028D99D05BFD988BA1294BD8692EA999D88A53BE92031ABA08306741B127978CBDB65C6DC12E542CF790F3D321E64F73653ED9B4EB6389D13C5992C95CD0D07DA2A75E9B49BA0E830CD5DEF3D2C7631D9B0E642DD"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-08-01 22:06:24
ComboFix-quarantined-files.txt 2014-08-01 20:06
.
Před spuštěním: Volných bajtů: 74 064 924 672
Po spuštění: Volných bajtů: 74 244 657 152
.
- - End Of File - - B1302F90D4AF5D7CB8D1A79BC97A02A5
A36C5E4F47E84449FF07ED3517B43A31

[JaRon]

1. nevidim ziadny problem pouzivat pre IB prehliadac MSIE
2. odinstalovanie SpyBot - dobry krok
3. pouzitie CF - zly krok - mal by ho pouzivat iba odbornik, alebo na doporucenie radcu
pokial chces format tak to urob, je to zbytocny krok
4. prescanuj PC s AVPTool

[abrit]

Díky za rady. Už je to v pořádku. Příjemný den. JM

[JaRon]

rado sa stalo - tiez prajem pekny den