Preventivka

Zpráva

spisiacka · #1 Příspěvek od **spisiacka** » 18 lis 2014 21:08

Dakujem .....

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lubo at 2014-11-18 21:04:02
Microsoft Windows 7 Professional N Service Pack 1
System drive C: has 23 GB (46%) free of 50 GB
Total RAM: 2730 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:05:28, on 18. 11. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Lubo\Downloads\RSIT.exe
C:\Program Files\trend micro\Lubo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Rich Media Player - {FEB703F7-E7B2-4AB0-9566-87658AC70095} - C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [IgfxTray] "C:\Windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\Windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O20 - AppInit_DLLs: Ľx+
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe

--
End of file - 6650 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}]
Rich Media Player - C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll [2013-03-12 120600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-08-09 143176]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-08-09 181232]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-08-09 189936]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-02-20 1994752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="Ľx+ "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-06-27 330752]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-18 21:04:02 ----D---- C:\rsit
2014-11-01 08:29:07 ----A---- C:\Windows\system32\ff_vfw.dll
2014-11-01 08:29:06 ----A---- C:\Windows\system32\pthreadGC2.dll
2014-11-01 08:29:05 ----D---- C:\Program Files\ffdshow
2014-11-01 08:29:00 ----D---- C:\Program Files\Haali
2014-11-01 08:28:57 ----D---- C:\Program Files\AviSynth 2.5
2014-11-01 08:28:38 ----D---- C:\Program Files\Common Files\SourceTec
2014-11-01 08:28:38 ----A---- C:\Windows\system32\wvc1dmod.dll
2014-11-01 08:28:38 ----A---- C:\Windows\system32\pncrt.dll
2014-11-01 07:45:13 ----D---- C:\Users\Lubo\AppData\Roaming\Digiarty
2014-11-01 07:36:29 ----D---- C:\Program Files\Video DVD Maker
2014-10-31 20:33:02 ----A---- C:\Windows\system32\ssubtmr6.dll
2014-10-28 23:09:43 ----D---- C:\Users\Lubo\AppData\Roaming\Xilisoft
2014-10-28 23:08:41 ----D---- C:\ProgramData\Xilisoft
2014-10-28 23:08:41 ----D---- C:\Program Files\Xilisoft
2014-10-28 22:53:02 ----D---- C:\Users\Lubo\AppData\Roaming\CyberLink
2014-10-28 22:49:44 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-10-28 22:46:25 ----D---- C:\ProgramData\PDVD
2014-10-28 22:46:16 ----D---- C:\Program Files\NSIS Uninstall Information
2014-10-28 22:40:14 ----D---- C:\ProgramData\Norton
2014-10-28 22:40:09 ----D---- C:\ProgramData\NortonInstaller
2014-10-28 22:39:36 ----D---- C:\ProgramData\SUPPORTDIR
2014-10-28 21:29:35 ----D---- C:\Program Files\CyberLink
2014-10-28 21:27:39 ----D---- C:\ProgramData\CyberLink
2014-10-28 21:27:38 ----D---- C:\ProgramData\Temp
2014-10-28 21:27:27 ----D---- C:\ProgramData\install_clap
2014-10-28 20:17:50 ----D---- C:\Program Files\Common Files\Wondershare
2014-10-28 20:03:24 ----D---- C:\ProgramData\Freemake
2014-10-28 20:03:03 ----D---- C:\Program Files\Freemake

======List of files/folders modified in the last 1 month======

2014-11-18 21:04:16 ----D---- C:\Windows\Prefetch
2014-11-18 21:04:08 ----D---- C:\Program Files\trend micro
2014-11-18 21:03:57 ----D---- C:\Windows\Temp
2014-11-18 20:36:07 ----D---- C:\Windows\System32
2014-11-18 20:36:07 ----D---- C:\Windows\inf
2014-11-18 20:36:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-18 20:31:46 ----A---- C:\Windows\system32\rpcnetp.exe
2014-11-18 20:31:43 ----A---- C:\Windows\system32\rpcnet.dll
2014-11-18 20:30:58 ----D---- C:\ProgramData\NVIDIA
2014-11-18 20:30:52 ----HD---- C:\ProgramData
2014-11-18 20:30:12 ----D---- C:\AdwCleaner
2014-11-18 20:30:10 ----RD---- C:\Program Files
2014-11-18 20:30:10 ----D---- C:\Windows\system32\Tasks
2014-11-18 09:26:00 ----D---- C:\Users\Lubo\AppData\Roaming\vlc
2014-11-17 19:25:22 ----SHD---- C:\System Volume Information
2014-11-17 08:20:21 ----D---- C:\Windows\system32\catroot2
2014-11-15 23:37:14 ----D---- C:\Windows\system32\config
2014-11-15 13:38:03 ----SHD---- C:\Windows\Installer
2014-11-15 13:33:58 ----D---- C:\Windows\Tasks
2014-11-01 09:48:11 ----D---- C:\Users\Lubo\AppData\Roaming\dvdcss
2014-11-01 08:28:38 ----D---- C:\Program Files\Common Files
2014-10-31 20:31:45 ----SD---- C:\ProgramData\Microsoft
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-28 23:19:15 ----D---- C:\Windows\winsxs
2014-10-28 23:05:34 ----D---- C:\Windows\system32\drivers
2014-10-28 23:04:59 ----HD---- C:\Program Files\InstallShield Installation Information
2014-10-28 23:04:25 ----D---- C:\Windows\system32\catroot
2014-10-28 22:41:11 ----D---- C:\Users\Lubo\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-09-12 27424]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-12-22 721904]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [2010-07-26 14080]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MpKslebf83089;MpKslebf83089; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9EF0AC5-B3C4-4530-91EC-6FC4BBF2ADF3}\MpKslebf83089.sys [2014-11-18 39464]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2012-05-23 2925568]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2013-06-27 3767296]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-07-01 289792]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-01-03 246488]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aev10opl;aev10opl; C:\Windows\system32\drivers\aev10opl.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 17408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2010-04-07 99896]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-11-11 664352]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2014-09-09 69792]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 0c632643;Interenet Optimizer; c:\progra~2\intere~1\InterenetOptimizerSvc.dll,service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent; C:\Program Files\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [2012-05-03 77824]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2013-08-09 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21 116648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-09-22 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 18 lis 2014 21:17

Dobry vecer

Neco se tam najde

Odinstalujte Skype Click to Call

Dnes jste pouzil AdwCleaner... pouzil jste i moznost Clean? Poslete z nej log C:\AdwCleaner\AdwCleaner [Sx].txt

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu zoek.exe http://hijackthis.nl/smeenk/zoek.htm

spustte jako spravce
do velkeho okna zkopirujte script uvedeny nize
kliknete na Run script
po restartu na Vas vyskoci log (pripadne jej najdete v C:\zoek-results.log) - vlozte mi jej do pristi odpovedi
Kód: Vybrat vše
```
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
```

spisiacka · #3 Příspěvek od **spisiacka** » 18 lis 2014 21:47

# AdwCleaner v4.101 - Report created 18/11/2014 at 20:28:54
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Professional N Service Pack 1 (32 bits)
# Username : Lubo - LUBO-PC
# Running from : C:\Users\Lubo\Downloads\adwcleaner_4.101.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\ProgramData\1520242a5fa2aee5
Folder Found : C:\ProgramData\2308189059
Folder Found : C:\ProgramData\CouponFactory
Folder Found : C:\ProgramData\DiscounTLoCatOr
Folder Found : C:\ProgramData\DiscountLocator
Folder Found : C:\ProgramData\Interenet Optimizer
Folder Found : C:\ProgramData\SafetyNut
Folder Found : C:\ProgramData\SmartCompare
Folder Found : C:\Users\Lubo\AppData\Local\globalUpdate
Folder Found : C:\Users\Lubo\AppData\Roaming\RHEng
Folder Found : C:\Users\Lubo\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****

Task Found : LaunchSignup
Task Found : YourFile DownloaderUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\intere~1\intere~1.dll
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81d0a4a0-6b46-462a-a180-c3443ca2f7f7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{a8f6041a-ec9d-408e-ae07-f611dc23e263}
Key Found : HKLM\SOFTWARE\Classes\DiscountLocator.DiscountLocator
Key Found : HKLM\SOFTWARE\Classes\DiscountLocator.DiscountLocator.9
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\SmartCompare.SmartCompare
Key Found : HKLM\SOFTWARE\Classes\SmartCompare.SmartCompare.9
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{81d0a4a0-6b46-462a-a180-c3443ca2f7f7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f6041a-ec9d-408e-ae07-f611dc23e263}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{81d0a4a0-6b46-462a-a180-c3443ca2f7f7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a8f6041a-ec9d-408e-ae07-f611dc23e263}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A9F7A981-09A3-C1F7-2D46-1BA20CFDF02F}
Key Found : HKLM\SOFTWARE\SafetyNut
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x64]
Value Found : HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v38.0.2125.111

[C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Found [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl

*************************

AdwCleaner[R0].txt - [10692 octets] - [26/07/2014 21:50:59]
AdwCleaner[R1].txt - [4980 octets] - [18/11/2014 20:28:54]
AdwCleaner[S0].txt - [10331 octets] - [26/07/2014 21:52:47]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [5101 octets] ##########

# AdwCleaner v4.101 - Report created 18/11/2014 at 20:30:07
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Professional N Service Pack 1 (32 bits)
# Username : Lubo - LUBO-PC
# Running from : C:\Users\Lubo\Downloads\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\2308189059
Folder Deleted : C:\ProgramData\DiscounTLoCatOr
[!] Folder Deleted : C:\ProgramData\Interenet Optimizer
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\CouponFactory
Folder Deleted : C:\ProgramData\SmartCompare
Folder Deleted : C:\ProgramData\1520242a5fa2aee5
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\Lubo\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Lubo\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Lubo\Documents\Optimizer Pro

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchSignup
Task Deleted : YourFile DownloaderUpdate

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\DiscountLocator.DiscountLocator
Key Deleted : HKLM\SOFTWARE\Classes\DiscountLocator.DiscountLocator.9
Key Deleted : HKLM\SOFTWARE\Classes\SmartCompare.SmartCompare
Key Deleted : HKLM\SOFTWARE\Classes\SmartCompare.SmartCompare.9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c632643}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81d0a4a0-6b46-462a-a180-c3443ca2f7f7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{a8f6041a-ec9d-408e-ae07-f611dc23e263}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{81d0a4a0-6b46-462a-a180-c3443ca2f7f7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a8f6041a-ec9d-408e-ae07-f611dc23e263}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{81d0a4a0-6b46-462a-a180-c3443ca2f7f7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a8f6041a-ec9d-408e-ae07-f611dc23e263}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-0409-0000-0000000FF1CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A9F7A981-09A3-C1F7-2D46-1BA20CFDF02F}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\intere~1\intere~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v38.0.2125.111

[C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl

*************************

AdwCleaner[R0].txt - [10692 octets] - [26/07/2014 21:50:59]
AdwCleaner[R1].txt - [5181 octets] - [18/11/2014 20:28:54]
AdwCleaner[S0].txt - [10331 octets] - [26/07/2014 21:52:47]
AdwCleaner[S1].txt - [4799 octets] - [18/11/2014 20:30:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4859 octets] ##########

Zoek.exe v5.0.0.0 Updated 16-November-2014
Tool run by Lubo on ut 18. 11. 2014 at 21:26:29,35.
Microsoft Windows 7 Professional N 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lubo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

18. 11. 2014 21:28:09 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2E6973E0-E7B1-460E-9ED8-B294E17B115} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4083705C-85F1-4E57-A3D8-1D30DF853567} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18218B3-8937-4F9D-917D-C1A7D6D08B1C} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0D578C8-335-441B-8AE6-1CC97209693} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{3444C3C5-6C56-4A16-A453-832B05BF6EA4} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AA74D58F-ACD0-450D-A85E-6C04B171C044} deleted successfully

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\Lubo\AppData\Local\Wondershare deleted
C:\Users\Lubo\Documents\Add-in Express deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted
"C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions\IE\PluginRichmediaplayer.dll" deleted
"C:\Users\Lubo\AppData\Roaming\Intel" deleted
"C:\Program Files\Common Files\Wondershare" deleted
"C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions" not deleted
"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact" deleted
"C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions\IE" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
doagiokpgboiomffjfhaiimafndmmpni - C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx[]
fkcdbkhjcaljlfolhllfneigeepmjfim - C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx[]

Rich Media Downloader - Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\doagiokpgboiomffjfhaiimafndmmpni
topbuyer - Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodfplkmcomfebijlbpihednijmnkgfn
ECHO is off. - Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkidpnnapnfgjhfhkpmjpbckkbaodldb

==== Chromium Startpages ======================

C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",
"startup_urls": [ "http://www.msn.com/?pc=UP97&ocid=UP97DHP" ],

==== Chromium Fix ======================

C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cartridgesave.co.uk_0.localstorage deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cartridgesave.co.uk_0.localstorage-journal deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_allin1convert.dl.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eliteunzip.dl.tb.ask.com_0.localstorage deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_eliteunzip.dl.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.ask.com_0.localstorage deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.ask.com_0.localstorage-journal deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\doagiokpgboiomffjfhaiimafndmmpni deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodfplkmcomfebijlbpihednijmnkgfn deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkidpnnapnfgjhfhkpmjpbckkbaodldb deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkidpnnapnfgjhfhkpmjpbckkbaodldb_0.localstorage deleted successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkidpnnapnfgjhfhkpmjpbckkbaodldb_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE10SR"
{D9B157DD-F362-4BB5-9C43-51788286B78A} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully
HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{3DF4B26D-DB19-45DF-962A-6719D071245B} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\doagiokpgboiomffjfhaiimafndmmpni deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1CR deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1IE deleted successfully

==== Empty IE Cache ======================

C:\Users\Lubo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lubo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=103 folders=39 7946312 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lubo\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lubo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lubo\AppData\Local\Rich Media Player\BrowserExtensions" not found

==== EOF on ut 18. 11. 2014 at 21:43:12,61 ======================

#4 Příspěvek od **altrok** » 18 lis 2014 21:49

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

spisiacka · #5 Příspěvek od **spisiacka** » 18 lis 2014 21:55

nechce mi stiahnut FRSTLauncher ... ze je skodlivy

#6 Příspěvek od **altrok** » 18 lis 2014 21:57

Spustte tedy jen FRST.exe - prilozte i Addition.txt

spisiacka · #7 Příspěvek od **spisiacka** » 18 lis 2014 22:06

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-11-2014
Ran by Lubo (administrator) on LUBO-PC on 18-11-2014 21:59:48
Running from C:\Users\Lubo\Desktop
Loaded Profile: Lubo (Available profiles: Lubo)
Platform: Microsoft Windows 7 Professional N Service Pack 1 (X86) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: G - G:\SETUP.EXE
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {0afd8504-56f0-11e4-8036-823980f19e96} - H:\SISetup.exe
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {d75ff8bf-2463-11e3-9443-ce60523d829c} - G:\SETUP.EXE
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {ecf3e207-6b29-11e3-8074-d1fe50d23f97} - G:\install.exe
AppInit_DLLs: Ľx+ => Ľx+ File Not Found

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDA61267ED3B6CE01
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-3389371157-687349914-276502253-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3389371157-687349914-276502253-1000 -> {D9B157DD-F362-4BB5-9C43-51788286B78A} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @richmediaplayer.com/nppluginrichmediaplayer -> C:\Program Files\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3389371157-687349914-276502253-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-18]
CHR Extension: (Docs) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-21]
CHR Extension: (Disk Google) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-21]
CHR Extension: (YouTube) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-21]
CHR Extension: (Hľadať v Google) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-21]
CHR Extension: (Tabuľky Google) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-18]
CHR Extension: (Gmail) - C:\Users\Lubo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-21]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-08-09] (Intel Corporation)
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 rpcnet; C:\Windows\system32\rpcnet.exe [69792 2014-09-09] (Absolute Software Corp.)
S2 ZAtheros Wlan Agent; C:\Program Files\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [77824 2012-05-03] (Atheros) [File not signed]
S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~2\intere~1\InterenetOptimizerSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2925568 2012-05-23] (Qualcomm Atheros Communications, Inc.)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14080 2010-07-26] (ASUS)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [27424 2013-09-12] (NVIDIA Corporation)
R3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [246488 2014-01-03] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2013-12-22] () [File not signed]
U3 ar1kr944; C:\Windows\system32\Drivers\ar1kr944.sys [0 ] (Microsoft Corporation)
S1 MpKslebf83089; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D9EF0AC5-B3C4-4530-91EC-6FC4BBF2ADF3}\MpKslebf83089.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 21:59 - 2014-11-18 22:00 - 00011333 _____ () C:\Users\Lubo\Desktop\FRST.txt
2014-11-18 21:58 - 2014-11-18 21:59 - 00000000 ____D () C:\FRST
2014-11-18 21:52 - 2014-11-18 21:52 - 01108992 _____ (Farbar) C:\Users\Lubo\Desktop\FRST.exe
2014-11-18 21:40 - 2014-11-18 21:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-18 21:27 - 2014-11-18 21:43 - 00011882 _____ () C:\zoek-results.log
2014-11-18 21:26 - 2014-11-18 21:39 - 00000000 ____D () C:\zoek_backup
2014-11-18 21:25 - 2014-11-18 21:25 - 01294848 _____ () C:\Users\Lubo\Desktop\zoek.exe
2014-11-18 21:04 - 2014-11-18 21:05 - 00000000 ____D () C:\rsit
2014-11-18 21:03 - 2014-11-18 21:03 - 01107968 _____ () C:\Users\Lubo\Downloads\RSIT.exe
2014-11-18 20:28 - 2014-11-18 20:28 - 02140160 _____ () C:\Users\Lubo\Downloads\adwcleaner_4.101.exe
2014-11-18 11:56 - 2014-11-18 11:56 - 00002964 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-17.htm
2014-11-15 10:11 - 2014-11-15 10:11 - 00003330 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-14 (1).htm
2014-11-15 10:10 - 2014-11-15 10:10 - 00002676 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-13.htm
2014-11-15 10:07 - 2014-11-15 10:07 - 00003330 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-14.htm
2014-11-13 10:10 - 2014-11-13 10:10 - 00002978 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-10.htm
2014-11-13 10:10 - 2014-11-13 10:10 - 00002677 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-11.htm
2014-11-11 08:31 - 2014-11-11 08:31 - 00002658 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-09.htm
2014-11-07 09:39 - 2014-11-07 09:39 - 00026128 _____ () C:\Users\Lubo\Downloads\mKonto_c_0117_za_2014-08.htm
2014-11-07 09:39 - 2014-11-07 09:39 - 00026128 _____ () C:\Users\Lubo\Downloads\mKonto_c_0117_za_2014-08 (1).htm
2014-11-07 09:37 - 2014-11-07 09:37 - 00028142 _____ () C:\Users\Lubo\Downloads\mKonto_c_0117_za_2014-07.htm
2014-11-07 07:01 - 2014-11-07 07:01 - 00032283 _____ () C:\Users\Lubo\Downloads\mKonto_c_0117_za_2014-10.htm
2014-11-05 11:17 - 2014-11-05 11:17 - 00002657 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-04.htm
2014-11-05 11:17 - 2014-11-05 11:17 - 00002645 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-02.htm
2014-11-02 10:53 - 2014-11-02 10:53 - 00003259 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-11-01.htm
2014-11-01 11:59 - 2014-11-01 11:59 - 00002964 _____ () C:\Users\Lubo\Downloads\eMAIL_notifikácia_2014-10-31.htm
2014-11-01 08:29 - 2014-11-01 08:29 - 00000000 ____D () C:\Program Files\Haali
2014-11-01 08:29 - 2014-11-01 08:29 - 00000000 ____D () C:\Program Files\ffdshow
2014-11-01 08:29 - 2008-12-08 12:53 - 00057344 _____ () C:\Windows\system32\ff_vfw.dll
2014-11-01 08:29 - 2008-06-08 22:58 - 00060273 _____ (Open Source Software community project) C:\Windows\system32\pthreadGC2.dll
2014-11-01 08:28 - 2014-11-01 08:28 - 00000814 _____ () C:\Users\Public\Desktop\Sothink Movie DVD Maker.lnk
2014-11-01 08:28 - 2014-11-01 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sothink Movie DVD Maker
2014-11-01 08:28 - 2014-11-01 08:28 - 00000000 ____D () C:\Program Files\Common Files\SourceTec
2014-11-01 08:28 - 2014-11-01 08:28 - 00000000 ____D () C:\Program Files\AviSynth 2.5
2014-11-01 08:28 - 2010-07-15 11:30 - 00290816 _____ (SourceTec Software Co., LTD) C:\Windows\system32\stFLVSource.ax
2014-11-01 08:28 - 2009-08-17 09:54 - 01184984 _____ (Microsoft Corporation) C:\Windows\system32\wvc1dmod.dll
2014-11-01 08:28 - 2009-08-17 09:54 - 00438272 _____ (Gabest) C:\Windows\system32\Mpeg2DecFilter.ax
2014-11-01 08:28 - 2009-08-17 09:54 - 00278528 _____ (Real Networks, Inc) C:\Windows\system32\pncrt.dll
2014-11-01 08:28 - 2009-08-17 09:54 - 00217088 _____ (-) C:\Windows\system32\CoreFLACDecoder.ax
2014-11-01 08:28 - 2009-03-17 17:38 - 00070656 _____ () C:\Windows\system32\RLAPEDec.ax
2014-11-01 07:45 - 2014-11-01 07:45 - 00000000 ____D () C:\Users\Lubo\AppData\Roaming\Digiarty
2014-11-01 07:42 - 2014-11-01 07:43 - 34758368 _____ (Digiarty Software, Inc. ) C:\Users\Lubo\Downloads\winx-hd-converter-deluxe.exe
2014-11-01 07:36 - 2014-11-01 07:37 - 00000000 ____D () C:\Program Files\Video DVD Maker
2014-10-31 20:33 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\Windows\system32\trayicon_handler.ocx
2014-10-31 20:33 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\Windows\system32\ssubtmr6.dll
2014-10-28 23:09 - 2014-10-28 23:09 - 00002116 _____ () C:\Users\Public\Desktop\Xilisoft MP4 to DVD Converter.lnk
2014-10-28 23:09 - 2014-10-28 23:09 - 00000000 ____D () C:\Users\Lubo\AppData\Roaming\Xilisoft
2014-10-28 23:09 - 2014-10-28 23:09 - 00000000 ____D () C:\Users\Lubo\AppData\Local\Xilisoft
2014-10-28 23:09 - 2014-10-28 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2014-10-28 23:08 - 2014-10-28 23:08 - 00000000 ____D () C:\ProgramData\Xilisoft
2014-10-28 23:08 - 2014-10-28 23:08 - 00000000 ____D () C:\Program Files\Xilisoft
2014-10-28 22:53 - 2014-10-28 23:00 - 00000000 ____D () C:\Users\Lubo\AppData\Roaming\CyberLink
2014-10-28 22:53 - 2014-10-28 22:53 - 00000000 ____D () C:\Users\Lubo\Documents\CyberLink
2014-10-28 22:52 - 2014-10-28 22:52 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-10-28 22:49 - 2014-10-28 23:05 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-10-28 22:49 - 2014-10-28 22:49 - 00000000 ____D () C:\Users\Public\CyberLink
2014-10-28 22:46 - 2014-10-28 22:46 - 00000000 ____D () C:\Users\Lubo\AppData\Local\CyberLink
2014-10-28 22:46 - 2014-10-28 22:46 - 00000000 ____D () C:\ProgramData\PDVD
2014-10-28 22:40 - 2014-10-28 23:05 - 00000000 ____D () C:\ProgramData\Norton
2014-10-28 22:39 - 2014-10-28 23:05 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-10-28 22:37 - 2014-10-28 22:38 - 185316008 _____ () C:\Users\Lubo\Documents\PowerDVD_14.0.4412.58_DVD140714-02.exe
2014-10-28 21:29 - 2014-10-28 23:04 - 00000000 ____D () C:\Program Files\CyberLink
2014-10-28 21:27 - 2014-10-28 23:04 - 00000000 ____D () C:\ProgramData\CyberLink
2014-10-28 21:27 - 2014-10-28 22:40 - 00000000 ____D () C:\ProgramData\Temp
2014-10-28 21:27 - 2014-10-28 22:39 - 00000000 ____D () C:\ProgramData\install_clap
2014-10-28 20:03 - 2014-10-31 20:27 - 00000000 ____D () C:\ProgramData\Freemake
2014-10-28 20:03 - 2014-10-31 20:27 - 00000000 ____D () C:\Program Files\Freemake
2014-10-28 20:03 - 2014-10-28 20:04 - 00000000 ____D () C:\Users\Lubo\Documents\Freemake
2014-10-28 19:55 - 2014-08-17 19:00 - 2653683712 _____ () C:\Users\Lubo\Desktop\TOSH0068.MP4
2014-10-28 07:27 - 2014-10-28 07:27 - 00011151 _____ () C:\Users\Lubo\Desktop\simonka.xlsx
2014-10-19 11:28 - 2014-11-18 21:42 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 11:28 - 2014-11-18 21:38 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 21:50 - 2009-07-14 05:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 21:50 - 2009-07-14 05:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 21:48 - 2010-11-20 22:03 - 00778834 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-18 21:46 - 2013-09-21 12:45 - 01158656 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 21:43 - 2014-09-09 11:58 - 00069792 _____ (Absolute Software Corp.) C:\Windows\system32\rpcnet.dll
2014-11-18 21:43 - 2014-09-08 06:02 - 00017920 _____ () C:\Windows\system32\rpcnetp.exe
2014-11-18 21:42 - 2014-03-17 07:58 - 00068556 _____ () C:\Windows\setupact.log
2014-11-18 21:42 - 2014-03-17 07:58 - 00014664 _____ () C:\Windows\PFRO.log
2014-11-18 21:42 - 2013-09-21 16:22 - 00000000 ____D () C:\Users\Lubo\AppData\Local\Rich Media Player
2014-11-18 21:42 - 2013-09-21 15:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-18 21:42 - 2009-07-14 05:17 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-18 21:24 - 2013-12-20 13:56 - 00000000 ___RD () C:\Program Files\Skype
2014-11-18 21:04 - 2014-07-26 21:09 - 00000000 ____D () C:\Program Files\trend micro
2014-11-18 20:30 - 2014-07-26 21:50 - 00000000 ____D () C:\AdwCleaner
2014-11-18 09:26 - 2013-09-21 16:22 - 00000000 ____D () C:\Users\Lubo\AppData\Roaming\vlc
2014-11-15 21:22 - 2009-07-14 05:17 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-01 09:48 - 2013-11-15 16:58 - 00000000 ____D () C:\Users\Lubo\AppData\Roaming\dvdcss
2014-10-30 12:24 - 2013-09-21 15:11 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-28 23:04 - 2013-09-21 14:58 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-28 22:49 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-10-28 22:41 - 2013-12-20 13:56 - 00000000 ____D () C:\Users\Lubo\AppData\Roaming\Skype
2014-10-28 20:37 - 2013-09-21 15:05 - 00002141 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-15 23:17

==================== End Of Log ============================

spisiacka · #8 Příspěvek od **spisiacka** » 18 lis 2014 22:07

ten Addition len prekopirovat alebo to zbalit a dat tu. Ak zbalit ako tu pridam subor?

#9 Příspěvek od **altrok** » 18 lis 2014 22:16

Cely ho zkopirujte sem.

spisiacka · #10 Příspěvek od **spisiacka** » 18 lis 2014 22:19

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-11-2014
Ran by Lubo at 2014-11-18 22:00:38
Running from C:\Users\Lubo\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0007 - ASUS)
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5 (HKLM\...\{E031338C-839D-4EDD-9537-99B653C39D81}) (Version: 6.5.5.24 - Autodesk, Inc.)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
DeamonTools CZ version for Windows (HKLM\...\{BEEE236C-74ED-0072-C7C8-788BBFEF54E8}_is1) (Version: for Windows - )
DVD-Cloner V11.40 Build 1306 (HKLM\...\DVD-Cloner 2014_is1) (Version: 11.40.0.1306 - OpenCloner Inc.)
EA.com Update (HKLM\...\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}) (Version: - )
ffdshow [rev 2583] [2009-01-05] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Groma v.7 (HKLM\...\Groma v.7) (Version: - )
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Lenovo USB 2.0 Ethernet Adapter (HKLM\...\{29584513-DC7F-4EB9-8654-7C541DF0DDCE}) (Version: 1.17 - Lenovo)
Max Payne (HKLM\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{63550182-ee15-4232-9c33-2d867aba4e2c}) (Version: - Nero AG)
NVIDIA 3D Vision radič ovládača 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Direct3D SDK 11 (HKLM\...\{706CA74B-10AD-49FB-B812-8E3BFBAB09A4}) (Version: 10.10 - )
NVIDIA Grafický ovládač 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Ovládací panel NVIDIA 331.82 (Version: 331.82 - NVIDIA Corporation) Hidden
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.211.0 - Tracker Software Products Ltd)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.1 - Qualcomm Atheros)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.37 - Realtek Semiconductor Corp.)
Rich Media Player (HKLM\...\Rich Media Player) (Version: 1.0.0.903 - Radiocom) <==== ATTENTION
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sothink Movie DVD Maker (HKLM\...\{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1) (Version: 3.7 - SourceTec Software Co., LTD)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12541 - TeamViewer)
The Settlers 7 - ĎĐŔÂÎ ÍŔ ŇĐÎÍ (HKLM\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.02.1221 - Ubisoft)
The Settlers 7 Paths to a Kingdom (HKLM\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}_is1) (Version: v.1.02.1221.0 by Donald Dark - by Donald Dark)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
winLAME 2010 beta 2 (HKLM\...\{63C16E81-327C-49B6-9643-4F5EFD8A6B2D}) (Version: 1.0.2010.2 - Michael Fink)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Xilisoft MP4 to DVD Converter (HKLM\...\Xilisoft MP4 to DVD Converter) (Version: 7.1.3.20121219 - Xilisoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3389371157-687349914-276502253-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Lubo\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points =========================

17-11-2014 18:25:07 Windows Update
18-11-2014 20:27:56 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2014-11-18 21:28 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {20778887-18B3-44E1-8731-BDA445C67EED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {25F46FB2-F0D2-46E7-8D4C-341BB5E91D71} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {91A3334E-EB50-43CC-8D45-0F55C3DA31A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-09-21] (Google Inc.)
Task: {B7B92E17-697F-4A96-AB97-DDE2AA04BD9A} - System32\Tasks\ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-21 15:58 - 2013-11-11 15:26 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-10-18 19:10 - 2012-08-31 14:01 - 00151552 _____ () C:\Windows\System32\HP1100LM.DLL
2014-10-18 19:10 - 2012-08-31 14:01 - 00069632 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\HP1100PP.DLL
2013-06-27 06:56 - 2013-06-27 06:56 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2014-10-28 20:36 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 20:36 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 20:36 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 20:36 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-28 20:36 - 2014-10-22 05:05 - 14902600 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-3389371157-687349914-276502253-500 - Administrator - Disabled)
Guest (S-1-5-21-3389371157-687349914-276502253-501 - Limited - Disabled)
Lubo (S-1-5-21-3389371157-687349914-276502253-1000 - Administrator - Enabled) => C:\Users\Lubo

==================== Faulty Device Manager Devices =============

Name: MpKslebf83089
Description: MpKslebf83089
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKslebf83089
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Ethernet Controller
Description: Ethernet Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2014 09:48:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/18/2014 09:48:18 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/18/2014 09:44:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2014 09:43:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 08:36:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/18/2014 08:36:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/18/2014 08:32:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2014 08:31:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 06:58:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (11/18/2014 06:58:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

System errors:
=============
Error: (11/18/2014 09:42:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Interenet Optimizer bol dosiahnutý časový limit (30000 ms).

Error: (11/18/2014 09:42:20 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.

Error: (11/18/2014 09:38:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (11/18/2014 09:38:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (11/18/2014 09:38:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (11/18/2014 09:38:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (11/18/2014 09:38:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (11/18/2014 08:31:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Interenet Optimizer bol dosiahnutý časový limit (30000 ms).

Error: (11/18/2014 08:31:05 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.

Error: (11/18/2014 08:30:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll

Microsoft Office Sessions:
=========================
Error: (04/19/2014 02:10:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1838 seconds with 840 seconds of active time. This session ended with a crash.

Error: (04/19/2014 01:39:01 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17997 seconds with 10860 seconds of active time. This session ended with a crash.

Error: (04/16/2014 09:47:42 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1910 seconds with 1320 seconds of active time. This session ended with a crash.

Error: (04/11/2014 08:46:49 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 43%
Total physical RAM: 2729.86 MB
Available physical RAM: 1555.48 MB
Total Pagefile: 5458 MB
Available Pagefile: 4235.19 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.73 GB) (Free:23.44 GB) NTFS
Drive d: () (Fixed) (Total:195.31 GB) (Free:136.41 GB) NTFS
Drive e: () (Fixed) (Total:221.62 GB) (Free:89.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 572520C5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#11 Příspěvek od **altrok** » 18 lis 2014 22:22

Doinstalujte IE 11 a vsechny dalsi dulezite aktualizace pro Windows nebo Vas tu budem mit za chvili zpatky...

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: G - G:\SETUP.EXE
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {0afd8504-56f0-11e4-8036-823980f19e96} - H:\SISetup.exe
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {d75ff8bf-2463-11e3-9443-ce60523d829c} - G:\SETUP.EXE
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {ecf3e207-6b29-11e3-8074-d1fe50d23f97} - G:\install.exe
HKU\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDA61267ED3B6CE01
SearchScopes: HKLM -> DefaultScope value is missing.
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~2\intere~1\InterenetOptimizerSvc.dll",service
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
2014-11-18 21:40 - 2014-11-18 21:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-18 21:27 - 2014-11-18 21:43 - 00011882 _____ () C:\zoek-results.log
2014-11-18 21:26 - 2014-11-18 21:39 - 00000000 ____D () C:\zoek_backup
2014-11-18 21:25 - 2014-11-18 21:25 - 01294848 _____ () C:\Users\Lubo\Desktop\zoek.exe
2014-11-18 21:04 - 2014-11-18 21:05 - 00000000 ____D () C:\rsit
2014-11-18 21:03 - 2014-11-18 21:03 - 01107968 _____ () C:\Users\Lubo\Downloads\RSIT.exe
2014-11-18 20:28 - 2014-11-18 20:28 - 02140160 _____ () C:\Users\Lubo\Downloads\adwcleaner_4.101.exe
C:\ProgramData\Interenet Optimizer
C:\Program Files\Interenet Optimizer
2014-11-18 21:04 - 2014-07-26 21:09 - 00000000 ____D () C:\Program Files\trend micro
2014-11-18 20:30 - 2014-07-26 21:50 - 00000000 ____D () C:\AdwCleaner
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

spisiacka · #12 Příspěvek od **spisiacka** » 19 lis 2014 00:05

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 17-11-2014
Ran by Lubo at 2014-11-19 00:00:16 Run:1
Running from C:\Users\Lubo\Desktop
Loaded Profile: Lubo (Available profiles: Lubo)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd)
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: G - G:\SETUP.EXE
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {0afd8504-56f0-11e4-8036-823980f19e96} - H:\SISetup.exe
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {d75ff8bf-2463-11e3-9443-ce60523d829c} - G:\SETUP.EXE
HKU\S-1-5-21-3389371157-687349914-276502253-1000\...\MountPoints2: {ecf3e207-6b29-11e3-8074-d1fe50d23f97} - G:\install.exe
HKU\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDA61267ED3B6CE01
SearchScopes: HKLM -> DefaultScope value is missing.
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~2\intere~1\InterenetOptimizerSvc.dll",service
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
2014-11-18 21:40 - 2014-11-18 21:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-11-18 21:27 - 2014-11-18 21:43 - 00011882 _____ () C:\zoek-results.log
2014-11-18 21:26 - 2014-11-18 21:39 - 00000000 ____D () C:\zoek_backup
2014-11-18 21:25 - 2014-11-18 21:25 - 01294848 _____ () C:\Users\Lubo\Desktop\zoek.exe
2014-11-18 21:04 - 2014-11-18 21:05 - 00000000 ____D () C:\rsit
2014-11-18 21:03 - 2014-11-18 21:03 - 01107968 _____ () C:\Users\Lubo\Downloads\RSIT.exe
2014-11-18 20:28 - 2014-11-18 20:28 - 02140160 _____ () C:\Users\Lubo\Downloads\adwcleaner_4.101.exe
C:\ProgramData\Interenet Optimizer
C:\Program Files\Interenet Optimizer
2014-11-18 21:04 - 2014-07-26 21:09 - 00000000 ____D () C:\Program Files\trend micro
2014-11-18 20:30 - 2014-07-26 21:50 - 00000000 ____D () C:\AdwCleaner
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-3389371157-687349914-276502253-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3389371157-687349914-276502253-1000" => Key not found.
"HKU\S-1-5-21-3389371157-687349914-276502253-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0afd8504-56f0-11e4-8036-823980f19e96}" => Key deleted successfully.
"HKCR\CLSID\{0afd8504-56f0-11e4-8036-823980f19e96}" => Key not found.
"HKU\S-1-5-21-3389371157-687349914-276502253-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d75ff8bf-2463-11e3-9443-ce60523d829c}" => Key deleted successfully.
"HKCR\CLSID\{d75ff8bf-2463-11e3-9443-ce60523d829c}" => Key not found.
"HKU\S-1-5-21-3389371157-687349914-276502253-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecf3e207-6b29-11e3-8074-d1fe50d23f97}" => Key deleted successfully.
"HKCR\CLSID\{ecf3e207-6b29-11e3-8074-d1fe50d23f97}" => Key not found.
HKU\S-1-5-21-3389371157-687349914-276502253-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
0c632643 => Service deleted successfully.
nvvad_WaveExtensible => Service deleted successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Lubo\Desktop\zoek.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Lubo\Downloads\RSIT.exe => Moved successfully.
C:\Users\Lubo\Downloads\adwcleaner_4.101.exe => Moved successfully.
"C:\ProgramData\Interenet Optimizer" => File/Directory not found.
"C:\Program Files\Interenet Optimizer" => File/Directory not found.
C:\Program Files\trend micro => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 375.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#13 Příspěvek od **altrok** » 19 lis 2014 00:09

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

VIRY.CZ

Preventivka

Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka

Re: Preventivka