VIRY.CZ

Dobrý večer vám prajem,

pripájam DDS LOG, pre overenie stavu počítača, z dôvodu občasných zlyhávaní internetového pripojenia na konkrétne internetové adresy ako je hlavne poštový server GMAIL. Zároveň občas zaznamenávam mierne spomalenie reakcií počítača.
Ďakujem

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 1.6.0_30
Run by Pavol at 20:52:35 on 2012-12-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1029.18.1790.779 [GMT 1:00]
.
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\nvvsvc.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\windows\system32\nvvsvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
C:\QSTART.SYS\config\DVMExportService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\CVision\PdfCompressor 5.0\ftpsvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Clarus\Samsung SecretZone\SZAssistSVC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\VeriFace\PManage.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Creative\USB Sound Blaster\Volume Panel\VolPanlu.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\CVision\License\CVistaMonitor.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFGuage.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
C:\Program Files\Clarus\Samsung Auto Backup\ISFTimerD.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: IDMIEHlprObj Class: {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: FGCatchUrl: {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - c:\program files\flashget\jccatch.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashGet GetFlash Class: {F156768E-81EF-470C-9057-481BA8380DBA} - c:\program files\flashget\getflash.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [VeriFaceManager] c:\program files\lenovo\veriface\PManage.exe
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [VolPanel] "c:\program files\creative\usb sound blaster\volume panel\VolPanlu.exe" /r
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
StartupFolder: c:\users\pavol\appdata\roaming\micros~1\windows\startm~1\programs\startup\samsun~3.lnk - c:\program files\clarus\samsung auto backup\ISFGuage.exe
StartupFolder: c:\users\pavol\appdata\roaming\micros~1\windows\startm~1\programs\startup\samsun~2.lnk - c:\program files\clarus\samsung auto backup\ISFRealTimeD.exe
StartupFolder: c:\users\pavol\appdata\roaming\micros~1\windows\startm~1\programs\startup\samsun~1.lnk - c:\program files\clarus\samsung auto backup\ISFTimerD.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\lenovo\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\cardos~1.lnk - c:\program files\siemens\cardos api\bin\siecacst.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\cvista~1.lnk - c:\program files\cvision\license\CVistaMonitor.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\qsign.lnk - c:\program files\ardaco\qsign\zepapp.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\tp-link wireless configuration utility\TWCU.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Download All with FlashGet - c:\program files\flashget\jc_all.htm
IE: &Download with FlashGet - c:\program files\flashget\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download with Mipony - c:\program files\mipony\browser\IEContext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\lenovo\bluetooth software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: Prevziať cez IDM - c:\program files\internet download manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\internet download manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\internet download manager\IEGetVL.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\program files\flashget\FlashGet.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{797AECCE-8323-43AB-91B7-C58372C7A5D4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D}\0523B4 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D}\0756E63796F6E6 : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D}\465646F646F6D616 : DHCPNameServer = 195.34.133.21 192.168.0.5
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D}\6596E6F6F5655627964716370275946494 : DHCPNameServer = 192.168.8.1 192.168.8.1
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D}\D41425C4F4E4E45445 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BCDEBBA6-ED84-40D2-9BB3-77E89C93A96D}\D4162756B62E08993702960586F6E656 : DHCPNameServer = 195.91.0.17 194.154.227.17
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\pavol\appdata\roaming\mozilla\firefox\profiles\5dtrfrpc.default\
FF - prefs.js: network.proxy.http - proxy.ulib.sk
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\adobe\acrobat 10.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\pavol\appdata\roaming\mozilla\plugins\npatgpc.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_110.dll
.
---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2012-10-8 53224]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-10-8 170656]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2012-10-8 46056]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\qstart.sys\config\DVMExportService.exe [2009-7-8 323584]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2012-10-23 1329304]
R2 PdfCompressorFtpService;CVISION PdfCompressor Communication Service;c:\program files\cvision\pdfcompressor 5.0\ftpsvc.exe [2011-2-25 264704]
R2 PfFilter;PfFilter;c:\program files\iobit\protected folder\pffilter.sys [2011-6-13 32672]
R2 SZASSIST;SecretZone Assist Service;c:\program files\clarus\samsung secretzone\SZAssistSVC.exe [2011-4-21 90112]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2010-1-20 23136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-5-31 260648]
R3 mdf16;mdf16;c:\program files\clarus\samsung secretzone\mdf16.sys [2011-4-21 18288]
R3 mvd22;mvd22;c:\program files\clarus\samsung secretzone\mvd22.sys [2011-4-21 70512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 CVCompressionService;CVISION PdfCompressor Watched Folder Service;c:\program files\cvision\pdfcompressor 5.0\service\CVCompressionService.exe [2011-2-25 569856]
S3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2012-10-1 1570304]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-12-10 29472]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2011-3-21 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-3-21 79360]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-11-13 49664]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-9-12 1512448]
S3 GemCCID;GemCCID;c:\windows\system32\drivers\GemCCID.sys [2009-8-10 89600]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2010-3-5 101248]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2012-6-11 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2012-6-11 8576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-10-24 14848]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-10-24 49664]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-22 1343400]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-21 81704]
S4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2012-12-07 17:35:07 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{f76f661e-2567-4593-ad2a-1fcf48af69f9}\mpengine.dll
2012-11-17 00:04:27 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-17 00:04:27 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-17 00:04:27 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-17 00:01:32 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-17 00:01:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-17 00:01:30 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-17 00:01:30 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-17 00:01:27 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-17 00:01:27 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-17 00:01:27 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 19:16:25 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-16 19:16:25 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-16 19:16:24 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-16 19:16:24 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-16 19:16:24 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-16 19:16:24 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-16 19:16:24 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-16 19:16:24 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-16 19:16:09 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 19:14:18 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-16 19:14:18 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-16 19:13:48 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-13 20:57:41 -------- d-----w- c:\windows\sk
2012-11-13 20:56:55 49664 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-11-13 20:56:27 -------- d-----w- c:\windows\cs
2012-11-13 20:55:11 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-11-13 20:49:34 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-11-13 20:49:33 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-11-13 20:49:31 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-11-13 20:49:30 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-11-13 20:47:45 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-11-13 20:45:01 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2012-11-13 20:41:50 5659096 -c--a-w- c:\program files\common files\windows live\.cache\7d33f7241cdc1de04\skydrivesetup.exe
2012-11-13 20:41:50 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-11-13 20:41:47 -------- d-----r- c:\users\pavol\SkyDrive
2012-11-13 20:38:47 -------- d-----w- c:\programdata\Microsoft SkyDrive
2012-11-13 20:35:56 94040 -c--a-w- c:\program files\common files\windows live\.cache\71be01641cdc1de03\DSETUP.dll
2012-11-13 20:35:56 525656 -c--a-w- c:\program files\common files\windows live\.cache\71be01641cdc1de03\DXSETUP.exe
2012-11-13 20:35:56 1691480 -c--a-w- c:\program files\common files\windows live\.cache\71be01641cdc1de03\dsetup32.dll
2012-11-13 20:35:36 537432 -c--a-w- c:\program files\common files\windows live\.cache\675d25241cdc1de02\DXSETUP.exe
2012-11-13 20:35:35 89944 -c--a-w- c:\program files\common files\windows live\.cache\675d25241cdc1de02\DSETUP.dll
2012-11-13 20:35:35 1801048 -c--a-w- c:\program files\common files\windows live\.cache\675d25241cdc1de02\dsetup32.dll
2012-11-13 20:35:19 537432 -c--a-w- c:\program files\common files\windows live\.cache\5b216e641cdc1de01\DXSETUP.exe
2012-11-13 20:35:19 1801048 -c--a-w- c:\program files\common files\windows live\.cache\5b216e641cdc1de01\dsetup32.dll
2012-11-13 20:35:18 89944 -c--a-w- c:\program files\common files\windows live\.cache\5b216e641cdc1de01\DSETUP.dll
2012-11-13 20:34:51 -------- d-----w- c:\users\pavol\appdata\local\Windows Live
2012-11-13 20:33:23 -------- d-----w- c:\program files\common files\Windows Live
2012-11-09 19:01:02 -------- d-----w- c:\program files\ESET
.
==================== Find3M ====================
.
2012-11-28 18:30:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-28 18:30:22 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-20 10:30:20 10220472 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-08 07:21:08 53224 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21:08 46056 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21:08 149568 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21:08 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21:06 170656 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-12 14:57:44 322048 ----a-w- c:\windows\WLXPGSS.SCR
2012-09-12 05:40:52 86016 ----a-w- c:\windows\system32\NtDirect.dll
.
============= FINISH: 21:03:14,49 ===============

Marek

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Vďaka, posielam teda obsah logu:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.12.14.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Pavol :: PAVOL-PC [administrátor]

14. 12. 2012 21:31:01
mbam-log-2012-12-14 (21-31-01).txt

Typ: Úplná kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 549038
Uplynulý čas: 10 hodin, 35 minut, 20 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Nyní použijeme větší kalibr tak pozorně čti, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

V případě nejasností je ZDE obrázkový návod.

Vďaka, ComboFix bol spustený, prikladám jeho log:

ComboFix 12-12-17.02 - Pavol . 12. 2012 18:54:31.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1029.18.1790.767 [GMT 1:00]
Running from: c:\users\Pavol\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-17 to 2012-12-17 )))))))))))))))))))))))))))))))
.
.
2012-12-17 18:40 . 2012-12-17 18:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-17 18:40 . 2012-12-17 18:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-14 20:25 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-14 20:25 . 2012-12-14 20:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-14 20:10 . 2012-12-14 20:10 -------- d-----w- c:\program files\CCleaner
2012-12-12 07:51 . 2012-11-05 20:32 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 07:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 07:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-15 03:41 . 2012-04-27 18:51 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-15 03:41 . 2011-09-04 18:24 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-16 07:39 . 2012-11-28 17:00 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-16 19:14 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 19:14 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-08 07:21 . 2012-10-08 07:21 53224 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 46056 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 149568 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 170656 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-03 16:58 . 2012-11-16 19:16 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42 . 2012-11-16 19:16 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 16:42 . 2012-11-16 19:16 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 16:42 . 2012-11-16 19:16 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 16:42 . 2012-11-16 19:16 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 16:42 . 2012-11-16 19:16 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 16:40 . 2012-11-16 19:16 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21 . 2012-11-16 19:16 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-16 19:16 78336 ----a-w- c:\windows\system32\synceng.dll
2012-10-26 22:04 . 2012-10-26 22:02 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-13 20:39 220632 ----a-w- c:\users\Pavol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-13 20:39 220632 ----a-w- c:\users\Pavol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-13 20:39 220632 ----a-w- c:\users\Pavol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-12-10 18:41 1410312 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-05-26 3220912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-10 13797920]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-24 7625248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-23 1537320]
"VeriFaceManager"="c:\program files\Lenovo\VeriFace\PManage.exe" [2009-12-10 3122440]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-07-15 4081480]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"VolPanel"="c:\program files\Creative\USB Sound Blaster\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-10-23 5074384]
.
c:\users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Auto Backup Guage.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFGuage.exe [2011-4-21 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2011-4-21 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFTimerD.exe [2011-4-21 102400]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]
CardOS API.lnk - c:\program files\Siemens\CardOS API\bin\siecacst.exe [2012-3-21 122880]
CVista Monitor.lnk - c:\program files\CVision\License\CVistaMonitor.exe [2011-2-25 775680]
QSign.lnk - c:\program files\Ardaco\QSign\zepapp.exe [2010-5-12 5283328]
TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2012-10-1 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 CVCompressionService;CVISION PdfCompressor Watched Folder Service;c:\program files\CVision\PdfCompressor 5.0\Service\CVCompressionService.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 esihdrv;esihdrv;c:\users\Pavol\AppData\Local\Temp\esihdrv.sys [x]
R3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\qstart.sys\config\DVMExportService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 PdfCompressorFtpService;CVISION PdfCompressor Communication Service;c:\program files\CVision\PdfCompressor 5.0\ftpsvc.exe [x]
S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [x]
S2 SZASSIST;SecretZone Assist Service;c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 mdf16;mdf16;c:\program files\Clarus\Samsung SecretZone\mdf16.sys [x]
S3 mvd22;mvd22;c:\program files\Clarus\Samsung SecretZone\mvd22.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
GPSvcGroup REG_MULTI_SZ GPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 03:41]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Prevziať cez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\5dtrfrpc.default\
FF - prefs.js: network.proxy.http - proxy.ulib.sk
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:51,66,7a,6c,4c,1d,38,12,c3,1e,be,
b9,74,87,79,0f,d2,d7,27,f5,b1,a1,11,c4
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=hex:51,66,7a,6c,4c,1d,38,12,c2,99,1a,
36,00,8f,58,04,e1,8c,0d,76,4f,1c,0a,03
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=hex:51,66,7a,6c,4c,1d,38,12,57,36,90,
43,f7,9e,4b,04,e0,be,4b,59,e7,b4,e8,87
"{0055C089-8582-441B-A0BF-17B458C2A3A8}"=hex:51,66,7a,6c,4c,1d,38,12,e7,c3,46,
04,b0,cb,75,01,df,a9,54,f4,5d,9c,e7,bc
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}"=hex:51,66,7a,6c,4c,1d,38,12,68,40,25,
2b,77,e4,db,02,e0,8b,7a,e8,bc,10,3a,e3
"{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{AE7CD045-E861-484F-8273-0445EE161910}"=hex:51,66,7a,6c,4c,1d,38,12,2b,d3,6f,
aa,53,a6,21,0d,fd,65,47,05,eb,48,5d,04
"{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}"=hex:51,66,7a,6c,4c,1d,38,12,c3,1e,ae,
b9,74,87,79,0f,d2,d7,27,f5,b1,a1,11,c4
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{F156768E-81EF-470C-9057-481BA8380DBA}"=hex:51,66,7a,6c,4c,1d,38,12,e0,75,45,
f5,dd,cf,62,02,ef,41,0b,5b,ad,66,49,ae
"{F4971EE7-DAA0-4053-9964-665D8EE6A077}"=hex:51,66,7a,6c,4c,1d,38,12,89,1d,84,
f0,92,94,3d,05,e6,72,25,1d,8b,b8,e4,63
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:70,a1,e4,cc,db,29,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ae,bb,05,e6,fb,48,52,49,84,d3,95,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ae,bb,05,e6,fb,48,52,49,84,d3,95,\
.
[HKEY_USERS\S-1-5-21-2963186513-4255357412-3814946783-1003_Classes\CLSID\{70b973e2-7558-413e-b697-6dda95b4f3f2}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000009e
"Therad"=dword:00000011
.
[HKEY_USERS\S-1-5-21-2963186513-4255357412-3814946783-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):8b,59,5b,ef,9e,9d,39,ef,a2,f2,ec,e8,e8,70,aa,fc,17,b9,71,12,8a,
8d,03,dc,51,9c,34,f9,99,74,45,fa,60,c3,2b,7a,c4,ff,01,6b,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5548)
c:\windows\system32\IcnOvrly.dll
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
.
Completion time: 2012-12-17 19:51:30
ComboFix-quarantined-files.txt 2012-12-17 18:51
.
Pre-Run: Volných bajtů: 24 714 481 664
Post-Run: Volných bajtů: 24 521 064 448
.
- - End Of File - - 977DC42AEF5358C531C51B1A42198C21

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_USERS\S-1-5-21-2963186513-4255357412-3814946783-1003_Classes\CLSID\{70b973e2-7558-413e-b697-6dda95b4f3f2}]
[HKEY_USERS\S-1-5-21-2963186513-4255357412-3814946783-1003_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Skript bol cez Combofix vykonaný, prikladám log:

Vďaka

ComboFix 12-12-17.02 - Pavol . 12. 2012 0:38.5.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1029.18.1790.801 [GMT 1:00]
Running from: c:\users\Pavol\Desktop\ComboFix.exe
Command switches used :: c:\users\Pavol\Desktop\CFScript.txt
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-11-18 to 2012-12-18 )))))))))))))))))))))))))))))))
.
.
2012-12-18 00:22 . 2012-12-18 00:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-18 00:22 . 2012-12-18 00:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-14 20:25 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-14 20:25 . 2012-12-14 20:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-14 20:10 . 2012-12-14 20:10 -------- d-----w- c:\program files\CCleaner
2012-12-12 07:51 . 2012-11-05 20:32 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 07:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 07:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-15 03:41 . 2012-04-27 18:51 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-15 03:41 . 2011-09-04 18:24 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-16 07:39 . 2012-11-28 17:00 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-16 19:14 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 19:14 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-08 07:21 . 2012-10-08 07:21 53224 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2012-10-08 07:21 . 2012-10-08 07:21 46056 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2012-10-08 07:21 . 2012-10-08 07:21 149568 ----a-w- c:\windows\system32\drivers\epfw.sys
2012-10-08 07:21 . 2012-10-08 07:21 121216 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2012-10-08 07:21 . 2012-10-08 07:21 170656 ----a-w- c:\windows\system32\drivers\eamonm.sys
2012-10-03 16:58 . 2012-11-16 19:16 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42 . 2012-11-16 19:16 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-10-03 16:42 . 2012-11-16 19:16 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-10-03 16:42 . 2012-11-16 19:16 18944 ----a-w- c:\windows\system32\netevent.dll
2012-10-03 16:42 . 2012-11-16 19:16 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-10-03 16:42 . 2012-11-16 19:16 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-10-03 16:40 . 2012-11-16 19:16 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21 . 2012-11-16 19:16 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-16 19:16 78336 ----a-w- c:\windows\system32\synceng.dll
2012-10-26 22:04 . 2012-10-26 22:02 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-13 20:39 220632 ----a-w- c:\users\Pavol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-13 20:39 220632 ----a-w- c:\users\Pavol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-13 20:39 220632 ----a-w- c:\users\Pavol\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-12-10 18:41 1410312 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-05-26 3220912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-10 13797920]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-24 7625248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-23 1537320]
"VeriFaceManager"="c:\program files\Lenovo\VeriFace\PManage.exe" [2009-12-10 3122440]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-07-15 4081480]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"VolPanel"="c:\program files\Creative\USB Sound Blaster\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-10-23 5074384]
.
c:\users\Pavol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Auto Backup Guage.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFGuage.exe [2011-4-21 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2011-4-21 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files\Clarus\Samsung Auto Backup\ISFTimerD.exe [2011-4-21 102400]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-7-1 795936]
CardOS API.lnk - c:\program files\Siemens\CardOS API\bin\siecacst.exe [2012-3-21 122880]
CVista Monitor.lnk - c:\program files\CVision\License\CVistaMonitor.exe [2011-2-25 775680]
QSign.lnk - c:\program files\Ardaco\QSign\zepapp.exe [2010-5-12 5283328]
TP-LINK Wireless Configuration Utility.lnk - c:\program files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2012-10-1 788992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 CVCompressionService;CVISION PdfCompressor Watched Folder Service;c:\program files\CVision\PdfCompressor 5.0\Service\CVCompressionService.exe [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athur.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 esihdrv;esihdrv;c:\users\Pavol\AppData\Local\Temp\esihdrv.sys [x]
R3 GemCCID;GemCCID;c:\windows\system32\Drivers\GemCCID.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [x]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\qstart.sys\config\DVMExportService.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 PdfCompressorFtpService;CVISION PdfCompressor Communication Service;c:\program files\CVision\PdfCompressor 5.0\ftpsvc.exe [x]
S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [x]
S2 SZASSIST;SecretZone Assist Service;c:\program files\Clarus\Samsung SecretZone\SZAssistSVC.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [x]
S3 mdf16;mdf16;c:\program files\Clarus\Samsung SecretZone\mdf16.sys [x]
S3 mvd22;mvd22;c:\program files\Clarus\Samsung SecretZone\mvd22.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
GPSvcGroup REG_MULTI_SZ GPSvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 03:41]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: Prevziať cez IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Prevziať cez IDM všetky prepojenia - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Prevziať obsah FLV cez IDM - c:\program files\Internet Download Manager\IEGetVL.htm
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pavol\AppData\Roaming\Mozilla\Firefox\Profiles\5dtrfrpc.default\
FF - prefs.js: network.proxy.http - proxy.ulib.sk
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5392)
c:\windows\system32\IcnOvrly.dll
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
.
Completion time: 2012-12-18 01:32:42
ComboFix-quarantined-files.txt 2012-12-18 00:32
ComboFix2.txt 2012-12-17 23:28
ComboFix3.txt 2012-12-17 18:51
.
Pre-Run: Volných bajtů: 26 060 738 560
Post-Run: Volných bajtů: 26 308 448 256
.
- - End Of File - - A684FE59F445B41CEBEE8DF45331A841

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jaký je stav PC, respektive co ten problém s připojením.

Dobrý deň,

po zrealizovaní posledných čistení je stav neporovnateľne lepší, pripojenie už je v poriadku.

Ďakujem

Ahoj, v tom případě nemáš zač a

VIRY.CZ

Preventívna kontrola PC - občasné zlyhávanie pripojenia na k

Preventívna kontrola PC - občasné zlyhávanie pripojenia na k

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia

Re: Preventívna kontrola PC - občasné zlyhávanie pripojenia