VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Výrazné zpomalení internetu

https://forum.viry.cz:443/viewtopic.php?t=132320

Stránka 1 z 1

Výrazné zpomalení internetu

Napsal: 25 srp 2013 11:01
od HellCraft
Dobrý den, poslední dobou se mi výrazně zpomalil internet. Můj poskytovatel je o2, internet mám 7 mb... dříve mi běhal kolem 500 kb ale teď 20-50 kb. Mám podezření na vir. Antivirus jsem měl eset ale potom co jsem zjistil že eset může zpomalovat internet tak jsem přešel na avg a z avg na nic... bohužel problémy stále přetrvávají... Posílám log z combofixu

ComboFix 13-08-20.01 - OEM 25.08.2013 11:37:58.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4055.2784 [GMT 2:00]
Spuštěný z: c:\users\OEM\Downloads\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-25 do 2013-08-25 )))))))))))))))))))))))))))))))
.
.
2013-08-25 09:44 . 2013-08-25 09:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-25 09:44 . 2013-08-25 09:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-08-23 13:42 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll
2013-08-23 13:42 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll
2013-08-23 13:42 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll
2013-08-23 13:42 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll
2013-08-23 13:42 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll
2013-08-23 13:42 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe
2013-08-23 13:42 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll
2013-08-23 13:42 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll
2013-08-23 13:42 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll
2013-08-23 13:42 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll
2013-08-23 13:42 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll
2013-08-23 13:42 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe
2013-08-23 13:17 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EDA208F6-AF8B-4534-B661-51392E291C07}\mpengine.dll
2013-08-23 08:35 . 2013-08-23 08:35 -------- d-----w- c:\users\OEM\AppData\Local\Avg2013
2013-08-22 17:17 . 2013-08-25 09:46 4194304 ----a-w- c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2013-08-22 17:16 . 2013-08-22 17:16 -------- d-----w- c:\windows\SysWow64\BestPractices
2013-08-22 17:16 . 2013-08-22 17:16 -------- d-----w- c:\windows\system32\msmq
2013-08-22 17:16 . 2013-08-22 17:16 -------- d-----w- c:\windows\system32\BestPractices
2013-08-22 17:16 . 2013-08-22 17:16 -------- d-----w- C:\inetpub
2013-08-22 10:35 . 2013-08-24 14:57 -------- d-----w- c:\program files (x86)\AVG Secure Search
2013-08-22 09:50 . 2013-08-22 09:50 -------- d-----w- c:\users\OEM\AppData\Local\AVG Secure Search
2013-08-22 09:49 . 2013-08-24 14:57 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-08-22 09:49 . 2013-08-22 09:49 -------- d-----w- c:\programdata\AVG Secure Search
2013-08-22 09:49 . 2013-08-22 09:49 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2013-08-22 09:45 . 2013-08-23 08:35 -------- d-----w- c:\programdata\MFAData
2013-08-22 09:45 . 2013-08-22 09:45 -------- d-----w- c:\users\OEM\AppData\Local\MFAData
2013-08-22 09:29 . 2013-08-22 09:29 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-22 09:29 . 2013-08-22 09:29 5550528 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-22 09:29 . 2013-08-22 09:29 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-22 09:29 . 2013-08-22 09:29 3968960 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-22 09:29 . 2013-08-22 09:29 3913664 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-22 09:29 . 2013-08-22 09:29 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-22 09:29 . 2013-08-22 09:29 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-22 09:29 . 2013-08-22 09:29 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-22 09:29 . 2013-08-22 09:29 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-22 09:29 . 2013-08-22 09:29 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-22 09:29 . 2013-08-22 09:29 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-22 08:19 . 2013-08-22 08:19 -------- d-----w- c:\program files (x86)\IObit Apps Toolbar
2013-08-22 08:19 . 2013-08-22 08:19 -------- d-----w- c:\program files (x86)\Common Files\Spigot
2013-08-22 08:19 . 2013-08-22 08:19 -------- d-----w- c:\program files (x86)\Application Updater
2013-08-18 06:44 . 2013-08-24 18:10 -------- d-----w- c:\users\OEM\AppData\Roaming\BitTorrent
2013-08-17 11:55 . 2013-08-17 11:55 -------- d-----w- c:\users\OEM\AppData\Local\Locktime
2013-08-17 11:52 . 2013-08-17 11:52 -------- d-----w- c:\program files\NetLimiter 3
2013-08-17 11:52 . 2013-08-17 11:52 -------- d-----w- c:\programdata\Locktime
2013-08-17 11:52 . 2013-08-17 11:53 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2013-08-17 11:24 . 2013-08-17 11:24 -------- d-----w- c:\program files (x86)\NirSoft
2013-08-16 11:49 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-08-16 11:49 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-08-16 11:49 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-16 11:49 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-16 11:49 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-08-16 11:49 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-08-16 11:49 . 2013-07-09 04:46 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-08-16 11:49 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-08-16 11:47 . 2013-07-19 01:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-16 11:47 . 2013-07-19 01:41 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-08-16 11:47 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-16 11:47 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-08-16 11:47 . 2013-07-09 05:51 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-16 11:47 . 2013-07-09 04:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-08-16 11:47 . 2013-06-15 04:32 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-16 11:47 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-15 09:43 . 2013-08-15 09:43 -------- d-----w- c:\users\OEM\AppData\Local\PAYDAY
2013-08-15 09:38 . 2013-08-15 09:38 -------- d-----w- c:\program files (x86)\Black_Box
2013-08-15 09:38 . 2013-08-15 09:38 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2013-08-15 07:58 . 2013-08-15 08:08 -------- d-----w- c:\users\OEM\AppData\Roaming\TP-LINK
2013-08-15 07:58 . 2013-08-15 07:58 -------- d-----w- c:\program files (x86)\TP-LINK
2013-08-15 07:57 . 2012-10-18 13:04 1930240 ----a-w- c:\windows\system32\drivers\athurx.sys
2013-08-15 07:57 . 2012-10-18 13:04 1930240 ------w- c:\windows\system32\athurx.sys
2013-08-15 07:56 . 2013-08-15 07:58 -------- d-----w- c:\programdata\TP-LINK
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-24 18:01 . 2012-12-18 16:37 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-08-24 18:01 . 2012-11-09 16:08 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-08-24 18:00 . 2012-11-09 16:08 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-08-22 09:29 . 2013-08-22 09:29 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-16 17:23 . 2012-11-07 19:53 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-19 07:32 . 2013-07-19 07:32 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-07-02 07:52 . 2013-06-15 15:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-07-02 07:52 . 2013-07-02 07:52 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-06-21 07:04 . 2013-06-21 07:04 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2013-06-19 08:27 . 2012-11-09 16:08 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-06-16 18:40 . 2013-06-16 12:10 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-06-16 18:40 . 2013-06-16 12:10 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-06-16 18:40 . 2013-06-16 12:10 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2013-06-16 18:40 . 2013-06-16 12:10 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-06-15 15:55 . 2013-06-15 15:55 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-06-12 12:20 . 2012-11-07 18:35 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 12:20 . 2012-11-07 18:35 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 12:20 . 2013-06-12 12:20 9089416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-12 07:48 . 2013-06-12 07:48 32688 ----a-w- c:\windows\system32\drivers\nlndis.sys
2013-06-05 03:34 . 2013-07-10 14:56 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 14:56 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 14:56 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-05-29 07:55 . 2013-05-29 07:55 707354 ----a-w- c:\windows\unins000.exe
2005-08-26 12:20 . 2013-03-10 07:07 177664 ----a-w- c:\program files (x86)\Version Changer fr.exe
2002-08-28 11:41 . 2013-03-10 07:04 11376 ----a-r- c:\program files (x86)\SECDRV.SYS
2002-08-28 09:22 . 2013-03-10 07:04 40960 ----a-r- c:\program files (x86)\DrvMgt.dll
2002-08-20 02:09 . 2013-03-10 07:04 3237078 ----a-r- c:\program files (x86)\Game.exe
2002-08-03 14:51 . 2013-03-10 07:04 851968 ----a-r- c:\program files (x86)\LS3DF.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll" [2013-08-08 1356096]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2013-08-08 17:33 1356096 ----a-w- c:\program files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files (x86)\IObit Apps Toolbar\IE\7.4\iobitappsToolbarIE.dll" [2013-08-08 1356096]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-08-24 2314416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ALSysIO;ALSysIO; [x]
R3 MailList Controller;MailList Controller;c:\program files (x86)\arclab\maillist controller\amlcSVC.exe;c:\program files (x86)\arclab\maillist controller\amlcSVC.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys;c:\program files\NetLimiter 3\nltdi.sys [x]
S2 ACT2_Service;Ashampoo Core Tuner 2 Service;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [x]
S2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys;c:\program files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-22 13:20 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3395566686-3764996113-1460129602-1000Core.job
- c:\users\OEM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-25 16:33]
.
2013-07-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3395566686-3764996113-1460129602-1000UA.job
- c:\users\OEM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-25 16:33]
.
2013-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce7ba38e296e4d.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 06:08]
.
2013-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce0d1086a5840.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 06:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"="mqrt.dll" [2010-11-20 247808]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.co.uk/
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
TCP: DhcpNameServer = 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll
FF - ProfilePath - c:\users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF - ExtSQL: 2013-07-03 09:27; searchy@searchy; c:\users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\extensions\searchy@searchy.xpi
FF - ExtSQL: 2013-07-11 12:30; client@anonymox.net; c:\users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-07-13 11:07; {96f454ea-9d38-474f-b504-56193e00c1a5}; c:\users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
FF - ExtSQL: 2013-07-19 09:36; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-08-22 10:19; iobitapps@mybrowserbar.com; c:\program files (x86)\IObit Apps Toolbar\FF
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc
FF - user.js: extentions.webcake.installId - f80230d2-fe15-4843-88d5-42cbed43f724
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3395566686-3764996113-1460129602-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:ee,5a,20,72,ad,ac,ee,c1,3c,16,2d,34,2c,e8,a4,66,91,91,03,b3,29,
90,c2,e2,e3,ef,9a,c7,88,87,a3,c2,c7,e4,8f,cd,34,dd,e1,fb,88,9e,67,34,e0,33,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
.
**************************************************************************
.
Celkový čas: 2013-08-25 11:50:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-08-25 09:50
ComboFix2.txt 2013-08-22 08:10
.
Před spuštěním: Volných bajtů: 628 340 953 088
Po spuštění: Volných bajtů: 633 605 484 544
.
- - End Of File - - BFDC7C100E7426E17A3A5D7D455B42C9
A36C5E4F47E84449FF07ED3517B43A31

Re: Výrazné zpomalení internetu

Napsal: 25 srp 2013 11:51
od Márty84
Zdravim.


:!: Proc jste spoustel ComboFix? :roll:

Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto
2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.
CF smaze veskere stopy pripadne nakazy. A ja ted muzu tak akorat varit z vody, jak se rika :x
Zkusime se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty.



:arrow: Odinstalujte vse od IObit. Dokaze to nadelat vic skody nez uzitku
:arrow: Odinstalujte i vse od AVG
:arrow: Pokud neni ESET zakoupen, odinstalujte jej a nainstalujte Avast

:arrow: Az to udelate, dejte sem log z RSIT http://forum.viry.cz/viewtopic.php?f=24&t=130784

Re: Výrazné zpomalení internetu

Napsal: 25 srp 2013 13:33
od HellCraft
Log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by OEM at 2013-08-25 14:23:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 604 GB (63%) free of 954 GB
Total RAM: 4055 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:23:33, on 25.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\OEM.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Ashampoo Core Tuner 2 Service (ACT2_Service) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MailList Controller - Arclab Software GbR - c:\program files (x86)\arclab\maillist controller\amlcSVC.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\Windows\system32\mqsvc.exe (file missing)
O23 - Service: @mqutil.dll,-6203 (MSMQTriggers) - Unknown owner - C:\Windows\system32\mqtgsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8395 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Windows\system32\mqsvc.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\NetLimiter 3\nlsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 3112
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\mqtgsvc.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ef34cd94-ee96-4fc9-b39e-6f8c4841c3e8 -SystemEventPortName:HostProcess-86d4358b-7c3b-4647-a6cf-fe73dfeedd14 -IoCancelEventPortName:HostProcess-a98afc8d-1fcc-4c93-931b-ed905b5c0362 -NonStateChangingEventPortName:HostProcess-ca91b25f-61ee-4a28-b00d-666823ff5ea2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:95aa1ee3-d7da-4e17-b947-2b7a185ac96a -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3392.0.647924768\988885933" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,19,22 --gpu-vendor-id=0x10de --gpu-device-id=0x0dc4 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.3.1435331091\172386171" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.4.347376923\1710830228" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.5.664071997\106663726" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.6.202032823\1753045588" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.7.452363940\273247308" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.15.1370637683\1462507665" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.19.1022322699\1858807516" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.20.206660315\2060698177" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.28.1022889198\1209234248" /prefetch:673131151
"C:\Users\OEM\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="D3D11Experiment/Enabled/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Control4 pct:1d m29stable:pp/NewMenuStyle/Compact2/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-50-Percent/group_01/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="3392.29.1315063376\1879006706" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3395566686-3764996113-1460129602-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3395566686-3764996113-1460129602-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1ce7ba38e296e4d.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce0d1086a5840.job

=========Mozilla firefox=========

ProfilePath - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default

prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =198484&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.3]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll


C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\extensions\
plugin@getwebcake.com
{96f454ea-9d38-474f-b504-56193e00c1a5}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\searchplugins\
yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-11-12 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-26 254032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-11-12 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-26 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2013-06-26 254032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-26 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"=regsvr32 /s mqrt.dll []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-04-19 18678376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-08-25 14:23:24 ----D---- C:\rsit
2013-08-25 14:23:24 ----D---- C:\Program Files\trend micro
2013-08-25 11:50:02 ----A---- C:\ComboFix.txt
2013-08-25 11:46:30 ----D---- C:\$RECYCLE.BIN
2013-08-23 15:42:42 ----A---- C:\Windows\system32\iisRtl.dll
2013-08-23 15:42:41 ----A---- C:\Windows\SYSWOW64\wamregps.dll
2013-08-23 15:42:41 ----A---- C:\Windows\SYSWOW64\iisRtl.dll
2013-08-23 15:42:41 ----A---- C:\Windows\SYSWOW64\iisrstap.dll
2013-08-23 15:42:41 ----A---- C:\Windows\SYSWOW64\iisreset.exe
2013-08-23 15:42:41 ----A---- C:\Windows\SYSWOW64\ahadmin.dll
2013-08-23 15:42:41 ----A---- C:\Windows\SYSWOW64\admwprox.dll
2013-08-23 15:42:41 ----A---- C:\Windows\system32\wamregps.dll
2013-08-23 15:42:41 ----A---- C:\Windows\system32\iisrstap.dll
2013-08-23 15:42:41 ----A---- C:\Windows\system32\iisreset.exe
2013-08-23 15:42:41 ----A---- C:\Windows\system32\ahadmin.dll
2013-08-23 15:42:41 ----A---- C:\Windows\system32\admwprox.dll
2013-08-22 19:16:36 ----D---- C:\Windows\SYSWOW64\BestPractices
2013-08-22 19:16:36 ----D---- C:\Windows\system32\msmq
2013-08-22 19:16:36 ----D---- C:\Windows\system32\BestPractices
2013-08-22 19:16:32 ----D---- C:\inetpub
2013-08-22 11:45:20 ----D---- C:\ProgramData\MFAData
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-22 11:29:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-22 11:29:03 ----A---- C:\Windows\system32\wow64.dll
2013-08-22 11:29:03 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-22 11:29:03 ----A---- C:\Windows\system32\ntdll.dll
2013-08-22 10:05:38 ----D---- C:\Windows\temp
2013-08-22 09:56:40 ----A---- C:\Windows\zip.exe
2013-08-22 09:56:40 ----A---- C:\Windows\SWSC.exe
2013-08-22 09:56:40 ----A---- C:\Windows\SWREG.exe
2013-08-22 09:56:40 ----A---- C:\Windows\sed.exe
2013-08-22 09:56:40 ----A---- C:\Windows\PEV.exe
2013-08-22 09:56:40 ----A---- C:\Windows\NIRCMD.exe
2013-08-22 09:56:40 ----A---- C:\Windows\MBR.exe
2013-08-22 09:56:40 ----A---- C:\Windows\grep.exe
2013-08-21 20:06:03 ----D---- C:\Qoobox
2013-08-21 20:05:40 ----D---- C:\Windows\erdnt
2013-08-18 09:30:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-18 09:02:30 ----D---- C:\Windows\pss
2013-08-18 08:44:03 ----D---- C:\Users\OEM\AppData\Roaming\BitTorrent
2013-08-17 13:52:51 ----D---- C:\ProgramData\Locktime
2013-08-17 13:52:51 ----D---- C:\Program Files\NetLimiter 3
2013-08-17 13:52:20 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-08-17 13:24:33 ----D---- C:\Program Files (x86)\NirSoft
2013-08-16 19:29:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-16 19:29:26 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-16 19:29:26 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-16 19:29:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-16 19:29:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-16 19:29:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-16 19:29:26 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-16 19:29:26 ----A---- C:\Windows\system32\ieui.dll
2013-08-16 19:29:26 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-16 19:29:26 ----A---- C:\Windows\system32\iesetup.dll
2013-08-16 19:29:26 ----A---- C:\Windows\system32\iernonce.dll
2013-08-16 19:29:26 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-16 19:29:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-16 19:29:25 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-16 19:29:25 ----A---- C:\Windows\system32\iertutil.dll
2013-08-16 19:29:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-16 19:29:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-16 19:29:24 ----A---- C:\Windows\system32\jscript9.dll
2013-08-16 19:29:24 ----A---- C:\Windows\system32\jscript.dll
2013-08-16 19:29:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-16 19:29:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-16 19:29:23 ----A---- C:\Windows\system32\urlmon.dll
2013-08-16 19:29:23 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-16 19:29:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-16 19:29:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-16 19:29:22 ----A---- C:\Windows\system32\wininet.dll
2013-08-16 19:29:21 ----A---- C:\Windows\system32\ieframe.dll
2013-08-16 19:29:20 ----A---- C:\Windows\system32\mshtml.dll
2013-08-16 19:29:19 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-16 13:49:28 ----A---- C:\Windows\system32\crypt32.dll
2013-08-16 13:49:27 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-16 13:49:27 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-16 13:49:27 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-16 13:49:27 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-16 13:49:27 ----A---- C:\Windows\system32\wintrust.dll
2013-08-16 13:49:27 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-16 13:49:27 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-16 13:47:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-16 13:47:57 ----A---- C:\Windows\system32\tzres.dll
2013-08-16 13:47:27 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-16 13:47:26 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-16 13:47:18 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-16 13:47:18 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-16 13:47:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-16 13:47:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-15 11:38:52 ----D---- C:\Program Files (x86)\Black_Box
2013-08-15 09:58:58 ----D---- C:\Users\OEM\AppData\Roaming\TP-LINK
2013-08-15 09:58:43 ----D---- C:\Program Files (x86)\TP-LINK
2013-08-15 09:57:26 ----N---- C:\Windows\system32\athurx.sys
2013-08-15 09:57:26 ----A---- C:\Windows\system32\drivers\athurx.sys
2013-08-15 09:56:33 ----D---- C:\ProgramData\TP-LINK

======List of files/folders modified in the last 1 month======

2013-08-25 14:23:33 ----D---- C:\Windows\Prefetch
2013-08-25 14:23:24 ----RD---- C:\Program Files
2013-08-25 14:22:23 ----D---- C:\Users\OEM\AppData\Roaming\Skype
2013-08-25 13:25:36 ----SHD---- C:\Windows\Installer
2013-08-25 13:25:29 ----SHD---- C:\System Volume Information
2013-08-25 13:24:50 ----D---- C:\Windows
2013-08-25 13:24:39 ----RD---- C:\Program Files (x86)
2013-08-25 13:24:39 ----D---- C:\ProgramData
2013-08-25 13:24:39 ----D---- C:\Program Files (x86)\Common Files
2013-08-25 13:24:38 ----D---- C:\Windows\system32\drivers
2013-08-25 13:11:08 ----D---- C:\Windows\system32\config
2013-08-25 12:10:28 ----D---- C:\Windows\system32\inetsrv
2013-08-25 12:08:17 ----D---- C:\ProgramData\NVIDIA
2013-08-25 11:46:31 ----A---- C:\Windows\system.ini
2013-08-25 11:46:27 ----D---- C:\Windows\system32\drivers\etc
2013-08-25 11:42:30 ----D---- C:\Windows\SYSWOW64\drivers
2013-08-25 11:42:30 ----D---- C:\Windows\SysWOW64
2013-08-25 11:42:30 ----D---- C:\Windows\AppPatch
2013-08-24 20:01:07 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-08-24 19:58:00 ----D---- C:\Program Files (x86)\Origin
2013-08-24 19:34:04 ----RSD---- C:\Windows\Fonts
2013-08-24 19:15:51 ----D---- C:\Users\OEM\AppData\Roaming\MAXON
2013-08-24 19:04:51 ----D---- C:\Youtube
2013-08-24 14:46:08 ----D---- C:\Windows\rescache
2013-08-24 10:34:25 ----RSD---- C:\Windows\assembly
2013-08-24 10:34:25 ----D---- C:\Windows\Microsoft.NET
2013-08-24 08:28:42 ----D---- C:\Windows\winsxs
2013-08-24 08:27:35 ----D---- C:\Windows\SYSWOW64\migration
2013-08-24 08:27:35 ----D---- C:\Windows\SYSWOW64\inetsrv
2013-08-24 08:27:35 ----D---- C:\Windows\system32\migration
2013-08-24 08:27:35 ----D---- C:\Windows\System32
2013-08-23 15:14:20 ----D---- C:\Windows\system32\catroot2
2013-08-23 15:14:20 ----D---- C:\Windows\system32\catroot
2013-08-23 10:29:54 ----D---- C:\Windows\inf
2013-08-22 19:19:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-22 19:18:55 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-08-22 19:16:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-22 19:16:34 ----D---- C:\Windows\system32\cs-CZ
2013-08-22 17:03:20 ----D---- C:\Program Files (x86)\Steam
2013-08-22 15:24:25 ----D---- C:\Windows\system32\Tasks
2013-08-22 15:24:16 ----D---- C:\ProgramData\IObit
2013-08-22 15:24:16 ----D---- C:\Program Files (x86)\IObit
2013-08-22 15:22:32 ----D---- C:\Windows\Tasks
2013-08-22 15:18:12 ----D---- C:\Program Files (x86)\NFS
2013-08-22 15:18:01 ----D---- C:\Users\OEM\AppData\Roaming\TS3Client
2013-08-22 15:14:41 ----D---- C:\Users\OEM\AppData\Roaming\IObit
2013-08-22 12:42:46 ----D---- C:\Windows\SoftwareDistribution
2013-08-22 12:39:29 ----D---- C:\Windows\debug
2013-08-22 12:35:10 ----D---- C:\Windows\system32\DriverStore
2013-08-22 11:49:49 ----D---- C:\Users\OEM\AppData\Roaming\TuneUp Software
2013-08-22 11:28:07 ----D---- C:\Windows\Panther
2013-08-22 11:28:06 ----D---- C:\Users\OEM\AppData\Roaming\DAEMON Tools Lite
2013-08-22 10:24:25 ----D---- C:\Program Files\Common Files
2013-08-20 18:36:24 ----D---- C:\Program Files (x86)\DolbyAxon
2013-08-19 07:06:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-16 20:14:08 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-16 20:14:07 ----D---- C:\Program Files\Internet Explorer
2013-08-16 19:25:31 ----D---- C:\Windows\system32\MRT
2013-08-16 19:23:35 ----A---- C:\Windows\system32\MRT.exe
2013-08-16 18:37:30 ----D---- C:\ProgramData\EA Logs
2013-08-16 17:26:07 ----D---- C:\Users\OEM\AppData\Roaming\Origin
2013-08-16 13:56:33 ----D---- C:\Program Files (x86)\Mount&Blade Warband
2013-08-16 13:52:42 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-08-15 11:55:28 ----D---- C:\Windows\Logs
2013-08-15 09:58:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-08-15 09:11:26 ----D---- C:\Program Files (x86)\Adobe
2013-08-15 09:11:05 ----D---- C:\Users\OEM\AppData\Roaming\Adobe
2013-08-15 08:56:19 ----D---- C:\Program Files (x86)\Thread Manager
2013-08-01 13:51:51 ----D---- C:\Windows\system32\NDF
2013-07-31 19:11:16 ----D---- C:\Program Files (x86)\Google
2013-07-28 14:12:11 ----D---- C:\ProgramData\Running with rifles
2013-07-28 12:41:31 ----D---- C:\Users\OEM\AppData\Roaming\SoftGrid Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-19 283200]
R1 nltdi;nltdi; \??\C:\Program Files\NetLimiter 3\nltdi.sys [2013-06-12 87472]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ACT2PM;Ashampoo CoreTuner 2 ProcessMonitor Driver; \??\C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [2011-06-10 15160]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2012-10-18 1930240]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 189440]
R3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys [2013-06-12 32688]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 ALSysIO;ALSysIO; C:\Windows\system32\drivers\ALSysIO.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; C:\Windows\system32\drivers\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2012-09-10 22528]
S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys [2013-06-12 32688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACT2_Service;Ashampoo Core Tuner 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [2011-08-22 1421216]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-26 1329304]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2010-11-20 15872]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 9216]
R2 MSMQTriggers;@mqutil.dll,-6203; C:\Windows\system32\mqtgsvc.exe [2010-11-20 189440]
R2 nlsvc;NetLimiter 3 Service; C:\Program Files\NetLimiter 3\nlsvc.exe [2013-06-25 1851008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-06-19 76888]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-23 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-23 194032]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S3 MailList Controller;MailList Controller; c:\program files (x86)\arclab\maillist controller\amlcSVC.exe [2013-03-16 3028688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-18 117656]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-07-27 563624]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]

-----------------EOF-----------------

Re: Výrazné zpomalení internetu

Napsal: 25 srp 2013 13:35
od HellCraft
A také Avast se mi ani na 8 pokusů nepodařilo stáhnout. Rychlost šla 50-120 kb/s a asi při 80 mb se rychlost změnila na 0 B/s a potom mi to napsalo neznáma chyba sítě :(

Re: Výrazné zpomalení internetu

Napsal: 25 srp 2013 13:51
od Márty84
:arrow: Vyzkousejte, jestli to blbne i v nouzovem rezimu s praci v siti


:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

Re: Výrazné zpomalení internetu

Napsal: 25 srp 2013 16:30
od HellCraft
V nouzovém režimu se síti nebyl internet o nic lepší rychlost začla sice asi na 250 kb, ale po pár minutách zase 40kB/s nakonec "Neznámá chyba sítě"

Log z adwcleaneru


# AdwCleaner v3.001 - Report created 25/08/2013 at 17:04:38
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : OEM - OEM-PC
# Running from : C:\Users\OEM\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\OEM\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Found : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\user.js
Folder Found : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\plugin@getwebcake.com
Folder Found : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
Folder Found : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\Extensions\plugin@getwebcake.com
Folder Found C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Found C:\Program Files (x86)\Common Files\spigot
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\TornTV.com
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\InstallMate
Folder Found C:\ProgramData\SoftSafe
Folder Found C:\ProgramData\StarApp
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\OEM\AppData\Local\Babylon
Folder Found C:\Users\OEM\AppData\Local\Conduit
Folder Found C:\Users\OEM\AppData\Local\cre
Folder Found C:\Users\OEM\AppData\Local\PackageAware
Folder Found C:\Users\OEM\AppData\LocalLow\Conduit
Folder Found C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Found C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\CT3289075
Folder Found C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\jetpack
Folder Found C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\Smartbar
Folder Found C:\Users\OEM\AppData\Roaming\NCdownloader
Folder Found C:\Users\OEM\AppData\Roaming\OpenCandy
Folder Found C:\Users\OEM\AppData\Roaming\Uniblue\DriverScanner

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Search Settings
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\powerpack
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\powerpack
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\StartSearch
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-desktop (1)_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-desktop (1)_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


[ File : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\prefs.js ]

Line Found : user_pref("CT3289075.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM3NzI0NTcxNSwidXVpZCI6MzM5OTA3NTIxMjEwNDY3LCJzZXFfaWQiOjIwLCJzc2IiOjEzNzM3MDY0NzN9");
Line Found : user_pref("CT3289075.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.FF19Solved", "true");
Line Found : user_pref("CT3289075.FirstTime", "true");
Line Found : user_pref("CT3289075.FirstTimeFF3", "true");
Line Found : user_pref("CT3289075.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3289075.PG_ENABLE.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289075.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Found : user_pref("CT3289075.SF_STATUS.enc", "RU5BQkxFRA==");
Line Found : user_pref("CT3289075.SF_USER_ID.enc", "Y2lkXzEzNzIwMTMxMTc1MjY0MzQ3NDg=");
Line Found : user_pref("CT3289075.UserID", "UN19567717132850674");
Line Found : user_pref("CT3289075.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3289075.cb_user_id_000.enc", "Q0I3NDg3NDMwODAyMDVfMTM3NDMxMTQ3NzY2MF9GaXJlZm94");
Line Found : user_pref("CT3289075.cbfirsttime.enc", "U2F0IEp1bCAxMyAyMDEzIDExOjA3OjU0IEdNVCswMjAw");
Line Found : user_pref("CT3289075.countryCode", "CZ");
Line Found : user_pref("CT3289075.defaultSearch", "false");
Line Found : user_pref("CT3289075.embeddedsData", "[{\"appId\":\"130064539389933152\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT3289075.enableFix404ByUser", "FALSE");
Line Found : user_pref("CT3289075.enableSearchFromAddressBar", "false");
Line Found : user_pref("CT3289075.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3289075.fixPageNotFoundErrorByUser", "TRUE");
Line Found : user_pref("CT3289075.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3289075.fixUrls", true);
Line Found : user_pref("CT3289075.fullUserID", "UN19567717132850674.UP.20130718191422");
Line Found : user_pref("CT3289075.installDate", "13/7/2013 11:07:23");
Line Found : user_pref("CT3289075.installSessionId", "-1");
Line Found : user_pref("CT3289075.installSp", "FALSE");
Line Found : user_pref("CT3289075.installType", "xpe");
Line Found : user_pref("CT3289075.installUsage", "2013-07-13T12:07:39.0638704+03:00");
Line Found : user_pref("CT3289075.installUsageEarly", "2013-07-13T12:07:38.4554626+03:00");
Line Found : user_pref("CT3289075.installerVersion", "1.4.2.3");
Line Found : user_pref("CT3289075.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3289075.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3289075.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3289075.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289075&octid=CT3289075&SearchSource=15&CUI=UN19567717132850674&SSPV=&Lay=1&UM=1\"}");
Line Found : user_pref("CT3289075.lastVersion", "10.16.70.505");
Line Found : user_pref("CT3289075.mam_gk_appStateReportTime.enc", "MTM3NzMyNzA1Nzg4NA==");
Line Found : user_pref("CT3289075.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3289075.mam_gk_appState_Easytobook.enc", "b24=");
Line Found : user_pref("CT3289075.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Found : user_pref("CT3289075.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3289075.mam_gk_appState_WindowShopper.enc", "b24=");
Line Found : user_pref("CT3289075.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Found : user_pref("CT3289075.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Found : user_pref("CT3289075.mam_gk_calledSetupService.enc", "MQ==");
Line Found : user_pref("CT3289075.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIxZDdkMTJlMi1kODM5LTQ4MWYtYjUzZS1lOTEwYTRmMTdkMGMiLCJ[...]
Line Found : user_pref("CT3289075.mam_gk_currentVersion.enc", "MS4xMC4yLjU=");
Line Found : user_pref("CT3289075.mam_gk_eventsCache.enc", "eyJkNjA0ZTE3My00NDBkLTQ5YjEtYWQxMC0wZjlhNmVmYWM5ZGUiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlS[...]
Line Found : user_pref("CT3289075.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Found : user_pref("CT3289075.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3289075.mam_gk_gadgetOpen.enc", "MA==");
Line Found : user_pref("CT3289075.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Found : user_pref("CT3289075.mam_gk_lastLoginTime.enc", "MTM3NzMyNzA1NDUwMA==");
Line Found : user_pref("CT3289075.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Found : user_pref("CT3289075.mam_gk_mamEnabled.enc", "ZmFsc2U=");
Line Found : user_pref("CT3289075.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289075.mam_gk_settings1.10.2.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBl[...]
Line Found : user_pref("CT3289075.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBlc[...]
Line Found : user_pref("CT3289075.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBlc[...]
Line Found : user_pref("CT3289075.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3289075.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3289075.mam_gk_userId.enc", "NzU4ZmVlNDgtZjA1Yy00MTVmLTg2NDctMTgyMjFmMTliNmI5");
Line Found : user_pref("CT3289075.mam_gk_user_approval_interacted.enc", "MQ==");
Line Found : user_pref("CT3289075.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Found : user_pref("CT3289075.migrateAppsAndComponents", true);
Line Found : user_pref("CT3289075.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3D4i2OvuWdzWI\",\"EB_MAIN_FRAME_TITLE\":\"LDUK%20-%20Game%20Over%20-%20YouTube\",\"EB_SE[...]
Line Found : user_pref("CT3289075.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.openThankYouPage", "true");
Line Found : user_pref("CT3289075.openUninstallPage", "false");
Line Found : user_pref("CT3289075.price-gong.isManagedApp", "true");
Line Found : user_pref("CT3289075.revertSettingsEnabled", "FALSE");
Line Found : user_pref("CT3289075.search.searchAppId", "130064539389933152");
Line Found : user_pref("CT3289075.search.searchCount", "0");
Line Found : user_pref("CT3289075.searchInNewTabEnabledByUser", "false");
Line Found : user_pref("CT3289075.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3289075.searchRevert", "FALSE");
Line Found : user_pref("CT3289075.searchSuggestEnabledByUser", "false");
Line Found : user_pref("CT3289075.searchUserMode", "1");
Line Found : user_pref("CT3289075.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289075\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv6.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v6\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3289075.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3289075.serviceLayer_services_Configuration_lastUpdate", "1377245831618");
Line Found : user_pref("CT3289075.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376653577688");
Line Found : user_pref("CT3289075.serviceLayer_services_appsMetadata_lastUpdate", "1377274232145");
Line Found : user_pref("CT3289075.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376653577608");
Line Found : user_pref("CT3289075.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1373706463613");
Line Found : user_pref("CT3289075.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1373706464461");
Line Found : user_pref("CT3289075.serviceLayer_services_location_lastUpdate", "1373706463390");
Line Found : user_pref("CT3289075.serviceLayer_services_login_10.16.2.9_lastUpdate", "1373784869590");
Line Found : user_pref("CT3289075.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374994232120");
Line Found : user_pref("CT3289075.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377327320649");
Line Found : user_pref("CT3289075.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376653577663");
Line Found : user_pref("CT3289075.serviceLayer_services_searchAPI_lastUpdate", "1377245831597");
Line Found : user_pref("CT3289075.serviceLayer_services_serviceMap_lastUpdate", "1377245840272");
Line Found : user_pref("CT3289075.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376653577573");
Line Found : user_pref("CT3289075.serviceLayer_services_toolbarSettings_lastUpdate", "1377327320143");
Line Found : user_pref("CT3289075.serviceLayer_services_translation_lastUpdate", "1377245830723");
Line Found : user_pref("CT3289075.settingsINI", true);
Line Found : user_pref("CT3289075.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3289075.showToolbarPermission", "false");
Line Found : user_pref("CT3289075.smartbar.CTID", "CT3289075");
Line Found : user_pref("CT3289075.smartbar.Uninstall", "0");
Line Found : user_pref("CT3289075.smartbar.toolbarName", "uTorrentControl_v6 ");
Line Found : user_pref("CT3289075.startPage", "false");
Line Found : user_pref("CT3289075.toolbarBornServerTime", "13-7-2013");
Line Found : user_pref("CT3289075.toolbarCurrentServerTime", "24-8-2013");
Line Found : user_pref("CT3289075.toolbarLoginClientTime", "Sat Jul 13 2013 11:07:44 GMT+0200");
Line Found : user_pref("CT3289075.url_history0001.enc", "aHR0cDovL3d3dy55b3V0dWJlLmNvbS91c2VyL1N0cmlrZXJEZXNpZ25DWj9mZWF0dXJlPXdhdGNoOjo6Y2xpY2toYW5kbGVyOjo6MTM3NjczNjMwODc2MiwsLGh0dHA6Ly93d3cueW91dHViZS5jb20vdXNl[...]
Line Found : user_pref("CT3289075.versionFromInstaller", "10.16.2.9");
Line Found : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1377327195449,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\exte[...]
Line Found : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Found : user_pref("extentions.webcake.installId", "f80230d2-fe15-4843-88d5-42cbed43f724");
Line Found : user_pref("smartbar.machineId", "QOFVAOZJYTHAOGEMYDRUMSLMOUXDPIQ2DABRZBNQRAKR0NQJ69DDMQHBFO8NCRQBHNHFY5ZHWKIXNAORS48FYW");

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [18760 octets] - [25/08/2013 17:04:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18821 octets] ##########

Re: Výrazné zpomalení internetu

Napsal: 25 srp 2013 18:19
od Márty84
:arrow: Znovu ukoncete vsechny programy a spustte AdwCleaner jako spravce.
Tentokrat kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zase zkopirujte.

Re: Výrazné zpomalení internetu

Napsal: 30 srp 2013 08:02
od HellCraft
Tady to je...

# AdwCleaner v3.001 - Report created 30/08/2013 at 08:58:50
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : OEM - OEM-PC
# Running from : C:\Users\OEM\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files (x86)\Common Files\spigot
Folder Deleted : C:\Users\OEM\AppData\Local\Babylon
Folder Deleted : C:\Users\OEM\AppData\Local\Conduit
Folder Deleted : C:\Users\OEM\AppData\Local\cre
Folder Deleted : C:\Users\OEM\AppData\Local\PackageAware
Folder Deleted : C:\Users\OEM\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\OEM\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\OEM\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\OEM\AppData\Roaming\Uniblue\DriverScanner
Folder Deleted : C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\jetpack
Folder Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\Smartbar
Folder Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\CT3289075
Folder Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\plugin@getwebcake.com
Folder Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\Extensions\plugin@getwebcake.com
Folder Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
File Deleted : C:\END
File Deleted : C:\Users\OEM\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Vid-Saver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-desktop (1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_google-desktop (1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-live-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v22.0 (cs)

[ File : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


[ File : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\i11ju112.default\prefs.js ]

Line Deleted : user_pref("CT3289075.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM3Nzg0NTgwNywidXVpZCI6MzM5OTA3NTIxMjEwNDY3LCJzZXFfaWQiOjIyLCJzc2IiOjEzNzM3MDY0NzN9");
Line Deleted : user_pref("CT3289075.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.FF19Solved", "true");
Line Deleted : user_pref("CT3289075.FirstTime", "true");
Line Deleted : user_pref("CT3289075.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3289075.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289075.PG_ENABLE.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289075.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3289075.SF_STATUS.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3289075.SF_USER_ID.enc", "Y2lkXzEzNzIwMTMxMTc1MjY0MzQ3NDg=");
Line Deleted : user_pref("CT3289075.UserID", "UN19567717132850674");
Line Deleted : user_pref("CT3289075.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3289075.cb_experience_000.enc", "NQ==");
Line Deleted : user_pref("CT3289075.cb_firstuse0100.enc", "MQ==");
Line Deleted : user_pref("CT3289075.cb_user_id_000.enc", "Q0I3NDg3NDMwODAyMDVfMTM3NDMxMTQ3NzY2MF9GaXJlZm94");
Line Deleted : user_pref("CT3289075.cbfirsttime.enc", "U2F0IEp1bCAxMyAyMDEzIDExOjA3OjU0IEdNVCswMjAw");
Line Deleted : user_pref("CT3289075.countryCode", "CZ");
Line Deleted : user_pref("CT3289075.defaultSearch", "false");
Line Deleted : user_pref("CT3289075.embeddedsData", "[{\"appId\":\"130064539389933152\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3289075.enableFix404ByUser", "FALSE");
Line Deleted : user_pref("CT3289075.enableSearchFromAddressBar", "false");
Line Deleted : user_pref("CT3289075.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3289075.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3289075.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3289075.fixUrls", true);
Line Deleted : user_pref("CT3289075.fullUserID", "UN19567717132850674.UP.20130718191422");
Line Deleted : user_pref("CT3289075.installDate", "13/7/2013 11:07:23");
Line Deleted : user_pref("CT3289075.installSessionId", "-1");
Line Deleted : user_pref("CT3289075.installSp", "FALSE");
Line Deleted : user_pref("CT3289075.installType", "xpe");
Line Deleted : user_pref("CT3289075.installUsage", "2013-07-13T12:07:39.0638704+03:00");
Line Deleted : user_pref("CT3289075.installUsageEarly", "2013-07-13T12:07:38.4554626+03:00");
Line Deleted : user_pref("CT3289075.installerVersion", "1.4.2.3");
Line Deleted : user_pref("CT3289075.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3289075.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3289075.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3289075.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3289075&octid=CT3289075&SearchSource=15&CUI=UN19567717132850674&SSPV=&Lay=1&UM=1\"}");
Line Deleted : user_pref("CT3289075.lastVersion", "10.16.70.505");
Line Deleted : user_pref("CT3289075.mam_gk_appStateReportTime.enc", "MTM3Nzg0NTgxMTgxNw==");
Line Deleted : user_pref("CT3289075.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3289075.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT3289075.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT3289075.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3289075.mam_gk_appState_WindowShopper.enc", "b24=");
Line Deleted : user_pref("CT3289075.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0Rp[...]
Line Deleted : user_pref("CT3289075.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3289075.mam_gk_calledSetupService.enc", "MQ==");
Line Deleted : user_pref("CT3289075.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI2YzMxOGJmNi0zM2M2LTQ5Y2QtYmM0Yy05ZWJjMTkzYzczMWUiLCJ[...]
Line Deleted : user_pref("CT3289075.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
Line Deleted : user_pref("CT3289075.mam_gk_eventsCache.enc", "eyJkNjA0ZTE3My00NDBkLTQ5YjEtYWQxMC0wZjlhNmVmYWM5ZGUiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlS[...]
Line Deleted : user_pref("CT3289075.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3289075.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3289075.mam_gk_gadgetOpen.enc", "MA==");
Line Deleted : user_pref("CT3289075.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3289075.mam_gk_lastLoginTime.enc", "MTM3Nzg0NTgxMDYxNQ==");
Line Deleted : user_pref("CT3289075.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3289075.mam_gk_mamEnabled.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3289075.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289075.mam_gk_settings1.10.2.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBl[...]
Line Deleted : user_pref("CT3289075.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBl[...]
Line Deleted : user_pref("CT3289075.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBlc[...]
Line Deleted : user_pref("CT3289075.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQ1oiLCJpc1dlbGNvbWVFeHBlc[...]
Line Deleted : user_pref("CT3289075.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3289075.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3289075.mam_gk_userId.enc", "NzU4ZmVlNDgtZjA1Yy00MTVmLTg2NDctMTgyMjFmMTliNmI5");
Line Deleted : user_pref("CT3289075.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3289075.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3289075.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3289075.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://uTorrentControlv6.OurToolbar.com/\",\"[...]
Line Deleted : user_pref("CT3289075.openThankYouPage", "true");
Line Deleted : user_pref("CT3289075.openUninstallPage", "false");
Line Deleted : user_pref("CT3289075.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3289075.revertSettingsEnabled", "FALSE");
Line Deleted : user_pref("CT3289075.search.searchAppId", "130064539389933152");
Line Deleted : user_pref("CT3289075.search.searchCount", "0");
Line Deleted : user_pref("CT3289075.searchInNewTabEnabledByUser", "false");
Line Deleted : user_pref("CT3289075.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3289075.searchRevert", "FALSE");
Line Deleted : user_pref("CT3289075.searchSuggestEnabledByUser", "false");
Line Deleted : user_pref("CT3289075.searchUserMode", "1");
Line Deleted : user_pref("CT3289075.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3289075\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv6.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v6\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3289075.serviceLayer_services_Configuration_lastUpdate", "1377443576601");
Line Deleted : user_pref("CT3289075.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376653577688");
Line Deleted : user_pref("CT3289075.serviceLayer_services_appsMetadata_lastUpdate", "1377845812151");
Line Deleted : user_pref("CT3289075.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376653577608");
Line Deleted : user_pref("CT3289075.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1373706463613");
Line Deleted : user_pref("CT3289075.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1373706464461");
Line Deleted : user_pref("CT3289075.serviceLayer_services_location_lastUpdate", "1373706463390");
Line Deleted : user_pref("CT3289075.serviceLayer_services_login_10.16.2.9_lastUpdate", "1373784869590");
Line Deleted : user_pref("CT3289075.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374994232120");
Line Deleted : user_pref("CT3289075.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377443576132");
Line Deleted : user_pref("CT3289075.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376653577663");
Line Deleted : user_pref("CT3289075.serviceLayer_services_searchAPI_lastUpdate", "1377443576476");
Line Deleted : user_pref("CT3289075.serviceLayer_services_serviceMap_lastUpdate", "1377443576472");
Line Deleted : user_pref("CT3289075.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376653577573");
Line Deleted : user_pref("CT3289075.serviceLayer_services_toolbarSettings_lastUpdate", "1377845811972");
Line Deleted : user_pref("CT3289075.serviceLayer_services_translation_lastUpdate", "1377443576032");
Line Deleted : user_pref("CT3289075.settingsINI", true);
Line Deleted : user_pref("CT3289075.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3289075.showToolbarPermission", "false");
Line Deleted : user_pref("CT3289075.smartbar.CTID", "CT3289075");
Line Deleted : user_pref("CT3289075.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3289075.smartbar.toolbarName", "uTorrentControl_v6 ");
Line Deleted : user_pref("CT3289075.startPage", "false");
Line Deleted : user_pref("CT3289075.toolbarBornServerTime", "13-7-2013");
Line Deleted : user_pref("CT3289075.toolbarCurrentServerTime", "25-8-2013");
Line Deleted : user_pref("CT3289075.toolbarLoginClientTime", "Sat Jul 13 2013 11:07:44 GMT+0200");
Line Deleted : user_pref("CT3289075.url_history0001.enc", "aHR0cDovL2ZvcnVtLnZpcnkuY3ovaW5kZXgucGhwP3NpZD1kYjQyMzU3NWRkZGJjNjAyOTMxNjhhNWI3NDg3ZDc2Njo6OmNsaWNraGFuZGxlcjo6OjEzNzc0NDM1MDcwMTIsLCxodHRwOi8vZm9ydW0udmly[...]
Line Deleted : user_pref("CT3289075.versionFromInstaller", "10.16.2.9");
Line Deleted : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1377845801058,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\exte[...]
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "f80230d2-fe15-4843-88d5-42cbed43f724");
Line Deleted : user_pref("smartbar.machineId", "QOFVAOZJYTHAOGEMYDRUMSLMOUXDPIQ2DABRZBNQRAKR0NQJ69DDMQHBFO8NCRQBHNHFY5ZHWKIXNAORS48FYW");

-\\ Google Chrome v29.0.1547.57

[ File : C:\Users\OEM\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [18934 octets] - [25/08/2013 17:04:38]
AdwCleaner[R1].txt - [19031 octets] - [30/08/2013 08:55:43]
AdwCleaner[R2].txt - [19312 octets] - [30/08/2013 08:58:06]
AdwCleaner[S0].txt - [19386 octets] - [30/08/2013 08:58:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19447 octets] ##########

Re: Výrazné zpomalení internetu

Napsal: 30 srp 2013 08:05
od HellCraft
Ještě mám otázku, mám možnost si přestěhovat PC do nového domu.. Kde je internet 9 mb a také od jiného providera. Takže se chci tedy zeptat, jestli ten vir nemůže nějak napadnout router nebo tak nějak?? :)

A kdyby internet šel pomalu i tam tak můžeme vyloučit chybu providera...

Re: Výrazné zpomalení internetu

Napsal: 30 srp 2013 08:43
od Márty84
Zatim ho nikam nenoste, stejne se musi docistit, je tam jeste dost veci na vymaz. Vemem to postupne. Kdyz to nezabere, pak teprve bych hledal chybu u providera :)


:arrow: Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Výrazné zpomalení internetu

Napsal: 30 srp 2013 11:07
od HellCraft
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.08.30.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
OEM :: OEM-PC [administrátor]

30.8.2013 10:44:15
MBAM-log-2013-08-30 (12-02-56).txt

Typ: Kompletní kontrola (C:\|Q:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 516995
Uplynulý čas: 1 hodin, 18 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 7
C:\AdwCleaner\Quarantine\C\ProgramData\InstallMate\{7FE3A102-6AA7-45B0-A75B-2285A40083F4}\Setup.exe.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\InstallMate\{7FE3A102-6AA7-45B0-A75B-2285A40083F4}\TsuDll.dll.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\InstallMate\{8ABF6CE6-1702-4C54-AEBF-5F20515C4E10}\Setup.exe.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\InstallMate\{8ABF6CE6-1702-4C54-AEBF-5F20515C4E10}\TsuDll.dll.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe.vir (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\NFS\Keys\rld-nu2k.exe (Trojan.Downloader) -> Nebyla provedena žádná instrukce.

(konec)

Re: Výrazné zpomalení internetu

Napsal: 30 srp 2013 18:19
od Márty84
Vsechny nalezy nechte odstranit. Po restartu test zopakujte, at vime, jestli se to nevraci. Napiste vysledek, podle toho budeme pokracovat.


20.10. pro neaktivitu :lock: http://forum.viry.cz/viewtopic.php?f=12&t=123975
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz