VIRY.CZ

Dobrý večer, prosím o kontrolu logu z RSIT, mám nemocné PC. Instalují se tam programy, jako FixMyRegistry apod. Když se je pokusím odinstalovat, nainstalují se znovu. Též mám problém s tím, že když zapojím MP3, nedokáže ji to rozpoznat. Když už se to podaří, tak tam nejdou zkopírovat žádné soubory. Objeví se okno s chybou, která mi říká že soubor, který si chci překopírovat ve svém nalezišti není. Notebook sdílím se svým bratrem a matkou. Děkuji za pomoc a dodávám log z RSITu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jakub at 2014-02-22 22:31:28
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 9 GB (4%) free of 228 GB
Total RAM: 3038 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:31:39, on 22.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\Downloads\RSIT.exe
C:\Program Files\trend micro\Jakub.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fbdirecto.net/1/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: websaaVe - {8A57F7A7-22CA-A374-92D0-5DC8FB92427F} - C:\Program Files\websaaVe\PUlmorAf6.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ioTablet] "C:\Genius\ioTablet\gTabTaskBar.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [wmime] C:\Program Files\HEM\wmime.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Online Weather] C:\Users\Jakub\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
O4 - HKUS\S-1-5-21-3963100413-3073813578-487244691-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jakub\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\safeips.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\aestsrv.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: SafeIPS - SafeIP - C:\Program Files\SafeIP\SafeIPs.exe
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc. - C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletService - Unknown owner - C:\Genius\ioTablet\TabletService.exe

--
End of file - 11369 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\schedule!1143840799.job
C:\Windows\tasks\WS-Booster-S-596631634.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll [2014-02-13 752448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F}]
websaaVe - C:\Program Files\websaaVe\PUlmorAf6.dll [2014-02-16 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2013-11-25 665408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-12-08 432432]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-11-19 458844]
"ioTablet"=C:\Genius\ioTablet\gTabTaskBar.exe [2011-01-31 49152]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-11-26 5074384]
"wmime"=C:\Program Files\HEM\wmime.exe [2013-03-26 3028480]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-02-04 3813712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2010-12-15 514048]
"cz.seznam.software.autoupdate"=C:\Users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"Online Weather"=C:\Users\Jakub\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe [2012-10-26 202752]
"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2013-12-18 2285344]
"NextLive"=C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.dll [2014-01-06 1283584]
"FixMyRegistry"=C:\Program Files\SmartTweak\FixMyRegistry\FixMyRegistry.exe [2013-07-22 1886840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SafeIPS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"TaskbarNoNotification"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=LameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.IV41"=IR41_32.AX
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"VIDC.FPS1"=frapsvid.dll
"midi2"=vmcmidiport.dll
"msacm.vorbis"=vorbis.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.iv50"=ir50_32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-22 22:05:24 ----SHD---- C:\$RECYCLE.BIN
2014-02-22 22:05:17 ----A---- C:\ComboFix.txt
2014-02-22 21:45:17 ----D---- C:\ComboFix
2014-02-22 21:45:10 ----D---- C:\Windows\LastGood
2014-02-22 20:24:22 ----D---- C:\Users\Jakub\AppData\Roaming\newnext.me
2014-02-22 20:23:37 ----D---- C:\Windows\system32\dfrg
2014-02-22 20:19:22 ----D---- C:\Program Files\prjMegaTrain
2014-02-22 19:58:16 ----D---- C:\Program Files\EA GAMES
2014-02-22 18:50:44 ----A---- C:\Windows\system32\drivers\tStLib.sys
2014-02-22 17:20:06 ----D---- C:\Program Files\LinkiDoo
2014-02-16 14:44:34 ----D---- C:\Windows\Star Defender 4
2014-02-16 14:44:34 ----D---- C:\Program Files\Star Defender 4
2014-02-16 14:44:16 ----A---- C:\Windows\Star Defender 4 Setup Log.txt
2014-02-16 14:44:14 ----D---- C:\Windows\system32\3045
2014-02-16 13:50:50 ----D---- C:\Users\Jakub\AppData\Roaming\Blue Tea Games
2014-02-16 13:24:26 ----D---- C:\ProgramData\GreatSoft
2014-02-16 13:24:19 ----D---- C:\Program Files\WS-Booster
2014-02-16 13:23:47 ----D---- C:\ProgramData\YoutubeAdblocker
2014-02-16 13:23:37 ----D---- C:\ProgramData\websaaVe
2014-02-16 13:23:37 ----D---- C:\Program Files\websaaVe
2014-02-16 13:23:28 ----D---- C:\ProgramData\2a7f305a058450cd
2014-02-13 16:17:36 ----D---- C:\Users\Jakub\AppData\Roaming\Fenomen Games
2014-02-13 16:16:01 ----D---- C:\Program Files\Bezhlavy jezdec - legenda ze Sleepy Hollow
2014-02-13 16:13:46 ----D---- C:\ProgramData\ProductData
2014-02-13 16:13:45 ----D---- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-13 16:13:27 ----D---- C:\Program Files\Common Files\Spigot
2014-02-13 16:13:07 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2014-02-13 16:13:00 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2014-02-12 19:44:10 ----D---- C:\Program Files\OpenAL
2014-02-09 08:59:10 ----D---- C:\ProgramData\SafetyNut
2014-02-05 19:23:41 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2014-02-05 17:13:24 ----D---- C:\Program Files\Zlata horecka
2014-01-29 19:23:41 ----A---- C:\Windows\system32\javaws.exe
2014-01-29 19:23:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-01-29 19:23:32 ----A---- C:\Windows\system32\javaw.exe
2014-01-29 19:23:32 ----A---- C:\Windows\system32\java.exe
2014-01-27 21:33:55 ----D---- C:\Users\Jakub\AppData\Roaming\Ubisoft
2014-01-27 21:33:04 ----D---- C:\ProgramData\Ubisoft
2014-01-27 21:19:40 ----D---- C:\Program Files\Ubisoft
2014-01-26 20:20:25 ----D---- C:\Users\Jakub\AppData\Roaming\openvr

======List of files/folders modified in the last 1 month======

2014-02-22 22:31:30 ----D---- C:\Program Files\trend micro
2014-02-22 22:30:21 ----D---- C:\Users\Jakub\AppData\Roaming\uTorrent
2014-02-22 22:09:39 ----A---- C:\ProgramData\HPWALog.txt
2014-02-22 22:09:35 ----D---- C:\Windows\System32
2014-02-22 22:09:35 ----D---- C:\Windows\inf
2014-02-22 22:09:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-22 22:05:20 ----D---- C:\Qoobox
2014-02-22 22:05:18 ----D---- C:\Windows\temp
2014-02-22 22:03:19 ----D---- C:\Windows\Tasks
2014-02-22 22:00:58 ----D---- C:\Windows
2014-02-22 22:00:57 ----A---- C:\Windows\system.ini
2014-02-22 22:00:49 ----D---- C:\Windows\system32\drivers\etc
2014-02-22 21:59:59 ----RD---- C:\Program Files
2014-02-22 21:59:59 ----D---- C:\ProgramData\Wincert
2014-02-22 21:54:41 ----D---- C:\Windows\system32\drivers
2014-02-22 21:54:41 ----D---- C:\Windows\AppPatch
2014-02-22 21:54:39 ----D---- C:\Program Files\Common Files
2014-02-22 21:45:10 ----D---- C:\Windows\system32\catroot
2014-02-22 21:43:59 ----D---- C:\Users\Jakub\AppData\Roaming\vlc
2014-02-22 21:43:07 ----HD---- C:\Program Files\InstallShield Installation Information
2014-02-22 21:42:39 ----SHD---- C:\System Volume Information
2014-02-22 21:42:17 ----D---- C:\Program Files\WildTangent Games
2014-02-22 21:42:15 ----D---- C:\Users\Jakub\AppData\Roaming\WildTangent
2014-02-22 21:42:15 ----D---- C:\ProgramData\WildTangent
2014-02-22 21:36:06 ----D---- C:\Program Files\SmartTweak
2014-02-22 21:34:02 ----SHD---- C:\Windows\Installer
2014-02-22 21:28:07 ----D---- C:\Program Files\Free Zip
2014-02-22 21:26:26 ----D---- C:\ProgramData
2014-02-22 20:30:43 ----A---- C:\Windows\NeroDigital.ini
2014-02-22 20:23:53 ----D---- C:\Windows\system32\Tasks
2014-02-22 20:19:15 ----N---- C:\Windows\Setup1.exe
2014-02-22 20:19:14 ----A---- C:\Windows\ST6UNST.EXE
2014-02-22 19:57:51 ----D---- C:\Program Files\Origin Games
2014-02-22 18:38:23 ----D---- C:\ProgramData\PMB Files
2014-02-22 17:53:38 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2014-02-22 17:53:25 ----D---- C:\Program Files\Steam
2014-02-22 14:26:37 ----D---- C:\ProgramData\Boxtools
2014-02-22 14:01:30 ----D---- C:\Users\Jakub\AppData\Roaming\Seznam.cz
2014-02-21 21:23:13 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-16 14:44:54 ----D---- C:\ProgramData\AWEM
2014-02-16 14:41:12 ----D---- C:\ProgramData\PopCap Games
2014-02-16 14:35:12 ----D---- C:\Program Files\Games
2014-02-16 13:24:38 ----D---- C:\ProgramData\InstallMate
2014-02-16 13:24:03 ----HD---- C:\Windows\system32\GroupPolicy
2014-02-16 13:23:27 ----RD---- C:\Users
2014-02-13 16:13:50 ----D---- C:\Users\Jakub\AppData\Roaming\IObit
2014-02-13 16:13:44 ----D---- C:\Program Files\IObit
2014-02-13 16:13:42 ----D---- C:\ProgramData\IObit
2014-02-07 20:03:51 ----D---- C:\Users\Jakub\AppData\Roaming\.minecraft
2014-02-05 17:14:03 ----D---- C:\Users\Jakub\AppData\Roaming\Rainbow
2014-02-05 16:40:03 ----D---- C:\Program Files\LogMeIn Hamachi
2014-02-04 19:12:06 ----D---- C:\Windows\system32\catroot2
2014-01-30 15:44:29 ----D---- C:\Program Files\The Binding of Isaac
2014-01-29 19:23:52 ----D---- C:\ProgramData\Oracle
2014-01-29 19:23:32 ----D---- C:\Program Files\Java
2014-01-27 21:32:46 ----RSD---- C:\Windows\assembly
2014-01-26 19:10:29 ----D---- C:\Program Files\Origin
2014-01-25 22:31:32 ----D---- C:\Program Files\Valve
2014-01-24 17:18:14 ----SD---- C:\Users\Jakub\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-10-17 462104]
R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-12-24 18624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-19 239168]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 tStLib;tStLib; C:\Windows\system32\drivers\tStLib.sys [2014-02-22 55224]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2013-11-17 279712]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-10-08 104712]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2013-11-17 25888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 catchme;catchme; \??\C:\Users\Jakub\AppData\Local\Temp\catchme.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 ioFakDrv;ioVirtual Device; C:\Windows\system32\DRIVERS\ioFakDrv.sys [2010-12-15 21888]
R3 ioFakMap;MiniHid Driver Service for ioFakeDrv Interface layer; C:\Windows\system32\DRIVERS\ioFakMap.sys [2010-12-15 10624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-24 45600]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-15 7543200]
R3 pimou;Pluralinput Mouse 0.8.5; C:\Windows\system32\DRIVERS\pimou.sys [2013-10-01 20920]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2011-09-08 363112]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-11-19 408576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2013-08-25 66560]
S0 9922948cf3835745;syshost.exe; C:\Windows\System32\Drivers\9922948cf3835745.sys []
S1 SRTSP;SRTSP; C:\Windows\system32\drivers\SRTSP.sys []
S1 SRTSPX;SRTSPX; C:\Windows\system32\drivers\SRTSPX.sys []
S3 apf003;apf003; \??\C:\Windows\system32\apf003.sys [2013-05-27 13232]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2010-12-30 16640]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-02-16 23040]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-02-16 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-02-16 30208]
S3 cpuz134;cpuz134; \??\C:\Users\Jakub\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
S3 ioTablet;Tablet Minidriver for ioTablet; C:\Windows\system32\DRIVERS\ioTablet.sys [2011-01-24 34696]
S3 ioTblMap;Mini Mapper for ioCentre; C:\Windows\system32\DRIVERS\ioTblMap.sys [2011-01-24 10632]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2013-04-13 40776]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; C:\Windows\system32\drivers\NAVENG.sys []
S3 NAVEX15;NAVEX15; C:\Windows\system32\drivers\NAVEX15.sys []
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 nv;nv; C:\Windows\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-02-16 149504]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-30 60416]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 uti1mzq3;AVZ Kernel Driver; \??\C:\Windows\system32\Drivers\uti1mzq3.sys [2012-10-01 7168]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2013-08-25 155136]
S3 XDva397;XDva397; C:\Windows\system32\drivers\XDva397.sys []
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 mchInjDrv;mchInjDrv; \??\C:\Windows\system32\Drivers\mchInjDrv.sys [2012-05-09 2560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\aestsrv.exe [2009-11-19 81920]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2012-11-26 1329304]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-02-04 1677648]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-02-04 375056]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-15 203296]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-04-30 76888]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-12-24 365952]
R2 SafetyNutManager;SafetyNut Manager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [2014-02-05 3449864]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\STacSV.exe [2009-11-19 221266]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-23 223232]
R3 SafeIPS;SafeIPS; C:\Program Files\SafeIP\SafeIPs.exe [2012-12-17 3797184]
S2 927d4ead;WS-Sustainer; c:\progra~1\ws-boo~1\AssistantSvc.dll [2014-02-16 179536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 136176]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 TabletService;TabletService; C:\Genius\ioTablet\TabletService.exe [2011-01-31 18944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Desura Install Service;Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [2013-09-30 131912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-06-30 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-11-28 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-01-27 571816]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Odinstalujte Advanced SystemCare a pripadne vse od IObit, dokaze to nadelat vic skody nez uzitku


Kdo vam poradil ComboFix?

Kdybyste si precetl/a pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl/a byste se mimo jine toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

CF smaze veskere stopy pripadne nakazy. A ja ted muzu tak akorat varit z vody, jak se rika
Zkusime se na to podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty


Zkopirujte mi tu jeho log, je zde C:\ComboFix.txt

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Dobrý den, děkuji za odpověď. Jak jsem již napsal, PC sdílim se svou matkou a bratrem a to znamená, že jsem ComboFix nepoužil já, ale nejspíš někdo ze spolubydlících. ComboFix:

ComboFix 14-02-20.01 - Jakub 22.02.2014 21:47:20.6.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3038.1507 [GMT 1:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 6.0 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 6.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\prefs.js
c:\program files\YoutubeAdblocker
c:\program files\YoutubeAdblocker\xo706pmR0.dat
c:\program files\YoutubeAdblocker\xo706pmR0.dll
c:\program files\YoutubeAdblocker\xo706pmR0.tlb
c:\program files\YoutubeAdblocker\xo706pmR0.x64.dll
c:\programdata\Wincert\WIN32C~1.DLL
c:\windows\system32\d3DDx9_28.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-22 do 2014-02-22 )))))))))))))))))))))))))))))))
.
.
2014-02-22 21:00 . 2014-02-22 21:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-02-22 21:00 . 2014-02-22 21:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-02-22 21:00 . 2014-02-22 21:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-22 20:45 . 2014-02-22 20:45 -------- d-----w- c:\windows\LastGood
2014-02-22 19:24 . 2014-02-22 19:25 -------- d-----w- c:\users\Jakub\AppData\Local\cache
2014-02-22 19:24 . 2014-02-22 19:24 -------- d-----w- c:\users\Jakub\AppData\Roaming\newnext.me
2014-02-22 19:24 . 2014-02-22 19:24 -------- d-----w- c:\users\Jakub\AppData\Local\genienext
2014-02-22 19:24 . 2014-02-22 20:31 -------- d-----w- c:\users\Jakub\AppData\Local\Mobogenie
2014-02-22 19:23 . 2014-02-22 20:30 -------- d-----w- c:\windows\system32\dfrg
2014-02-22 19:23 . 2014-02-22 20:30 -------- d-----w- c:\users\Jakub\AppData\Local\SwvUpdater
2014-02-22 19:19 . 2014-02-22 19:19 -------- d-----w- c:\program files\prjMegaTrain
2014-02-22 18:58 . 2014-02-22 18:58 -------- d-----w- c:\program files\EA GAMES
2014-02-22 17:50 . 2014-02-22 17:50 55224 ----a-w- c:\windows\system32\drivers\tStLib.sys
2014-02-22 16:27 . 2014-02-22 16:30 -------- d-----w- c:\users\Jakub\.gimp-2.6
2014-02-22 16:20 . 2014-02-22 20:32 -------- d-----w- c:\program files\LinkiDoo
2014-02-16 13:44 . 2014-02-16 13:44 -------- d-----w- c:\program files\Star Defender 4
2014-02-16 13:44 . 2014-02-16 13:44 -------- d-----w- c:\windows\Star Defender 4
2014-02-16 13:44 . 2014-02-16 13:44 -------- d-----w- c:\windows\system32\3045
2014-02-16 12:50 . 2014-02-16 12:50 -------- d-----w- c:\users\Jakub\AppData\Roaming\Blue Tea Games
2014-02-16 12:24 . 2014-02-16 12:24 -------- d-----w- c:\programdata\GreatSoft
2014-02-16 12:24 . 2014-02-16 12:24 -------- d-----w- c:\program files\WS-Booster
2014-02-16 12:23 . 2014-02-16 12:24 -------- d-----w- c:\programdata\YoutubeAdblocker
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\programdata\websaaVe
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\program files\websaaVe
2014-02-16 12:23 . 2014-02-16 12:24 -------- d-----w- c:\programdata\2a7f305a058450cd
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Torch
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\Jakub\AppData\Local\Torch
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Google
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\Comodo
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\Jakub\AppData\Local\Comodo
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\Guest
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\ASPNET
2014-02-16 12:23 . 2014-02-16 12:23 -------- d-----w- c:\users\Administrator
2014-02-15 17:49 . 2014-02-22 19:24 -------- d-----w- c:\users\Jakub\.android
2014-02-13 15:17 . 2014-02-13 15:17 -------- d-----w- c:\users\Jakub\AppData\Roaming\Fenomen Games
2014-02-13 15:16 . 2014-02-13 15:17 -------- d-----w- c:\program files\Bezhlavy jezdec - legenda ze Sleepy Hollow
2014-02-13 15:13 . 2014-02-16 13:34 -------- d-----w- c:\programdata\ProductData
2014-02-13 15:13 . 2014-02-13 15:13 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-13 15:13 . 2014-02-13 15:13 -------- d-----w- c:\users\Jakub\AppData\Local\Slick Savings
2014-02-13 15:13 . 2014-02-22 20:33 -------- d-----w- c:\program files\Common Files\Spigot
2014-02-13 15:13 . 2013-11-19 15:52 31520 ----a-w- c:\windows\system32\SmartDefragBootTime.exe
2014-02-13 15:13 . 2014-02-13 18:01 109888 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-02-12 18:44 . 2014-02-12 18:44 -------- d-----w- c:\program files\OpenAL
2014-02-09 07:59 . 2014-02-22 20:40 -------- d-----w- c:\programdata\SafetyNut
2014-02-05 18:23 . 2014-02-21 20:23 17858952 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-02-05 16:13 . 2014-02-05 16:13 -------- d-----w- c:\program files\Zlata horecka
2014-01-29 18:23 . 2013-12-18 20:10 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-01-27 20:33 . 2014-01-27 20:33 -------- d-----w- c:\users\Jakub\AppData\Roaming\Ubisoft
2014-01-27 20:33 . 2014-01-27 20:33 -------- d-----w- c:\programdata\Ubisoft
2014-01-27 20:19 . 2014-01-27 20:19 -------- d-----w- c:\program files\Ubisoft
2014-01-26 19:20 . 2014-01-26 19:20 -------- d-----w- c:\users\Jakub\AppData\Roaming\openvr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-22 19:19 . 2012-06-23 12:18 286720 ------w- c:\windows\Setup1.exe
2014-02-22 19:19 . 2012-06-23 12:18 73216 ----a-w- c:\windows\ST6UNST.EXE
2014-02-21 20:23 . 2012-04-24 04:38 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-21 20:23 . 2011-12-03 09:27 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-24 09:40 . 2013-05-28 08:56 18624 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-02-13 15:13 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F}]
2014-02-16 12:23 423936 ----a-w- c:\program files\websaaVe\PUlmorAf6.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"Boxoft Tools"="c:\programdata\Boxtools\Boxofttoolbox.exe" [2010-12-15 514048]
"cz.seznam.software.autoupdate"="c:\users\Jakub\AppData\Roaming\Seznam.cz\szninstall.exe" [2013-05-16 1062472]
"cz.seznam.software.szndesktop"="c:\users\Jakub\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-04-12 92664]
"Online Weather"="c:\users\Jakub\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe" [2012-10-26 202752]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
"NextLive"="c:\users\Jakub\AppData\Roaming\newnext.me\nengine.dll" [2014-01-06 1283584]
"FixMyRegistry"="c:\program files\SmartTweak\FixMyRegistry\FixMyRegistry.exe" [2013-07-22 1886840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-12-08 432432]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-11-19 458844]
"ioTablet"="c:\genius\ioTablet\gTabTaskBar.exe" [2011-01-31 49152]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-11-26 5074384]
"wmime"="c:\program files\HEM\wmime.exe" [2013-03-26 3028480]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-02-04 3813712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"=vmcmidiport.dll
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3963100413-3073813578-487244691-1000]
"EnableNotificationsRef"=dword:00000001
.
R0 9922948cf3835745;syshost.exe;c:\windows\\SystemRoot\System32\Drivers\9922948cf3835745.sys [x]
R2 927d4ead;WS-Sustainer;c:\windows\system32\rundll32.exe [2006-11-02 44544]
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_6c241dbe\aestsrv.exe [2009-11-19 81920]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - TSTLIB
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 18:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-22 10:23 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 20:23]
.
2014-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 14:35]
.
2014-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 14:35]
.
2014-02-22 c:\windows\Tasks\schedule!1143840799.job
- c:\programdata\BetterSoft\ContinueToSave\ContinueToSave.exe [2013-02-22 19:58]
.
2014-02-22 c:\windows\Tasks\WS-Booster-S-596631634.job
- c:\programdata\greatsoft\ws-booster\WS-Booster.exe [2014-02-16 12:24]
.
.
------- Doplňkový sken -------
.
uStart Page = fbdirecto.net/1/
mStart Page = hxxp://websearch.searchsun.info/?pid=724&r=2014/02/16&hid=17273072842911370717&lg=EN&cc=CZ
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Jakub\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
LSP: c:\windows\system32\SafeIPs.dll
TCP: DhcpNameServer = 93.91.144.8 93.91.144.70
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{9CC64E7B-3692-4762-68C0-240F19C11DA6} - c:\program files\YoutubeAdblocker\xo706pmR0.dll
Toolbar-10 - (no file)
HKCU-Run-SpeedUpMyComputer - c:\program files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe
HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe
AddRemove-4144-4862-0472-7103 - c:\program files\WorldPainter\uninstall.exe
AddRemove-Zlomek kalkulator 1.2 - c:\program files\Zlomek kalkulator 1.2\Uninstal.exe
AddRemove-{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} - c:\program files\PDFCreator\unins000.exe
AddRemove-{Sedm divu sveta}_is1 - c:\program files\Sedm divu sveta\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-22 22:00
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
mobilegeni daemon = c:\program files\Mobogenie\DaemonProcess.exe?????????????????????????????????????????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3963100413-3073813578-487244691-1000\Software\SecuROM\License information*]
"datasecu"=hex:f6,c6,96,b8,cf,1b,b9,46,64,8a,ad,d1,4e,5d,31,70,1e,3d,a4,22,67,
c3,4a,47,3c,ee,09,00,7b,63,d7,db,61,e8,02,91,7a,5c,69,fe,6c,3a,4e,cc,8e,1e,\
"rkeysecu"=hex:e6,c2,99,3f,7f,1a,66,99,68,b5,d7,c1,bf,84,29,d1
.
[HKEY_USERS\S-1-5-21-3963100413-3073813578-487244691-1000_Classes\CLSID\{DB335266-B8F5-374F-A262-27428F3F8BCE}]
@Denied: (A 4) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2014-02-22 22:05:16
ComboFix-quarantined-files.txt 2014-02-22 21:05
ComboFix2.txt 2013-12-18 19:24
ComboFix3.txt 2013-12-18 16:51
ComboFix4.txt 2013-05-18 18:57
ComboFix5.txt 2014-02-22 20:45
.
Před spuštěním: Volných bajtů: 11 440 500 736
Po spuštění: 9 214 574 592
.
- - End Of File - - 428F1979D1C148B85F94AF4DBA04B795
5C86ADEC17B739C437E145E3B3FC2E6D

MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2014.02.23.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Jakub :: MARS [administrátor]

23.2.2014 10:29:10
MBAM-log-2014-02-23 (14-17-38).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 712950
Uplynulý čas: 3 hodin, 47 minut, 14 sekund

Nalezené procesy v paměti: 4
C:\ProgramData\GreatSoft\WS-Booster\WS-Booster.exe (PUP.Optional.MultiPlug.A) -> 124 -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetynut.exe (PUP.Optional.MoviesToolBar.A) -> 2808 -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe (PUP.Optional.MoviesToolBar.A) -> 1796 -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe (PUP.Optional.MoviesToolBar.A) -> 2364 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 3
C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetyldr.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetynut.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 30
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-596631634 (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8A57F7A7-22CA-A374-92D0-5DC8FB92427F} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{562B9316-C08A-444A-9482-62080DD851AE} (PUP.Optional.SpeedAnalysis3.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} (PUP.Optional.EasyLife.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} (PUP.Optional.EasyLife.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF830981-8F31-C561-C7A0-FE2CE1878B40} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\BabylonToolbar (PUP.Optional.BabylonToolBar.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} (PUP.Optional.WebSearchInfo) -> Nebyla provedena žádná instrukce.
HKCU\Software\somotomoviestoolbar1 (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Classes\MoviesToolbarHelper.DNSGuard.1 (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SAFETYNUT (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Speedchecker Limited\PC Speed Up (PUP.Optional.PCSpeedUp.A) -> Nebyla provedena žádná instrukce.
HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> Nebyla provedena žádná instrukce.
HKLM\SYSTEM\CurrentControlSet\Services\SafetyNutManager (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{338a754c-b46e-4bf2-8ac8-23de36862ad3} (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{934BEE21-C5A4-457E-B130-77CA098FBBD3} (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{6014D692-4409-4EDD-ABB2-36CA26DC2A2E} (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\system32\rundll32.exe "C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion|Start Page (Spyware.Agent) -> Data: fbdirecto.net/1/ -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\SafetyNut|browser (PUP.Optional.SafetyNut.A) -> Data: ie ff cr -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Data: C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Špatný: (fbdirecto.net/1/) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.WebSearchInfo) -> Špatný: (http://websearch.searchsun.info/?pid=72 ... g=EN&cc=CZ) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 16
C:\ProgramData\IBUpdaterService (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Slick Savings (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide (PUP.Optional.DownloadGuide.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\0FDB981957D14A3EAB6BE2C41550F5C2 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\461C9B5EEA8C48788DE0C8E329FBF4BC (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\AB79D21AD4514C9DA6468BBDE6020622 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\F6F4F63F160449A8B1A3498B05B6CA67 (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker (PUP.Optional.YoutubeAdblocker.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\bjilmcoeglpmlolkmkdlfndlendgpgbh (PUP.Optional.YoutubeAdblocker.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 132
C:\ProgramData\GreatSoft\WS-Booster\WS-Booster.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\websaaVe\PUlmorAf6.dll (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\EA GAMES\Need for Speed Underground 2\rld-nu2k.exe (Trojan.Downloader) -> Nebyla provedena žádná instrukce.
C:\Program Files\WS-Booster\Assistant.dll (Trojan.SProtector) -> Nebyla provedena žádná instrukce.
C:\Program Files\WS-Booster\AssistantSvc.dll (Trojan.SProtector) -> Nebyla provedena žádná instrukce.
C:\Program Files\websaaVe\PUlmorAf6.x64.dll (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\websaaVe\MH7qDHTg69.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\76GjwJU.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\G43u7UFwXT.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Program Files\YoutubeAdblocker\xo706pmR0.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Program Files\YoutubeAdblocker\xo706pmR0.x64.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\ProgramData\45921108.exe.vir (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\ProgramData\BBrowsee2sAove\uninstall.exe.vir (PUP.Optional.SilentInstall.A) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\ProgramData\continuetosave\51278be14d2fe.dll.vir (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\14.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\24EF.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\2AAE.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\2B1.exe.vir (Trojan.Agent.ED) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\2BE1.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\305D.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\4549.exe.vir (Trojan.Agent.ED) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\484B.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\5198.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\52DB.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\5438.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\5745.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\5974.exe.vir (Trojan.Zbot.RS) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\6682.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\743A.exe.vir (Backdoor.Bot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\8E6E.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\8EA5.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\A041.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\B3F5.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\B571.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\B82F.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\BD47.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\C3C1.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\D377.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\D3A7.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\DA6.exe.vir (Trojan.Agent.RRE) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\E07F.exe.vir (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\ED98.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\F67F.exe.vir (Trojan.Agent.ED) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\nsdiuyeir.exe.vir (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\Rfioeaxjqwmwqlpc.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\Tvolcuktgzsejosr.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\windows.exe.vir (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\winlogons.exe.vir (Trojan.Bitcoin) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\6EF0.exe.vir (Backdoor.IRCBot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\AD1C.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\D2F1.exe.vir (Trojan.Winlock) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\bits\scvhost.exe.vir (Trojan.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\WindowsPE\coinutil.dll.vir (PUP.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\WindowsPE\macromedia.exe.vir (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\WindowsPE\putka.dll.vir (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\WindowsPE\shell.exe.vir (Trojan.BitMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Users\Jakub\AppData\Roaming\WindowsPE\usft_ext.dll.vir (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Windows\sms.exe.vir (Trojan.Zbot) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Windows\System32\roboot.exe.vir (PUP.Optional.PCPerformer.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\DesktopWeatherAlertsSetup.exe (PUP.Optional.WeatherAlerts.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\FEB4EB93-6D43-4AEB-8E8C-659CBB3676E5.exe (PUP.Optional.Adpeak) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 (PUP.Optional.Installrex) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000001 (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000001 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000002 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000003 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000004 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000005 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000006 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000007 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000008 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000009 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000010 (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Math Problem Solver\cpu\libcurl-4.dll (Trojan.Miner) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Math Problem Solver\cpu\Solve.exe (PUP.BitCoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\461C9B5EEA8C48788DE0C8E329FBF4BC\DeltaTB.exe (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\iMeshSetup-r1081-n-bc.exe (PUP.Optional.Bandoo.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\ftl-v1.0-trainer-plus6.zip (HackTool.GamesCheat.Gen) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\FTL_+8_trn_ZOCKIR.rar (HackTool.GamesCheat.Gen) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\Dark Parables Jack and the Sky Kingdom Collectors Edition-Wendy99.exe (PUP.Optional.Installex) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\Witches_Legacy_Hunter_and_the_Hunted_Collectors_Edition-Wendy99_.exe (PUP.Optional.OptimumInstaller.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\ian_joseph_somerhalder_twitter_Downloader.exe (PUP.Optional.FilePile.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\Downloads\FLVPlayerSetup-6MP1B8r.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Windows\System32\browserchooice.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (Adware.InstallBrain) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\schedule!1143840799.job (PUP.Optional.OptimizerPro.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Wincert\win64cert.dll (PUP.Optional.Datamngr.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Wincert\win32prop.dll (PUP.Optional.Datamngr.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Wincert\win64prop.dll (PUP.Optional.Datamngr.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\coordinator.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\general.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SafetyNut\S-1-5-21-3963100413-3073813578-487244691-1000.cfg (PUP.Optional.SafetyNut.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\Slick Savings\coupons.crx (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\amazon.ico (PUP.Optional.DownloadGuide.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\free-driver-scout_Setup_belboon_en-US.exe (PUP.Optional.DownloadGuide.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\icon_softonic_250x250.ico (PUP.Optional.DownloadGuide.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Local\DownloadGuide\veberGreat_cs.exe (PUP.Optional.DownloadGuide.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\0FDB981957D14A3EAB6BE2C41550F5C2\PCSU_SL_3.1.2.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\461C9B5EEA8C48788DE0C8E329FBF4BC\5678.ico (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\461C9B5EEA8C48788DE0C8E329FBF4BC\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\461C9B5EEA8C48788DE0C8E329FBF4BC\OCBrowserHelper_1.0.6.124.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\AB79D21AD4514C9DA6468BBDE6020622\TuneUpUtilities2013_2200329_cs-CZ.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\OpenCandy\F6F4F63F160449A8B1A3498B05B6CA67\version51030bc4470a0.exe (PUP.Optional.OpenCandy) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\del_DM_LL_nsq23FD.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\favicon.ico (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\Helper.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\Internet Explorer Settings.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetycrt.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetyldr.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetyldr_u.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetynut.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetynut.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\safetynut_ie.dll (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Movies Toolbar\SafetyNut\Uninstall.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\Jakub\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.url (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\Program Files\SmartTweak\SpeedUpMyComputer\uninst.exe (PUP.Optional.SpeedupmyComputer) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\76GjwJU.dat (PUP.Optional.YoutubeAdblocker.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\G43u7UFwXT.dat (PUP.Optional.YoutubeAdblocker.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\bjilmcoeglpmlolkmkdlfndlendgpgbh\bjilmcoeglpmlolkmkdlfndlendgpgbh.crx (PUP.Optional.YoutubeAdblocker.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\YoutubeAdblocker\bjilmcoeglpmlolkmkdlfndlendgpgbh\bjilmcoeglpmlolkmkdlfndlendgpgbh.crx.update.xml (PUP.Optional.YoutubeAdblocker.A) -> Nebyla provedena žádná instrukce.

(konec)

A kdo ho poradil jim?

Jak je to s antivirem? CF hlasi, ze byl po dobu skenu zapnuty a navic ze neni aktualizovany.



To je poradna sbirka smejdu

Nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte a dejte sem opet vysledky.

Před tím byl NOD zablokován a zrušen záludným červem, který byl vyléčen. NOD ale zůstal postižený. Reinstaloval jsem ho a použil jsem údaje z YouTube. Už poslušně hlásí viry a zastaralé programy. Předtím se s ním nedalo nic dělat, díky červu, ale nyní už fachá. Zapínám MBAM a zveřejním log.
P.S. Už se mi vyhledávač nemění na Yahoo.

Jake udaje z youtube?

Login a Heslo . Vše je O.K. Děkuji. Bohužel se log neuložil, protože MBAM " neodpovídal "

Van Dal píše:Login a Heslo

Jako cracknute, nebo vase koupene?

Van Dal píše:Vše je O.K.

Jako ze uz vsechno funguje jak ma, nebo jen ze MBAM uz nic nenasel?

Login a heslo jako normální koupené, o které se dělí s ostatními. V době, kdy jsem napsal, že je vše O.K., jsem ještě nezkoušel mp3. Noťas hlásí, že se mp3 soubor na ploše nenachází, ale soubor přemístit, nebo přehrát lze. Možná je to káblíkem, ale dřív nezlobil a mp3 nabíjet lze. Občas však napíše že zařízení nerozpozná. Co myslíte?

Van Dal píše:Login a heslo jako normální koupené, o které se dělí s ostatními.

A vy si myslite, ze je to legalni?


Pocitac jeste zdaleka neni vycisteny.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner\AdwCleaner[R?].txt ), ten mi sem zkopirujte.



14.3. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975