nefunkcny 3G usb modem

Zpráva

herodeso · #1 Příspěvek od **herodeso** » 28 dub 2014 22:03

Po spusteni RSIT mi hodi tuto hlasku (v prilohe) a program sa zavrie

herodeso · #2 Příspěvek od **herodeso** » 28 dub 2014 22:53

skusil som FRST a pocas akcie mi to hodilo tiez jednu hlasku(v prilohe)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2014
Ran by NAY (administrator) on NAY-PC on 28-04-2014 23:46:06
Running from C:\Users\NAY\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: 041B
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Atheros Communications) C:\Program Files\Bluetooth Suite\adminservice.exe
(Bandoo Media Inc) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Bandoo Media Inc) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Bandoo Media Inc) C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe
(Acer Incorporated) C:\Program Files\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(SmileyCentral) C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbarsvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(SmileyCentral) C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbrmon.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\AcerVCM.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
() D:\tinka driver\Modem_LITE-ON_2.2.99.0_Win7x86_AOD260\setup.exe
() D:\tinka driver\Modem_LITE-ON_2.2.99.0_Win7x86_AOD260\setup.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\NAY\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [NortonOnlineBackupReminder] => C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [908368 2010-04-08] (Dritek System Inc.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [509896 2010-01-08] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [445528 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [285856 2010-04-23] (Atheros Communications)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [715296 2010-02-06] (Acer Incorporated)
HKLM\...\Run: [SmileyCentralIE_1w Browser Plugin Loader] => C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbrmon.exe [20480 2010-12-30] (SmileyCentral)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-10-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [144784 2008-02-22] (Sun Microsystems, Inc.)
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.sk/ww.special-uninstalla ... =10.0.1416
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-20] (Microsoft Corporation)
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\Run: [Facebook Update] => C:\Users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.)
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: D - D:\Install.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {0e88a6a3-1630-11e2-83e8-88ae1d0df17b} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {0ec0c243-0524-11e1-b858-88ae1d0df17b} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {35dd523a-0a3a-11e2-919a-88ae1d0df17b} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {35dd524d-0a3a-11e2-919a-88ae1d0df17b} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {53baa62c-1481-11e2-a05c-88ae1d0df17b} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {7c77dc99-1881-11e2-9f0a-88ae1d0df17b} - D:\Install.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {86e9d5e2-2513-11e2-a051-78e400d2f087} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {86e9d5f3-2513-11e2-a051-78e400d2f087} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {86e9d665-2513-11e2-a051-62e400d2f087} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {e9d60c83-2767-11e2-a0c2-62e400d2f087} - D:\AutoRun.exe
HKU\S-1-5-21-3110072035-4176750333-2029028800-1000\...\MountPoints2: {e9d60c94-2767-11e2-a0c2-62e400d2f087} - D:\AutoRun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll [490496 2014-04-09] () <===== ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A& ... 51-276&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5w56l2t651
URLSearchHook: HKCU - (No Name) - {339a0dff-d9af-439b-92bc-636220fb3dae} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll (SmileyCentral)
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
SearchScopes: HKLM - {8b0d31e7-0331-43cc-87cd-a472317f1305} URL = http://search.mywebsearch.com/mywebsear ... earchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... SK403SK403
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... SK403SK403
SearchScopes: HKCU - {8b0d31e7-0331-43cc-87cd-a472317f1305} URL = http://search.mywebsearch.com/mywebsear ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Toolbar BHO - {55cde9e7-696c-47c4-8e21-7210b8aeb103} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
BHO: Search Assistant BHO - {5ed22e89-62fa-47ec-bd8d-374d849d436c} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wSrcAs.dll (SmileyCentral)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM - SmileyCentral - {d3ca5551-fc2e-4d09-8ece-263607acf9fc} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - SmileyCentral - {D3CA5551-FC2E-4D09-8ECE-263607ACF9FC} - C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbar.dll (SmileyCentral)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\NAY\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\NAY\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: https://www.google.sk/
CHR StartupUrls: "hxxp://www.google.sk/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\NAY\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Movies Toolbar) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [2014-03-04]
CHR Extension: (Dokumenty Google) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-12]
CHR Extension: (Disk Google) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-12]
CHR Extension: (YouTube) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-12]
CHR Extension: (Hľadať v Google) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-12]
CHR Extension: (Skype Click to Call) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-13]
CHR Extension: (Peňaženka Google) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-12]
CHR HKLM\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\NAY\AppData\Local\ilividmoviestoolbar181\GC\toolbar.crx [2013-12-11]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

========================== Services (Whitelisted) =================

R2 DatamngrCoordinator2; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3545088 2014-04-09] (Bandoo Media Inc)
R2 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [735776 2010-02-06] (Acer Incorporated)
R2 GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 MWLService; C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SmileyCentralIE_1wService; C:\Program Files\SmileyCentralIE_1w\bar\1.bin\1wbarsvc.exe [28766 2010-12-30] (SmileyCentral)
R2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)

==================== Drivers (Whitelisted) ====================

S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [38440 2010-03-31] (Atheros)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [47144 2010-03-31] (Windows (R) Win 7 DDK provider)
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257064 2010-03-31] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [28200 2010-03-31] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [177704 2010-03-31] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [48168 2010-03-31] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [141992 2010-03-31] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [230952 2010-03-31] (Atheros)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [107912 2010-01-15] (ELAN Microelectronic Corp.)
S3 EUCR; C:\Windows\System32\DRIVERS\EUCR6SK.SYS [82384 2010-03-02] (ENE Technology Inc.)
S1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Movies Toolbar\Datamngr\setmgrc1.cfg [31096 2014-04-09] (Bandoo Media Inc)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files\Movies Toolbar\Datamngr\setmgrc1.cfg [31096 2014-04-09] (Bandoo Media Inc)
R1 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [18992 2009-06-03] (Egis Technology Inc.)
R1 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2009-06-03] (Egis Technology Inc.)
R1 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [60976 2009-06-03] (Egis Technology Inc.)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-28 23:46 - 2014-04-28 23:47 - 00021844 _____ () C:\Users\NAY\Desktop\FRST.txt
2014-04-28 23:40 - 2014-04-28 23:46 - 00000000 ____D () C:\FRST
2014-04-28 23:37 - 2014-04-28 23:36 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Desktop\FRSTLauncher.exe
2014-04-28 23:37 - 2014-04-28 23:23 - 01049600 _____ (Farbar) C:\Users\NAY\Desktop\FRST.exe
2014-04-28 23:36 - 2014-04-28 23:36 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Downloads\FRSTLauncher (2).exe
2014-04-28 23:27 - 2014-04-28 23:27 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Downloads\Nepotvrdené 909211.crdownload
2014-04-28 23:27 - 2014-04-28 23:27 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Downloads\Nepotvrdené 261351.crdownload
2014-04-28 23:23 - 2014-04-28 23:23 - 01049600 _____ (Farbar) C:\Users\NAY\Downloads\FRST.exe
2014-04-28 23:23 - 2014-04-28 23:23 - 01049600 _____ (Farbar) C:\Users\NAY\Downloads\FRST (1).exe
2014-04-28 22:54 - 2014-04-28 22:54 - 00000000 ____D () C:\rsit
2014-04-28 22:54 - 2014-04-28 22:54 - 00000000 ____D () C:\Program Files\trend micro
2014-04-28 22:48 - 2014-04-28 22:51 - 00781909 _____ () C:\Users\NAY\Downloads\RSIT.exe
2014-04-28 22:22 - 2014-04-28 22:22 - 00000000 ____D () C:\Windows\Options
2014-04-28 22:22 - 2009-12-03 15:29 - 00026624 ____N (LSI Corporation) C:\Windows\system32\agrscoin.dll
2014-04-28 22:22 - 2009-12-03 15:28 - 00064000 ____N (LSI Corporation) C:\Windows\system32\agrsmdel.exe
2014-04-28 21:49 - 2014-04-28 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager
2014-04-28 21:45 - 2014-04-28 21:45 - 00000000 ____D () C:\Users\NAY\AppData\Roaming\InstallShield
2014-04-28 21:45 - 2014-04-28 21:45 - 00000000 ____D () C:\driver
2014-04-27 20:31 - 2014-04-27 20:31 - 00111272 _____ () C:\Users\NAY\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 20:30 - 2014-04-28 22:01 - 00000224 _____ () C:\Windows\setupact.log
2014-04-27 20:30 - 2014-04-27 20:30 - 00418368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-27 20:30 - 2014-04-27 20:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-24 06:40 - 2014-04-24 06:40 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-24 06:40 - 2014-04-24 06:40 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-24 06:40 - 2014-04-24 06:40 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-24 06:40 - 2014-04-24 06:40 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-24 06:40 - 2014-04-24 06:40 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-24 06:40 - 2014-04-24 06:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-12 21:18 - 2014-04-12 21:18 - 00106813 _____ () C:\Users\NAY\Downloads\1071349639.zip
2014-04-11 21:31 - 2014-04-21 21:12 - 00000000 ____D () C:\Users\NAY\Documents\svadpbné šaty
2014-04-09 18:41 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 18:41 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 18:41 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 18:41 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 18:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 18:41 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-04-28 23:47 - 2014-04-28 23:46 - 00021844 _____ () C:\Users\NAY\Desktop\FRST.txt
2014-04-28 23:47 - 2012-10-12 20:51 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-28 23:46 - 2014-04-28 23:40 - 00000000 ____D () C:\FRST
2014-04-28 23:46 - 2014-03-04 22:54 - 00000000 ____D () C:\ProgramData\Datamngr
2014-04-28 23:36 - 2014-04-28 23:37 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Desktop\FRSTLauncher.exe
2014-04-28 23:36 - 2014-04-28 23:36 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Downloads\FRSTLauncher (2).exe
2014-04-28 23:27 - 2014-04-28 23:27 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Downloads\Nepotvrdené 909211.crdownload
2014-04-28 23:27 - 2014-04-28 23:27 - 00112640 _____ (forum.viry.cz) C:\Users\NAY\Downloads\Nepotvrdené 261351.crdownload
2014-04-28 23:23 - 2014-04-28 23:37 - 01049600 _____ (Farbar) C:\Users\NAY\Desktop\FRST.exe
2014-04-28 23:23 - 2014-04-28 23:23 - 01049600 _____ (Farbar) C:\Users\NAY\Downloads\FRST.exe
2014-04-28 23:23 - 2014-04-28 23:23 - 01049600 _____ (Farbar) C:\Users\NAY\Downloads\FRST (1).exe
2014-04-28 23:11 - 2010-10-30 21:27 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 23:08 - 2010-06-08 05:46 - 01129565 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 22:54 - 2014-04-28 22:54 - 00000000 ____D () C:\rsit
2014-04-28 22:54 - 2014-04-28 22:54 - 00000000 ____D () C:\Program Files\trend micro
2014-04-28 22:51 - 2014-04-28 22:48 - 00781909 _____ () C:\Users\NAY\Downloads\RSIT.exe
2014-04-28 22:50 - 2012-10-12 20:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-28 22:50 - 2011-11-02 20:41 - 00001034 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110072035-4176750333-2029028800-1000UA.job
2014-04-28 22:50 - 2011-10-15 12:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-28 22:48 - 2009-07-14 06:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-28 22:48 - 2009-07-14 06:34 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-28 22:22 - 2014-04-28 22:22 - 00000000 ____D () C:\Windows\Options
2014-04-28 22:05 - 2010-05-03 05:10 - 00788704 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-28 22:04 - 2010-11-01 13:58 - 00000000 ____D () C:\Users\NAY\AppData\Roaming\Skype
2014-04-28 22:01 - 2014-04-27 20:30 - 00000224 _____ () C:\Windows\setupact.log
2014-04-28 22:01 - 2010-10-30 21:27 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 22:01 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 21:49 - 2014-04-28 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager
2014-04-28 21:45 - 2014-04-28 21:45 - 00000000 ____D () C:\Users\NAY\AppData\Roaming\InstallShield
2014-04-28 21:45 - 2014-04-28 21:45 - 00000000 ____D () C:\driver
2014-04-28 21:16 - 2009-07-14 06:53 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-28 19:19 - 2010-05-03 05:34 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-28 19:09 - 2010-10-20 15:57 - 00000000 ____D () C:\Users\NAY
2014-04-28 19:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-04-28 19:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-28 19:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\registration
2014-04-28 19:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-04-28 19:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-28 19:03 - 2011-11-02 20:41 - 00001012 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110072035-4176750333-2029028800-1000Core.job
2014-04-28 18:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-04-27 20:56 - 2010-12-03 21:22 - 00000000 ____D () C:\Users\NAY\AppData\Roaming\Media Player Classic
2014-04-27 20:31 - 2014-04-27 20:31 - 00111272 _____ () C:\Users\NAY\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-27 20:30 - 2014-04-27 20:30 - 00418368 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-27 20:30 - 2014-04-27 20:30 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 20:15 - 2013-08-07 15:25 - 00000000 ____D () C:\Windows\Minidump
2014-04-24 19:12 - 2010-05-03 05:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-24 18:51 - 2013-06-13 20:46 - 00000000 ____D () C:\Windows\system32\SupportAppCB
2014-04-24 07:03 - 2010-10-30 16:34 - 00000000 ____D () C:\Users\NAY\AppData\Local\CrashDumps
2014-04-24 06:40 - 2014-04-24 06:40 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-24 06:40 - 2014-04-24 06:40 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-24 06:40 - 2014-04-24 06:40 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-04-24 06:40 - 2014-04-24 06:40 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-04-24 06:40 - 2014-04-24 06:40 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-04-24 06:40 - 2014-04-24 06:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-04-24 06:40 - 2014-04-24 06:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-04-24 06:40 - 2014-04-24 06:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-21 21:12 - 2014-04-11 21:31 - 00000000 ____D () C:\Users\NAY\Documents\svadpbné šaty
2014-04-18 20:21 - 2013-10-26 12:00 - 00005120 _____ () C:\Users\NAY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-12 21:18 - 2014-04-12 21:18 - 00106813 _____ () C:\Users\NAY\Downloads\1071349639.zip
2014-04-10 07:16 - 2010-05-03 05:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 07:08 - 2013-07-15 15:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 06:48 - 2010-12-12 11:51 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-31 09:35 - 2011-03-19 16:10 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll

Some content of TEMP:
====================
C:\Users\NAY\AppData\Local\Temp\_is2B15.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110072035-4176750333-2029028800-1000Core.job => C:\Users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110072035-4176750333-2029028800-1000UA.job => C:\Users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\NAY\Desktop" je 18 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate
"C:\Program Files\EgisTec IPS\PmmUpdate.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate
"C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon
C:\Program Files\EgisTec MyWinLocker\x86\mwlDaemon.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray
"C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#3 Příspěvek od **motji** » 29 dub 2014 06:57

Zdravím

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

Použijte CCleaner http://forum.viry.cz/viewtopic.php?f=46&t=7478

herodeso · #4 Příspěvek od **herodeso** » 29 dub 2014 21:31

Zdravím

počas akcie zase okno, je v prilohe, klikol som ano
potom si JRT pytal restart, tak som restatol pc

v dalsom prispevku pokracujem s ADWcleaner

log jrt:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Starter x86
Ran by NAY on ut 29. 04. 2014 at 22:10:48,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imside1egate.application.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8b0d31e7-0331-43cc-87cd-a472317f1305}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8b0d31e7-0331-43cc-87cd-a472317f1305}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ED22E89-62FA-47EC-BD8D-374D849D436C}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Failed to delete: [Folder] "C:\ProgramData\application data\datamngr"
Successfully deleted: [Folder] "C:\Users\NAY\appdata\locallow\smileycentralie_1w"
Failed to delete: [Folder] "C:\Program Files\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files\smileycentralie_1w"
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{03F06E86-E10C-4B41-9561-2B34DB01B06D}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{06BB8C07-9992-4AD5-9EA3-ADE427CA31CB}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{0B180681-2EBB-4D9F-82F0-1CE9C8CC3503}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{10B2FAC8-BE45-4E9B-9A08-B83F19618EE6}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{122D598F-82BE-4A01-9B1E-2129291F81D4}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{17462FDA-FC3F-4B03-8B58-556D0B32E19B}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{1F832524-8368-4BC6-A1A5-4E61EECC8B31}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{29AD3B22-E095-4DB4-8ADD-D72D9D24E0EB}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{301A4AAD-66F9-444B-82E5-0EE2D1EC4C3E}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{3BD67841-19B6-49B9-A32B-AAC8A3CD00E6}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{41CA763C-573C-450B-9828-E5E51909DA84}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{4495DE3A-3F9B-4026-A679-70EA47FFB63F}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{46FAF5C2-35F9-4448-9E13-222A891B5E6A}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{5116234C-E713-4176-BBBE-9DC56BE733B3}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{5A5CAE69-8666-4476-970D-4D436E46BEF7}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{5BC000C9-C5B6-46E5-BA7B-A875F924E342}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{6405A7D9-DAAA-411B-B14F-B56D5700E48D}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{65743B4D-85B4-4AAD-BDF0-462B450468A2}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{6C58F615-86DC-452E-AC5A-0275350F0D3A}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{7380A251-FCBF-4E82-BF16-FBA7506BABC8}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{80ECD97B-8A85-4DC4-A4CC-296A6E077B0C}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{84A5CC56-F3B4-48AB-8FE0-A2B5FC6ADCEC}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{88FE09BC-2D09-4BDA-8DBE-DC57A20D3DA1}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{8AB2700C-1042-4CD2-99F1-527DF7D01270}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{932C4F53-C841-43FE-B3F9-D3C550204FA2}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{9359B226-649B-4606-861A-2C61514B7104}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{94A37F04-191B-43AD-BB37-C1E1D960C179}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{9D322998-F227-4547-9AFE-38C39818679B}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{A6BD19A5-BDEF-479A-A4C4-54118A7AE4D4}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{AADBED22-B10E-40DB-9704-93905199C8EC}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{ACAD24E2-2937-4051-9B31-50067018A020}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{B075253E-7DAB-4030-9272-AA49FF0AA282}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{B1866667-BE3A-4D73-90B3-75C2BCDA8AF7}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{BA7EEDED-A112-449E-ACFF-B61FC6EDA8B1}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{BB14A6E3-48E8-4F08-ABF5-94B91A5DE567}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{C0021E02-8FC0-487E-B7A0-2207A31277B6}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{DCD87C37-B066-4CA0-AE85-80241D49FFDD}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{DEDD7AD2-ED33-40A1-8DA3-6F97AFC74574}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{E40F971A-4C30-4DC6-BF72-DE09B37033E6}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{E4D7CA80-94AC-42C4-BED4-BDD0C4751A41}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{FD32E8A0-6919-487D-8C0F-ABDB9B69459D}
Successfully deleted: [Empty Folder] C:\Users\NAY\appdata\local\{FF840291-026B-4397-A27D-A541E3D35BF9}

~~~ Chrome

Failed to delete: [Folder] C:\Users\NAY\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
Successfully deleted: [Folder] C:\Users\NAY\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ut 29. 04. 2014 at 22:19:48,33
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

herodeso · #5 Příspěvek od **herodeso** » 29 dub 2014 21:32

tu je dotaz na restart

herodeso · #6 Příspěvek od **herodeso** » 29 dub 2014 21:53

tu je adwcleaner a idem na ccleaner

# AdwCleaner v3.205 - Report created 29/04/2014 at 22:37:31
# Updated 28/04/2014 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : NAY - NAY-PC
# Running from : C:\Users\NAY\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Users\NAY\AppData\Local\iLivid
Folder Deleted : C:\Users\NAY\AppData\Local\ilividmoviestoolbar181
Folder Deleted : C:\Users\NAY\AppData\LocalLow\ilividmoviestoolbar181

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SmileyCentralIE_1w Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${dtUserElevationPolicyID}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\ilividmoviestoolbar181
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181CR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181IE
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\NAY\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZNzfb003YYsk_ZNzfb015&ptb=5B6D7466-FA6A-49C4-A78A-85C388AD3DF5&psa=&ind=2010123003&ptnrS=ZNzfb003YYsk_ZNzfb015&si=&st=sb&n=77d00afb&searchfor={searchTerms}
Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=514&systemid=406&v=n11551-276&apn_uid=5355052403304045&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
Deleted [Extension] : aaaaabcbmongicmdegkmmfgdickgnnob

*************************

AdwCleaner[R0].txt - [6053 octets] - [29/04/2014 22:25:46]
AdwCleaner[S0].txt - [5910 octets] - [29/04/2014 22:37:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5970 octets] ##########

#7 Příspěvek od **motji** » 30 dub 2014 09:02

arrow: Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

herodeso · #8 Příspěvek od **herodeso** » 11 kvě 2014 23:19

ComboFix 14-05-10.01 - NAY . 05. 2014 23:47:55.1.2 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1250.421.1051.18.1013.308 [GMT 2:00]
Running from: c:\users\NAY\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Files Created from 2014-04-11 to 2014-05-11 )))))))))))))))))))))))))))))))
.
.
2014-05-11 22:07 . 2014-05-11 22:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-29 21:07 . 2014-04-29 21:07 -------- d-sh--w- c:\users\NAY\AppData\Local\EmieUserList
2014-04-29 21:07 . 2014-04-29 21:07 -------- d-sh--w- c:\users\NAY\AppData\Local\EmieSiteList
2014-04-29 20:26 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-04-29 20:25 . 2014-04-29 20:47 -------- d-----w- C:\AdwCleaner
2014-04-29 20:00 . 2014-04-29 20:21 -------- d-----w- C:\_
2014-04-29 19:57 . 2014-04-29 19:57 -------- d-----w- c:\windows\ERUNT
2014-04-29 18:28 . 2014-04-17 03:32 8050496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE1A8CE7-9280-4D82-BC87-7D19898DBE67}\mpengine.dll
2014-04-28 21:40 . 2014-04-28 21:46 -------- d-----w- C:\FRST
2014-04-28 21:08 . 2014-03-01 03:31 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-04-28 20:54 . 2014-04-28 20:54 -------- d-----w- c:\program files\trend micro
2014-04-28 20:54 . 2014-04-28 20:54 -------- d-----w- C:\rsit
2014-04-28 20:22 . 2009-12-03 13:29 26624 ------w- c:\windows\system32\agrscoin.dll
2014-04-28 20:22 . 2009-12-03 13:28 64000 ------w- c:\windows\system32\agrsmdel.exe
2014-04-28 20:22 . 2014-04-28 20:22 -------- d-----w- c:\windows\Options
2014-04-28 19:45 . 2014-04-28 19:45 -------- d-----w- C:\driver
2014-04-28 19:45 . 2014-04-28 19:45 -------- d-----w- c:\users\NAY\AppData\Roaming\InstallShield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-28 20:50 . 2012-10-12 18:51 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-28 20:50 . 2011-10-15 10:26 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 07:35 . 2011-03-19 14:10 231584 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55 120176 ----a-w- c:\program files\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-22 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-22 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2010-04-08 908368]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-01-08 509896]
"AtherosBtStack"="c:\program files\Bluetooth Suite\BtvStack.exe" [2010-04-01 445528]
"AthBtTray"="c:\program files\Bluetooth Suite\AthBtTray.exe" [2010-04-23 285856]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-06 715296]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-10-19 1983816]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-04 767312]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.sk/ww.special-uninstalla ... =10.0.1416" [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-05-20 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2010-5-3 704032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-28 00:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
2010-03-11 05:11 407920 ----a-w- c:\program files\EgisTec IPS\PmmUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisUpdate]
2010-03-11 05:11 201584 ----a-w- c:\program files\EgisTec IPS\EgisUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-12 08:44 138096 ----atw- c:\users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mwlDaemon]
2010-04-17 05:57 349552 ----a-w- c:\program files\EgisTec MyWinLocker\x86\mwlDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuiteTray]
2010-04-17 06:28 337264 ----a-w- c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
.
R2 DatamngrCoordinator2;Datamngr Coordinator2;c:\program files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 SmileyCentralIE_1wService;SmileyCentral Service;c:\progra~1\SMILEY~2\bar\1.bin\1wbarsvc.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2010-03-31 38440]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys [2010-03-31 47144]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2010-03-31 257064]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2010-03-31 177704]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2010-03-31 48168]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2010-03-31 141992]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2010-03-31 230952]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [2010-03-02 82384]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-04-24 108032]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-07-13 657408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222;c:\program files\Movies Toolbar\Datamngr\setmgrc1.cfg [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 18992]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 16432]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60976]
S2 AtherosSvc;AtherosSvc;c:\program files\Bluetooth Suite\adminservice.exe [2010-04-01 27224]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [2010-04-08 312400]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-06 735776]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2010-03-31 28200]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-01-14 107912]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-04-21 68208]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-10 16:14 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-12 20:51]
.
2014-04-30 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110072035-4176750333-2029028800-1000Core.job
- c:\users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-02 08:44]
.
2014-05-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3110072035-4176750333-2029028800-1000UA.job
- c:\users\NAY\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-02 08:44]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 19:26]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 19:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\F06DEFF2-5B9C-490D-910F-35D3A91196222]
"ImagePath"="\??\c:\program files\Movies Toolbar\Datamngr\setmgrc1.cfg"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-05-12 00:13:52
ComboFix-quarantined-files.txt 2014-05-11 22:13
.
Pre-Run: 89 526 452 224 bytes free
Post-Run: 89 639 849 984 bytes free
.
- - End Of File - - 75D15B2BBBC40A715FAE1F0C70377F05
A36C5E4F47E84449FF07ED3517B43A31

#9 Příspěvek od **motji** » 12 kvě 2014 10:26

Prosím můžete se podívat, oc je tohle za složku?
C:\_

Pc je teď na tom jak?

herodeso · #10 Příspěvek od **herodeso** » 12 kvě 2014 12:46

Ta zlozka je v poriadku, tu som vytvoril ako docasny subor na instalacie a logy.

Odovzdam notebook priatelke, nech si odskusa ten 3gmodem.

Zda sa mi trosku spomaleny, slo by ho este trosku zbavit zbytocnosti

#11 Příspěvek od **motji** » 12 kvě 2014 20:44

Ještě bych něco dočistila, jestli máte NTB u sebe

VIRY.CZ

nefunkcny 3G usb modem

nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem

Re: nefunkcny 3G usb modem