Prosím o kontrolu logu

[Sasopkoo]

programy sa mi sami zatvárajú

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:35:01, on 27. 1. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\SpeechGrid\SpeechGrid.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Origin\Origin.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Games\PC games\Battlefield 3\Battlefield 3\bf3.exe
D:\Games\PCGAME~1\BATTLE~1\BATTLE~1\Core\EACoreServer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\msdt.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
D:\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Hyperionics DB Toolbar\tbhelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SpeechGrid] C:\Program Files\SpeechGrid\SpeechGrid.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... jctVk9YVUw"&"inst=NzYtOTI4Njk3MDA2LVNUMTJPSSsxLUREVCswLUVVTEErMS1TVDEyQVBQKzE"&"prod=55"&"ver=2012.0.1831"&"mid=7fe5d2fcdb3447d18c68cd26231b4c68-2df854269213ee0671893d11948a9973cd011674
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETCall.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\Games\PC games\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Slavo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - D:\Programovanie\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: SpeechGridService - SpeechGrid - C:\Program Files\SpeechGrid\SpeechGridService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: WeGame Client Service (WeGameClientService) - WeGame.com, Inc. - C:\Program Files\WeGame\WGClientService.exe

--
End of file - 10025 bytes

[Reklama]

[jaro3]

Odinstaluj:
Hyperionics DB Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Hyperionics DB Toolbar\tbhelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Sasopkoo]

27. 1. 2012 14:15:21
mbam-log-2012-01-27 (14-15-21).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 191033
Uplynutý čas: 3 min, 36 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

[Sasopkoo]

len neviem či sa mi podarilo spraviť to dobre s tým HiJackThis lebo na hkonci niečo napísalo .. a nič sa mi neudialo s kompom tak ešte raz radšej ten log z HiJackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:23:00, on 27. 1. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\GIGABYTE\ET6\GUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Slavo\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
D:\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [SpeechGrid] C:\Program Files\SpeechGrid\SpeechGrid.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... jctVk9YVUw"&"inst=NzYtOTI4Njk3MDA2LVNUMTJPSSsxLUREVCswLUVVTEErMS1TVDEyQVBQKzE"&"prod=55"&"ver=2012.0.1831"&"mid=7fe5d2fcdb3447d18c68cd26231b4c68-2df854269213ee0671893d11948a9973cd011674
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETCall.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\Games\PC games\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Slavo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EADM] "C:\Program Files\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - D:\Programovanie\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SpeechGridService - SpeechGrid - C:\Program Files\SpeechGrid\SpeechGridService.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: WeGame Client Service (WeGameClientService) - WeGame.com, Inc. - C:\Program Files\WeGame\WGClientService.exe

--
End of file - 8000 bytes

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Sasopkoo]

ComboFix 12-01-27.01 - Slavo . 01. 2012 14:49:36.1.4 - x86 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3326.2230 [GMT 1:00]
Running from: c:\users\Slavo\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-27 to 2012-01-27 )))))))))))))))))))))))))))))))
.
.
2012-01-27 13:53 . 2012-01-27 13:53 -------- d-----w- c:\users\Slavo\AppData\Local\temp
2012-01-27 13:46 . 2012-01-27 13:46 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{78F0274D-C7D8-4562-8F05-A7486B803750}\offreg.dll
2012-01-27 13:02 . 2012-01-27 13:02 -------- d-----w- c:\users\Slavo\AppData\Roaming\Malwarebytes
2012-01-27 13:02 . 2012-01-27 13:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-27 13:02 . 2012-01-27 13:02 -------- d-----w- c:\programdata\Malwarebytes
2012-01-27 13:02 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-27 12:24 . 2012-01-27 12:24 388096 ----a-r- c:\users\admin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-27 12:24 . 2012-01-27 12:24 -------- d-----w- c:\program files\Trend Micro
2012-01-27 12:24 . 2012-01-27 12:24 -------- d-----w- c:\programdata\ATI
2012-01-27 12:24 . 2012-01-27 12:24 -------- d-----w- c:\program files\AMD APP
2012-01-27 12:20 . 2012-01-27 12:20 -------- d-----w- C:\AMD
2012-01-27 12:17 . 2012-01-27 12:17 388096 ----a-r- c:\users\Slavo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-01-27 12:08 . 2012-01-27 12:08 -------- d-----w- c:\users\admin\AppData\Local\SpeechGrid
2012-01-26 20:36 . 2012-01-26 20:36 -------- d-----w- c:\program files\Battlelog Web Plugins
2012-01-25 17:38 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-25 17:38 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-25 17:38 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-25 17:38 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-25 17:38 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-25 17:38 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-25 17:38 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-25 17:38 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-25 17:38 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-25 17:38 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-23 11:56 . 2012-01-23 11:58 -------- d-----w- c:\users\Slavo\AppData\Local\Google
2012-01-21 12:56 . 2012-01-21 12:56 -------- d-----w- c:\users\Slavo\AppData\Roaming\Regensoft
2012-01-21 12:56 . 2012-01-21 12:56 -------- d-----w- c:\users\Slavo\AppData\Local\Geckofx
2012-01-21 12:55 . 2012-01-23 17:08 -------- d-----w- c:\users\Slavo\AppData\Local\SpeechGrid
2012-01-21 12:55 . 2012-01-23 17:08 -------- d-----w- c:\program files\SpeechGrid
2012-01-21 12:55 . 2012-01-21 12:55 -------- d-----w- c:\program files\Regensoft
2012-01-21 12:55 . 2012-01-21 12:55 -------- d-----w- c:\program files\AviSynth 2.5
2012-01-21 12:38 . 2012-01-21 12:38 -------- d-----w- c:\users\Slavo\AppData\Roaming\ArcSoft
2012-01-21 12:37 . 2012-01-23 19:35 -------- d-----w- c:\programdata\ArcSoft
2012-01-21 12:37 . 2012-01-21 12:37 -------- d-----w- c:\users\Slavo\AppData\Local\ArcSoft
2012-01-21 12:37 . 2012-01-23 19:35 -------- d-----w- c:\program files\Common Files\ArcSoft
2012-01-12 19:30 . 2012-01-12 19:30 -------- d-----w- c:\users\Slavo\AppData\Roaming\.minecraft
2012-01-11 14:34 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 14:34 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 14:33 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-11 14:33 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-10 16:37 . 2012-01-10 17:21 -------- d-----w- c:\program files\GStudio8
2012-01-07 17:57 . 2012-01-07 17:57 -------- d-----w- c:\users\admin\AppData\Roaming\Apple Computer
2012-01-04 21:49 . 2012-01-04 21:51 -------- d-----w- c:\users\Slavo\Filmy
2012-01-04 10:05 . 2012-01-23 19:30 -------- d-----w- c:\users\Slavo\Tracing
2012-01-04 09:58 . 2012-01-04 09:58 -------- d-----w- c:\windows\en
2012-01-04 09:56 . 2012-01-04 09:56 -------- dc----w- c:\windows\system32\DRVSTORE
2012-01-04 09:56 . 2011-05-13 14:27 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-01-04 09:53 . 2012-01-04 09:53 -------- d-----w- c:\windows\sk
2012-01-04 09:50 . 2012-01-04 09:50 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-01-04 09:43 . 2012-01-04 09:43 -------- d-----w- c:\windows\PCHEALTH
2012-01-04 09:43 . 2012-01-04 09:56 -------- d-----w- c:\program files\Windows Live
2012-01-04 09:42 . 2012-01-05 20:41 -------- d-----w- c:\program files\Microsoft
2012-01-04 09:41 . 2012-01-06 08:06 -------- d-----w- c:\program files\Microsoft Silverlight
2012-01-04 09:40 . 2012-01-21 13:03 -------- d-----w- c:\users\Slavo\AppData\Local\Windows Live
2012-01-04 09:40 . 2012-01-04 09:40 -------- d-----w- c:\program files\Common Files\Windows Live
2012-01-03 17:42 . 2012-01-03 17:42 -------- d-----w- c:\programdata\Pinnacle
2012-01-03 16:12 . 2012-01-03 16:12 -------- d-----w- c:\programdata\WeGame
2012-01-03 16:09 . 2012-01-18 18:31 -------- d-----w- c:\users\Slavo\AppData\Local\WeGame
2012-01-03 16:09 . 2012-01-03 16:12 -------- d-----w- c:\program files\WeGame
2012-01-03 16:09 . 2009-04-07 00:43 488800 ----a-w- c:\windows\system32\Ltkrn15u.dll
2012-01-03 16:09 . 2009-04-07 00:43 390496 ----a-w- c:\windows\system32\Lfcmp15u.dll
2012-01-03 16:09 . 2009-04-07 00:43 185688 ----a-w- c:\windows\system32\Ltfil15u.dll
2012-01-03 14:57 . 2012-01-03 14:57 -------- d-----w- c:\program files\CamStudio 2.6b
2012-01-03 14:57 . 2010-10-23 23:56 49664 ----a-w- c:\windows\system32\CamCodec.dll
2012-01-03 14:45 . 2012-01-03 14:45 -------- d-----w- c:\users\Slavo\AppData\Local\gctmp
2012-01-03 14:45 . 2012-01-03 14:45 -------- d-----w- c:\users\Slavo\AppData\Local\Xenocode
2012-01-03 14:45 . 2012-01-27 12:53 -------- d-----w- c:\program files\Game Cam V2
2012-01-03 14:07 . 2012-01-03 14:07 -------- d-----w- c:\program files\CCleaner
2012-01-01 13:44 . 2012-01-01 15:12 -------- d-----w- c:\users\Slavo\AppData\Roaming\PhotoScape
2011-12-30 12:16 . 2012-01-03 15:53 -------- d-----w- c:\users\Slavo\AppData\Roaming\DivX
2011-12-30 12:16 . 2011-12-30 12:16 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2011-12-30 12:15 . 2011-12-30 12:16 -------- d-----w- c:\program files\Common Files\DivX Shared
2011-12-30 11:57 . 2011-12-30 12:16 -------- d-----w- c:\program files\DivX
2011-12-30 11:54 . 2011-12-30 12:16 -------- d-----w- c:\programdata\DivX
2011-12-28 15:09 . 2011-02-19 06:30 805376 ----a-w- c:\windows\system32\FntCache.dll
2011-12-28 15:09 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\system32\DWrite.dll
2011-12-28 15:09 . 2011-02-19 06:30 739840 ----a-w- c:\windows\system32\d2d1.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-27 13:35 . 2011-09-05 11:03 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2012-01-27 13:35 . 2011-09-05 11:03 17488 ----a-w- c:\windows\gdrv.sys
2012-01-27 13:27 . 2011-10-04 19:32 139176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-01-27 13:27 . 2011-10-05 15:05 282864 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-01-27 13:27 . 2011-09-07 16:31 282864 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-01-27 13:26 . 2011-09-07 16:31 280904 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-01-27 12:38 . 2011-09-07 16:31 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-01-27 10:31 . 2011-10-04 19:32 138056 ----a-w- c:\users\Slavo\AppData\Roaming\PnkBstrK.sys
2012-01-04 09:43 . 2011-03-28 17:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-12-15 15:16 . 2011-12-15 15:16 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-12-15 08:43 . 2011-10-09 10:43 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-06 03:44 . 2011-12-06 03:44 9067008 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-06 03:17 . 2011-12-06 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-06 03:17 . 2011-04-20 02:09 778752 ----a-w- c:\windows\system32\aticfx32.dll
2011-12-06 03:12 . 2011-11-10 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-06 03:12 . 2011-12-06 03:12 404992 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-06 03:11 . 2011-12-06 03:11 163328 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-06 03:10 . 2011-12-06 03:10 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-12-06 03:10 . 2011-04-20 02:02 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-12-06 03:10 . 2011-12-06 03:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-12-06 03:09 . 2011-12-06 03:09 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-12-06 03:09 . 2011-12-06 03:09 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-12-06 03:06 . 2011-04-20 01:59 6159872 ----a-w- c:\windows\system32\atidxx32.dll
2011-12-06 02:56 . 2011-12-06 02:56 19125760 ----a-w- c:\windows\system32\atioglxx.dll
2011-12-06 02:39 . 2011-12-06 02:39 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-12-06 02:34 . 2011-12-06 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-12-06 02:34 . 2011-12-06 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-12-06 02:33 . 2011-04-20 01:38 5919232 ----a-w- c:\windows\system32\atiumdag.dll
2011-12-06 02:29 . 2011-12-06 02:29 11484672 ----a-w- c:\windows\system32\aticaldd.dll
2011-12-06 02:28 . 2011-04-20 01:30 4206592 ----a-w- c:\windows\system32\atiumdva.dll
2011-12-06 02:18 . 2011-09-05 10:29 51200 ----a-w- c:\windows\system32\coinst.dll
2011-12-06 02:12 . 2011-11-10 02:13 356352 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-06 02:12 . 2011-12-06 02:12 33280 ----a-w- c:\windows\system32\atigktxx.dll
2011-12-06 02:11 . 2011-12-06 02:11 264192 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-06 02:11 . 2011-04-20 01:21 33280 ----a-w- c:\windows\system32\atiuxpag.dll
2011-12-06 02:11 . 2011-04-20 01:21 29696 ----a-w- c:\windows\system32\atiu9pag.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-12-06 02:10 . 2011-12-06 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-05 21:04 . 2011-12-05 21:04 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-12-05 21:03 . 2011-12-05 21:03 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-12-05 21:03 . 2011-12-05 21:03 14499328 ----a-w- c:\windows\system32\amdocl.dll
2011-12-05 08:52 . 2011-09-19 14:40 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-11-24 04:25 . 2011-12-14 06:29 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 05:34 . 2012-01-25 17:38 224768 ----a-w- c:\windows\system32\schannel.dll
2011-11-15 16:57 . 2011-11-15 16:57 2463744 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-11-15 16:57 . 2011-11-15 16:57 122880 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-11-09 21:37 . 2011-11-09 21:37 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-05 04:35 . 2011-12-14 06:29 981504 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 04:26 . 2011-12-14 06:29 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 02:48 . 2011-12-14 06:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-11-01 12:41 . 2011-09-18 18:02 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2009-11-19 20:08 . 2009-11-19 20:08 3749224 ----a-w- c:\program files\Common Files\adlmint_libFNP.dll
2009-11-19 20:08 . 2009-11-19 20:08 2941288 ----a-w- c:\program files\Common Files\adlmint.dll
2011-12-27 06:33 . 2011-12-21 20:43 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-12-16 735608]
"RGSC"="d:\games\PC games\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"EADM"="c:\program files\Origin\Origin.exe" [2012-01-11 28201096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-02 9808488]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-03 1246544]
"SpeechGrid"="c:\program files\SpeechGrid\SpeechGrid.exe" [2012-01-18 324976]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-12-05 343168]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"EasyTuneVI"="c:\program files\GIGABYTE\ET6\ETCall.exe" [2007-07-26 20480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-12-06 163328]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-12-05 291840]
R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
R2 SpeechGridService;SpeechGridService;c:\program files\SpeechGrid\SpeechGridService.exe [2012-01-18 55664]
R2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]
R2 WeGameClientService;WeGame Client Service;c:\program files\WeGame\WGClientService.exe [2011-07-28 18472]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-12-06 9067008]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-12-06 264192]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2010-03-12 36864]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [2012-01-27 24944]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-18 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-09-22 232512]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-01-13 328808]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294013627-3443248896-3377518791-1002Core.job
- c:\users\Slavo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23 11:56]
.
2012-01-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294013627-3443248896-3377518791-1002UA.job
- c:\users\Slavo\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23 11:56]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 173.193.227.124 173.192.105.217
FF - ProfilePath - c:\users\Slavo\AppData\Roaming\Mozilla\Firefox\Profiles\3r7aa3p2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4294013627-3443248896-3377518791-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-4294013627-3443248896-3377518791-1002)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-27 14:54:22
ComboFix-quarantined-files.txt 2012-01-27 13:54
.
Pre-Run: 3 070 738 432 bytes free
Post-Run: 3 052 421 120 bytes free
.
- - End Of File - - 632E6A4DCB5139807957B613CEEE23A1

[Sasopkoo]

mam jeden problem nefunguje mi net skusal som aj posledne konfiguracie ale ani tam neni.. co mam spravit? na modeme mi ukazuje ze som pripojeny ale nejde to... ani v nudzovom tezime s net working

[Sasopkoo]

to je zvlastne... uz mi ide skype ale normalny net nie co s tym mam spravit?

[jaro3]

Četl si to upozornění (červeně napsáno)?

C:\AMD-- složku si vytvořil sám?

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

DirLook::
c:\windows\sk

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\gdrv.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

[Sasopkoo]

ale najskor musime vyriesit ten net lebo inak sa to neda ja som teraz na nete na mobile a nemam to sem ako dat a nemam ani ako vytvorit ten textovy dokument.. a aj bod obnovy som skusal ale nejde to...pls porad

[jaro3]

Zkoušel si několikrát restartovat PC?

[Sasopkoo]

internet už ide :) aspoň zatial skúšal som zapnúť BF 3 a napísalo tento error message to bude asi problem ja sa tomu moc nerozumiem toto mi napísalo :

DirectX function "device->CreateBuffer(&dxDesc,&resourceData,& buffer->m_buffer) failed with E_OUTOFMEMORY: Ran out of memory. GPU:"NVIDIA GeForce GTX460SE", Driver 28562. Free virtual memory: 37836kB / 2097024kB. Total resource memory:0kB. Make sure you have a supported graphics card with at least 512 MB.


čo s tým ?