kontrola logu - chyby při pokusu o instalaci SW

[Zlosin]

Dobrý den,
prosil o kontrolu logu. Mám totoiž problém s PC, nedaří se mi instalace jakýchkoli programů, v prohlížeči událostí se objevují chyby jak aplikace, tak "side by side".
Děkuji

Logfile of random's system information tool 1.08 (written by random/random)
Run by JendaG at 2013-04-07 13:12:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (16%) free of 100 GB
Total RAM: 3582 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:12:22, on 7.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\JendaG\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
C:\Program Files (x86)\Labtec\Keyboard\V5.1\KBDAP32A.EXE
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\trend micro\JendaG.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 192.157.56.28 www.google-analytics.com.
O1 - Hosts: 192.157.56.28 ad-emea.doubleclick.net.
O1 - Hosts: 192.157.56.28 www.statcounter.com.
O1 - Hosts: 192.157.56.28 connect.facebook.net.
O1 - Hosts: 192.157.56.28 platform.twitter.com.
O1 - Hosts: 93.115.241.27 www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O1 - Hosts: 93.115.241.27 connect.facebook.net.
O1 - Hosts: 93.115.241.27 platform.twitter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\JendaG\AppData\Local\GamePlayLabs Plugin\BHO.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll
O4 - HKLM\..\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
O4 - HKLM\..\Run: [OFFICEKB] C:\Program Files (x86)\Labtec\Keyboard\V5.1\kbdap32a.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [Cool Remote Server] D:\Honzík\WebServer.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: Facebook Messenger.lnk = JendaG\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Brána aplikační vrstvy (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: Browser Configuration Utility Service (BCUService) - DeviceVM, Inc. - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Chráněné úložiště (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13345 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
atieclxx
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"D:\Honzík\WebServer.exe"
"C:\Users\JendaG\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
C:\Windows\System32\alg.exe
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" "http://enigma.kaelri.com/index.php?p=manual"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe"
C:\Windows\system32\svchost.exe -k defragsvc
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Program Files (x86)\Labtec\Keyboard\V5.1\KBDAP32A.EXE"
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -PID:"2280" -RunMxAddonsMgr -UserName:"grundik.grundik@seznam.cz" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\cs-cz.ini" -AppDataPath:"C:\Users\JendaG\AppData\Roaming\Maxthon3\" /prefetch:3
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunResMgr -MainFrmIpc:"IPC_M_R_000008E8" -UsersFolder:"C:\Users\JendaG\AppData\Roaming\Maxthon3\Users\" -UserName:"grundik.grundik@seznam.cz" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\cs-cz.ini" -AppDataPath:"C:\Users\JendaG\AppData\Roaming\Maxthon3\" -ProductType:"intl" /prefetch:3
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Zune\WMZuneComm.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Zune\ZuneNss.exe"
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-normal-0-000008E8" -MainFrmIpc:"IPC_M_C_000008E8" -ResMgrIpc:"IPC_R_C_000008E8" -UserName:"grundik.grundik@seznam.cz" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\cs-cz.ini" -AppDataPath:"C:\Users\JendaG\AppData\Roaming\Maxthon3\" -ProductType:"intl" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_000008E8" /prefetch:3
"C:\Program Files\Zune\ZuneWlanCfgSvc.exe"
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunCore -CoreType:"webkit-session-65536-000008E8" -MainFrmIpc:"IPC_M_C_000008E8_0001" -ResMgrIpc:"IPC_R_C_000008E8_0001" -UserName:"grundik.grundik@seznam.cz" -LangIni:"C:\Program Files (x86)\Maxthon3\Language\cs-cz.ini" -AppDataPath:"C:\Users\JendaG\AppData\Roaming\Maxthon3\" -ProductType:"intl" -CustomCacheFolder:"%TEMP%\Maxthon3Cache\Temp\Webkit\Cache" -SyEvent:"mxevent_IPC_R_C_000008E8_0001" /prefetch:3
WLIDSvcM.exe 3136
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-11c3af30-59f5-41a8-a63b-68006a16020d -SystemEventPortName:HostProcess-d175b219-d845-4a62-b8c1-09f8602a65be -IoCancelEventPortName:HostProcess-2a8a4eca-de7f-4aa8-97ba-bbe45cc0005e -NonStateChangingEventPortName:HostProcess-b09dd31d-3816-45cb-882e-779cb498f54a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:47697c81-a0ca-4bdb-b7ff-50b3819558d7 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskmgr.exe /2
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-686c5d8e-af3a-4506-9722-ebbcd9183d76 -SystemEventPortName:HostProcess-30631a69-652b-4b40-9ce3-ab05e37b2e4a -IoCancelEventPortName:HostProcess-4d7d3b59-c5ba-4f7d-a184-fa8e760a87c9 -NonStateChangingEventPortName:HostProcess-6b9de2fc-bd5b-40ea-b236-977eac4bf956 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4c14bc07-4600-43f5-99fc-ea0e1204aec4 -DeviceGroupId:
"C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe" -RunMxDl -IPC_M_D_NAME:"IPC_M_D_000008E8" -IPC_C_D_NAME:"IPC_C_D_00000D9C" -IPC_R_D_NAME:"IPC_R_D_000008E8" -SyEvent:"mxevent_IPC_R_D_000008E8" -LANG_INI_FILE:"C:\Program Files (x86)\Maxthon3\Language\cs-cz.ini" -MxdlConfigFolder:"C:\Users\JendaG\AppData\Roaming\Maxthon3\Public\Downloader\" /prefetch:3
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\eventvwr.msc" /s
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" "C:\Users\JendaG\AppData\Local\Temp\Údržba software PC.pdf"
"C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe" --channel=1616.0014F62C.1222406444 --type=renderer "C:\Users\JendaG\AppData\Local\Temp\Údržba software PC.pdf"
taskeng.exe {D852C3D7-7A7E-41DB-842E-1281FEA5B022}
"D:\Honzík\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3863667158-507489069-1230789689-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3863667158-507489069-1230789689-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3863667158-507489069-1230789689-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3863667158-507489069-1230789689-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2013-01-15 205376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13 81024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31 6304888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2013-02-22 2325624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13 69760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-02-04 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
IE5BarLauncherBHO Class - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll [2011-09-22 177712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{984A9162-8891-4D19-8CFE-17648BB4E1EC}]
GamePlayLabsBHO Class - C:\Users\JendaG\AppData\Local\GamePlayLabs Plugin\BHO.dll [2011-03-08 432640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31 4528760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2013-02-22 1722976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-02-04 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files (x86)\uTorrentBar\tbuTor.dll [2010-11-29 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]
{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - VShareToolBar - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll [2011-09-22 177712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-12-13 969104]
"SkyDrive"=C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2013-03-18 256600]
"Cool Remote Server"=D:\Honzík\WebServer.exe [2011-10-25 238080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCU"=C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [2009-08-04 346320]
"OFFICEKB"=C:\Program Files (x86)\Labtec\Keyboard\V5.1\kbdap32a.exe [2010-01-21 387584]

C:\Users\JendaG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\JendaG\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-04-06 21:57:00 ----D---- C:\rsit
2013-04-06 21:57:00 ----D---- C:\Program Files\trend micro
2013-03-13 19:23:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-13 19:07:41 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-10 22:51:28 ----D---- C:\Users\JendaG\AppData\Roaming\QuickRoute
2013-03-10 22:46:23 ----D---- C:\Program Files (x86)\QuickRoute
2013-03-10 22:21:29 ----D---- C:\ProgramData\Garmin
2013-03-10 22:12:24 ----D---- C:\Program Files (x86)\Garmin GPS Plugin
2013-03-10 22:12:20 ----D---- C:\Program Files\Garmin GPS Plugin
2013-03-10 22:12:10 ----D---- C:\Program Files (x86)\Garmin
2013-03-10 22:11:52 ----D---- C:\Users\JendaG\AppData\Roaming\Garmin

======List of files/folders modified in the last 1 months======

2013-04-07 13:12:22 ----D---- C:\Windows\Prefetch
2013-04-07 13:11:52 ----D---- C:\Users\JendaG\AppData\Roaming\uTorrent
2013-04-07 12:19:49 ----SHD---- C:\System Volume Information
2013-04-07 12:03:46 ----D---- C:\Windows\system32\config
2013-04-07 11:54:59 ----D---- C:\Windows
2013-04-07 11:54:27 ----D---- C:\Windows\System32
2013-04-07 11:54:27 ----D---- C:\Windows\inf
2013-04-07 11:54:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-07 11:51:14 ----D---- C:\Windows\Temp
2013-04-07 11:50:53 ----D---- C:\Windows\system32\LogFiles
2013-04-06 21:57:00 ----RD---- C:\Program Files
2013-04-06 21:50:26 ----D---- C:\Windows\Panther
2013-04-06 21:50:26 ----D---- C:\Windows\Logs
2013-04-06 21:50:25 ----D---- C:\Windows\debug
2013-04-06 19:02:35 ----SD---- C:\ProgramData\Microsoft
2013-04-05 20:59:19 ----D---- C:\Windows\pss
2013-04-05 20:06:04 ----D---- C:\Windows\system32\Tasks
2013-04-05 20:04:00 ----SHD---- C:\Windows\Installer
2013-04-05 20:04:00 ----HD---- C:\Config.Msi
2013-04-05 20:03:19 ----RD---- C:\Program Files (x86)
2013-04-05 20:03:03 ----D---- C:\Windows\SysWOW64
2013-04-05 09:59:24 ----D---- C:\Users\JendaG\AppData\Roaming\vlc
2013-04-03 17:01:07 ----D---- C:\Windows\system32\catroot2
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-01 20:48:03 ----D---- C:\ProgramData\CanonIJPLM
2013-03-27 23:17:14 ----D---- C:\Windows\system32\catroot
2013-03-27 23:17:13 ----D---- C:\Windows\system32\DriverStore
2013-03-27 23:16:11 ----D---- C:\Users\JendaG\AppData\Roaming\DAEMON Tools Lite
2013-03-27 23:14:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-27 22:17:21 ----D---- C:\Program Files (x86)\The KMPlayer
2013-03-27 11:49:10 ----D---- C:\ProgramData\CanonIJ
2013-03-26 23:08:22 ----D---- C:\Program Files (x86)\Google
2013-03-22 00:45:46 ----D---- C:\Users\JendaG\AppData\Roaming\Maxthon3
2013-03-21 22:10:28 ----D---- C:\TDDownload
2013-03-19 21:44:31 ----D---- C:\Windows\system32\NDF
2013-03-15 00:58:24 ----D---- C:\Windows\rescache
2013-03-14 18:13:54 ----D---- C:\ProgramData\Microsoft Help
2013-03-14 18:04:08 ----D---- C:\Windows\winsxs
2013-03-14 18:03:10 ----D---- C:\Program Files\Microsoft Silverlight
2013-03-14 18:03:09 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 02:33:55 ----D---- C:\Windows\system32\drivers
2013-03-14 02:33:55 ----D---- C:\Windows\AppPatch
2013-03-13 20:03:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-13 19:22:26 ----A---- C:\Windows\win.ini
2013-03-13 19:17:25 ----A---- C:\Windows\system32\MRT.exe
2013-03-13 19:16:53 ----RSD---- C:\Windows\assembly
2013-03-10 22:21:29 ----HD---- C:\ProgramData
2013-03-10 22:19:23 ----D---- C:\Program Files\DIFX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; SysWOW64\speedfan.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-22 530488]
R1 vmm;Virtual Machine Monitor; \??\C:\Windows\system32\Drivers\vmm.sys [2011-07-19 295272]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2013-04-07 25640]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-02-07 2201120]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-30 236544]
R3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S3 AODDriver;AODDriver; \??\C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [2009-02-23 14904]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-11-06 96256]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2012-11-25 25640]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-03-01 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-03-01 27176]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-11-25 30528]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-27 26112]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-05-01 82816]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-07-17 201472]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960]
S3 SMARTMouseFilterx64;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2010-11-19 13168]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2010-11-19 16368]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2010-11-19 24432]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
R2 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
R2 BCUService;Browser Configuration Utility Service; C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-08-04 219360]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R2 WMZuneComm;Zune Windows Mobile Connectivity Service; C:\Program Files\Zune\WMZuneComm.exe [2011-08-05 306400]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 AODService;AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2011-05-25 136616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
S2 NetMsmqActivator;Adaptér naslouchání Net.Msmq; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 NetPipeActivator;Adaptér naslouchání Net.Pipe; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 NetTcpActivator;Adaptér naslouchání Net.Tcp; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 253656]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-18 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-10-03 725400]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-05-19 529232]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-26 1255736]

-----------------EOF-----------------

[Reklama]

[Žbeky]

Ten webserver tam máš naschvál?

Stáhni si HJT a fixni:

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O1 - Hosts: 192.157.56.28 www.google-analytics.com.
O1 - Hosts: 192.157.56.28 ad-emea.doubleclick.net.
O1 - Hosts: 192.157.56.28 www.statcounter.com.
O1 - Hosts: 192.157.56.28 connect.facebook.net.
O1 - Hosts: 192.157.56.28 platform.twitter.com.
O1 - Hosts: 93.115.241.27 www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 www.statcounter.com.
O1 - Hosts: 93.115.241.27 connect.facebook.net.
O1 - Hosts: 93.115.241.27 platform.twitter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll
O2 - BHO: GamePlayLabsBHO - {984A9162-8891-4D19-8CFE-17648BB4E1EC} - C:\Users\JendaG\AppData\Local\GamePlayLabs Plugin\BHO.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\StartSearch plugin\BarLcher.dll
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\JendaG\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64"
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Zlosin]

to je právě problém, když se pokusim cokoliv nainstalovat, počítač začne s instalací, ale pak se objeví chyba, v prohlížeči událostí vypadá takto:

Název chybující aplikace: HijackThis.exe, verze: 2.0.0.4, časové razítko: 0x4bc36b8b
Název chybujícího modulu: HijackThis.exe, verze: 2.0.0.4, časové razítko: 0x4bc36b8b
Kód výjimky: 0xc0000005
Posun chyby: 0x0014192c
ID chybujícího procesu: 0x2130
Čas spuštění chybující aplikace: 0x01ce33a15389848f
Cesta k chybující aplikaci: C:\Users\JendaG\AppData\Local\Temp\HijackThis.exe
Cesta k chybujícímu modulu: C:\Users\JendaG\AppData\Local\Temp\HijackThis.exe
ID zprávy: 9165943a-9f94-11e2-8718-00241ddec2ce

[Zlosin]

už jsem to přemohl, takže
MBAM log : Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.04.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
JendaG :: STOLNÍ-PC [administrátor]

7.4.2013 17:31:55
MBAM-log-2013-04-07 (17-37-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 221187
Uplynulý čas: 4 minut, 57 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 24
HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C} (Adware.QuestScan) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
HKCR\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
HKCU\Software\clickpotatolitesa (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
HKCU\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\QuestScan|DllPath (Adware.QuestScan) -> Data: C:\Program Files (x86)\QuestScan\questscan.dll -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 12
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Nebyla provedena žádná instrukce.
C:\ProgramData\ClickPotatoLiteSA (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0 (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\plugins (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ShoppingReport2 (Adware.ShoppingReport2) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ShoppingReport2\Bin (Adware.ShoppingReport2) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37 (Adware.ShoppingReport2) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 13
C:\Program Files (x86)\StartSearch plugin\BarLcher.dll (PUP.VShareRedir) -> Nebyla provedena žádná instrukce.
C:\Users\JendaG\AppData\Roaming\winsvcns.sys (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA.dat (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf_update.dat (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\copyright.txt (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\Program Files (x86)\ShoppingReport2\Uninst.exe (Adware.ShoppingReport2) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Nebyla provedena žádná instrukce.

(konec)

[Zlosin]

# AdwCleaner v2.200 - Log vytvooen 07/04/2013 v 17:40:11
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : JendaG - STOLNÍ-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\JendaG\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\clickpotatolite
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\ConduitEngine
Složka Nalezeno : C:\Program Files (x86)\DeviceVM
Složka Nalezeno : C:\Program Files (x86)\FreeRIP3
Složka Nalezeno : C:\Program Files (x86)\ShoppingReport2
Složka Nalezeno : C:\Program Files (x86)\StartSearch plugin
Složka Nalezeno : C:\Program Files (x86)\uTorrentBar
Složka Nalezeno : C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\boost_interprocess
Složka Nalezeno : C:\ProgramData\ClickPotatoLiteSA
Složka Nalezeno : C:\ProgramData\FreeRIP
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clickpotato
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3
Složka Nalezeno : C:\Users\JendaG\AppData\Local\Babylon
Složka Nalezeno : C:\Users\JendaG\AppData\Local\TempDir
Složka Nalezeno : C:\Users\JendaG\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\JendaG\AppData\LocalLow\ConduitEngine
Složka Nalezeno : C:\Users\JendaG\AppData\LocalLow\PriceGong
Složka Nalezeno : C:\Users\JendaG\AppData\LocalLow\ShoppingReport2
Složka Nalezeno : C:\Users\JendaG\AppData\LocalLow\uTorrentBar
Složka Nalezeno : C:\Users\JendaG\AppData\Roaming\Babylon

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ClickPotatoLite@ClickPotatoLite.com]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\conduitEngine
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\conduitEngine
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\PriceGong
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\ShoppingReport2
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\uTorrentBar
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\clickpotatolitesa
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\GamePlayLabs
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF2185C8-1E7D-455F-A9E7-8D6741A193E8}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\ShoppingReport2
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\StartSearch
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D2083641-E57F-4EAB-BB85-0582424F4A29}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\MenuButtonIE.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncher.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO
Klíe Nalezeno : HKLM\SOFTWARE\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}
Klíe Nalezeno : HKLM\Software\ClickPotatoLite
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\conduitEngine
Klíe Nalezeno : HKLM\Software\conduitEngine
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FF2185C8-1E7D-455F-A9E7-8D6741A193E8}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\Software\QuestScan
Klíe Nalezeno : HKLM\Software\ShoppingReport2
Klíe Nalezeno : HKLM\Software\uTorrentBar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FF2185C8-1E7D-455F-A9E7-8D6741A193E8}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A2EB4C2-5B00-41BF-831F-CE4F95E4935A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{712B9A3A-CB24-4DA6-AFD7-E0B91855FC66}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Nalezeno : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}
Klíe Nalezeno : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}
Klíe Nalezeno : HKU\S-1-5-21-3863667158-507489069-1230789689-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}
Klíe Nalezeno : HKU\S-1-5-21-3863667158-507489069-1230789689-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry jsou eisté.

-\\ Google Chrome v26.0.1410.43

Soubor : C:\Users\JendaG\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.2369] : homepage = "hxxp://search.conduit.com/?SearchSource=10&ctid=CT2786678",

-\\ Opera v [Nemohu získat verzi]

Soubor : C:\Users\JendaG\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [11683 octets] - [07/04/2013 17:40:11]

########## EOF - C:\AdwCleaner[R1].txt - [11744 octets] ##########

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Zlosin]

# AdwCleaner v2.200 - Log vytvooen 09/04/2013 v 18:10:07
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : JendaG - STOLNÍ-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\JendaG\Downloads\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\Program Files (x86)\ConduitEngine
Složka Vymazáno : C:\Program Files (x86)\FreeRIP3
Složka Vymazáno : C:\Program Files (x86)\StartSearch plugin
Složka Vymazáno : C:\Program Files (x86)\uTorrentBar
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\boost_interprocess
Složka Vymazáno : C:\ProgramData\FreeRIP
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3
Složka Vymazáno : C:\Users\JendaG\AppData\Local\Babylon
Složka Vymazáno : C:\Users\JendaG\AppData\Local\TempDir
Složka Vymazáno : C:\Users\JendaG\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\JendaG\AppData\LocalLow\ConduitEngine
Složka Vymazáno : C:\Users\JendaG\AppData\LocalLow\PriceGong
Složka Vymazáno : C:\Users\JendaG\AppData\LocalLow\ShoppingReport2
Složka Vymazáno : C:\Users\JendaG\AppData\LocalLow\uTorrentBar
Složka Vymazáno : C:\Users\JendaG\AppData\Roaming\Babylon
Vymazáno poi restartu : C:\Program Files (x86)\DeviceVM

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\conduitEngine
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\PriceGong
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\ShoppingReport2
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\uTorrentBar
Klíe Vymazáno : HKCU\Software\AppDataLow\Toolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\GamePlayLabs
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FF2185C8-1E7D-455F-A9E7-8D6741A193E8}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\StartSearch
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\conduitEngine
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FF2185C8-1E7D-455F-A9E7-8D6741A193E8}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\Software\uTorrentBar
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FF2185C8-1E7D-455F-A9E7-8D6741A193E8}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A2EB4C2-5B00-41BF-831F-CE4F95E4935A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{712B9A3A-CB24-4DA6-AFD7-E0B91855FC66}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveVDO plugin
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8E7AD93B-3E87-423D-947F-A321FA7E31C4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Klíe Vymazáno : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry jsou eisté.

-\\ Google Chrome v26.0.1410.43

Soubor : C:\Users\JendaG\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.2365] : homepage = "hxxp://search.conduit.com/?SearchSource=10&ctid=CT2786678",

-\\ Opera v [Nemohu získat verzi]

Soubor : C:\Users\JendaG\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [11794 octets] - [07/04/2013 17:40:11]
AdwCleaner[S1].txt - [8277 octets] - [09/04/2013 18:10:07]

########## EOF - C:\AdwCleaner[S1].txt - [8337 octets] ##########

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verze: v2013.04.09.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
JendaG :: STOLNÍ-PC [administrátor]

9.4.2013 18:02:04
mbam-log-2013-04-09 (18-02-04).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 221787
Uplynulý čas: 4 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 24
HKCR\AppID\{D2083641-E57F-4eab-BB85-0582424F4A29} (Adware.HotBar.CP) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO.1 (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyNewsBarLauncher.IE5BarLauncherBHO (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C} (Adware.QuestScan) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B58926D6-CFB0-45D2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
HKCR\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\clickpotatolitesa (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\ShoppingReport2 (Adware.ShoppingReport2) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\ShoppingReport2 (Adware.ShoppingReport2) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShoppingReport2 (Adware.Hotbar) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 2
HKLM\SOFTWARE\Mozilla\Firefox\extensions|ClickPotatoLite@ClickPotatoLite.com (Adware.ClickPotato) -> Data: C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\QuestScan|DllPath (Adware.QuestScan) -> Data: C:\Program Files (x86)\QuestScan\questscan.dll -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 12
C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\ClickPotatoLiteSA (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0 (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\plugins (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ShoppingReport2 (Adware.ShoppingReport2) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ShoppingReport2\Bin (Adware.ShoppingReport2) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ShoppingReport2\Bin\2.7.37 (Adware.ShoppingReport2) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 13
C:\Program Files (x86)\StartSearch plugin\BarLcher.dll (PUP.VShareRedir) -> Přesun do karantény a smazání se zdařilo.
C:\Users\JendaG\AppData\Roaming\winsvcns.sys (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA.dat (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf_update.dat (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\copyright.txt (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ClickPotatoLite\bin\11.0.19.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files (x86)\ShoppingReport2\Uninst.exe (Adware.ShoppingReport2) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Přesun do karantény a smazání se zdařilo.

(konec)


RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : JendaG [Práva správce]
Mód : Kontrola -- Datum : 04/09/2013 18:26:45
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 6 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
192.157.56.28 www.google-analytics.com.
192.157.56.28 ad-emea.doubleclick.net.
192.157.56.28 www.statcounter.com.
192.157.56.28 connect.facebook.net.
192.157.56.28 platform.twitter.com.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.
93.115.241.27 platform.twitter.com.


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 77b4f5c6a7f1385317ed6277de6417c4
[BSP] 9a80819ac4100e05cbcaa4650fca6ff1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 99899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 204800000 | Size: 200000 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 614400000 | Size: 310479 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB 2.0 USB Flash Drive USB Device +++++
--- User ---
[MBR] db6e11fffd035e0d9fbfd1af8749f7af
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 63 | Size: 1927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_04092013_02d1826.txt >>
RKreport[1]_S_04092013_02d1826.txt

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

+
Spusť znovu RogueKiller
Pokud používáš Win Vista či W7, klikni na RogueKiller pravým a dej spustit jako správce.
Pak klikni na Oprava Host a Zpráva - otevře se log, ten sem vlož.

[Zlosin]

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : JendaG [Práva správce]
Mód : Odebrat -- Datum : 04/09/2013 20:42:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
192.157.56.28 www.google-analytics.com.
192.157.56.28 ad-emea.doubleclick.net.
192.157.56.28 www.statcounter.com.
192.157.56.28 connect.facebook.net.
192.157.56.28 platform.twitter.com.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.
93.115.241.27 platform.twitter.com.


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD642JJ ATA Device +++++
--- User ---
[MBR] 77b4f5c6a7f1385317ed6277de6417c4
[BSP] 9a80819ac4100e05cbcaa4650fca6ff1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 99899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 204800000 | Size: 200000 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 614400000 | Size: 310479 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: USB 2.0 USB Flash Drive USB Device +++++
--- User ---
[MBR] db6e11fffd035e0d9fbfd1af8749f7af
[BSP] a83a24340e59ea8cbbf2d8eaa19e98b0 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 63 | Size: 1927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[2]_D_04092013_02d2042.txt >>
RKreport[1]_S_04092013_02d2041.txt ; RKreport[2]_D_04092013_02d2042.txt


RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : JendaG [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/09/2013 20:47:55
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
192.157.56.28 www.google-analytics.com.
192.157.56.28 ad-emea.doubleclick.net.
192.157.56.28 www.statcounter.com.
192.157.56.28 connect.facebook.net.
192.157.56.28 platform.twitter.com.
93.115.241.27 www.google-analytics.com.
93.115.241.27 ad-emea.doubleclick.net.
93.115.241.27 www.statcounter.com.
93.115.241.27 connect.facebook.net.
93.115.241.27 platform.twitter.com.


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_04092013_02d2047.txt >>
RKreport[1]_S_04092013_02d2041.txt ; RKreport[2]_D_04092013_02d2042.txt ; RKreport[3]_S_04092013_02d2045.txt ; RKreport[4]_H_04092013_02d2047.txt

[memphisto]

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.