Prosím o preventivní kontrola logu

[onnetoon]

Dobrý den prosím o preventivní kontrolu logu.(pomalý pc)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:08:20, on 7.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\snuvcdsm.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
C:\Program Files (x86)\GIGABYTE\Ghost-M8600(Normal Ver.)\GHOSTOPEN.exe
C:\Program Files (x86)\GIGABYTE\Ghost-M8600(Normal Ver.)\Tilt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t4501l81q
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2442941
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchboxes.info/?pid= ... Z&unqvl=28
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSoft.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSoft.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: saveaNshare - {272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC} - C:\ProgramData\saveaNshare\51f80b693fc99.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: SearchNewTab - {D9737252-A498-867F-B048-467C84FB40A3} - C:\ProgramData\SearchNewTab\51f80c04ee62c.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Soft-Search Toolbar - {09e55ba0-f9c6-4b81-82df-46853f6f7b3f} - C:\Program Files (x86)\Soft-Search\tbSoft.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" 196609
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
O4 - HKLM\..\Run: [ghost] C:\Program Files (x86)\GIGABYTE\Ghost-M8600(Normal Ver.)\ghostopen.exe
O4 - HKLM\..\Run: [Tilt] C:\Program Files (x86)\GIGABYTE\Ghost-M8600(Normal Ver.)\Tilt.exe
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [vchost] C:\Users\Vašík\AppData\Roaming\install\bmp1.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Vašík\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Úložná technologie Intel® Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15991 bytes

[Reklama]

[jaro3]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[onnetoon]

# AdwCleaner v3.002 - Report created 07/09/2013 at 10:31:30
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Vašík - VAŠÍK-PC
# Running from : C:\Users\Vašík\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Windows\System32\roboot64.exe
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\Soft-Search
Folder Found C:\Program Files (x86)\WebSearch
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveaNshare
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveaNshare
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveaNshare
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveaNshare
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
Folder Found C:\ProgramData\ParetoLogic
Folder Found C:\ProgramData\Partner
Folder Found C:\ProgramData\saveaNshare
Folder Found C:\ProgramData\saveaNshare
Folder Found C:\ProgramData\SearchNewTab
Folder Found C:\ProgramData\StarApp
Folder Found C:\Users\Vašík\AppData\Local\Conduit
Folder Found C:\Users\Vašík\AppData\Local\PackageAware
Folder Found C:\Users\Vašík\AppData\Local\PutLockerDownloader
Folder Found C:\Users\Vašík\AppData\Local\Soft-Search
Folder Found C:\Users\Vašík\AppData\Roaming\BabSolution
Folder Found C:\Users\Vašík\AppData\Roaming\Babylon
Folder Found C:\Users\Vašík\AppData\Roaming\DriverCure
Folder Found C:\Users\Vašík\AppData\Roaming\Funmoods
Folder Found C:\Users\Vašík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Found C:\Users\Vašík\AppData\Roaming\ParetoLogic

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\525588dfe135bf17
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Funmoods
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{52EBE0F0-3252-45CF-92AF-F41E72B38350}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D9737252-A498-867F-B048-467C84FB40A3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D9737252-A498-867F-B048-467C84FB40A3}
Key Found : HKCU\Software\OCS
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Soft-Search
Key Found : HKCU\Software\StartSearch
Key Found : HKCU\Toolbar
Key Found : [x64] HKCU\Software\1ClickDownload
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\Funmoods
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : [x64] HKCU\Software\OCS
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Soft-Search
Key Found : [x64] HKCU\Software\StartSearch
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{52EBE0F0-3252-45CF-92AF-F41E72B38350}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC88FC0E-B967-4CA1-883A-96CE3CD91980}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D9737252-A498-867F-B048-467C84FB40A3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\PutLockerDownloader
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2442941
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D9737252-A498-867F-B048-467C84FB40A3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC88FC0E-B967-4CA1-883A-96CE3CD91980}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Soft-Search Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Found : HKLM\Software\Soft-Search
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Found : [x64] HKLM\SOFTWARE\systweak
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://search.conduit.com?SearchSource= ... =CT2442941
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://websearch.searchboxes.info/?pid= ... Z&unqvl=28

-\\ Mozilla Firefox v

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Vašík\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8477 octets] - [07/09/2013 10:31:30]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8537 octets] ##########



//////////////////////////////////////////////////////////////////////////////////////////////////////////////


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.09.07.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Vašík :: VAŠÍK-PC [administrátor]

Ochrana: Povolena

7.9.2013 10:40:50
MBAM-log-2013-09-07 (10-49-10).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 268857
Uplynulý čas: 5 minut, 37 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 19
HKCR\CLSID\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{D9737252-A498-867F-B048-467C84FB40A3} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D9737252-A498-867F-B048-467C84FB40A3} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D9737252-A498-867F-B048-467C84FB40A3} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D9737252-A498-867F-B048-467C84FB40A3} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D30E1A0D-FF64-421E-97B4-145D884A3536} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.SilentInstall.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.SilentInstall.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Funmoods (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Nebyla provedena žádná instrukce.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: 1F1N1U1S1Q1L1I1R2T1B1L -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Špatný: (http://search.conduit.com?SearchSource= ... =CT2442941) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Websearch) -> Špatný: (http://websearch.searchboxes.info/?pid= ... Z&unqvl=28) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.

Nalezené složky: 5
C:\Users\Vašík\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\BabSolution (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\BabSolution\Shared (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\data (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 14
C:\ProgramData\saveaNshare\51f80b693fc99.dll (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\51f80c04ee62c.dll (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{56040F63-91A1-40D2-A239-D9838DE72D95}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{56040F63-91A1-40D2-A239-D9838DE72D95}\TsuDll.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\saveaNshare\uninstall.exe (PUP.Optional.SilentInstall.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\uninstall.exe (PUP.Optional.SilentInstall.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\logs.dat (Bifrose.Trace) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\BabSolution\Shared\sqlite3.dll (PUP.Optional.BabSolution.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\51f80c04ee62c.tlb (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\settings.ini (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\data\SearchNewTab.dat (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.

(konec)

[memphisto]

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[onnetoon]

# AdwCleaner v3.002 - Report created 07/09/2013 at 11:23:31
# Updated 01/09/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Vašík - VAŠÍK-PC
# Running from : C:\Users\Vašík\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\saveaNshare
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\saveaNshare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\WebSearch
Folder Deleted : C:\Program Files (x86)\Soft-Search
Folder Deleted : C:\Users\Vašík\AppData\Local\Conduit
Folder Deleted : C:\Users\Vašík\AppData\Local\PackageAware
Folder Deleted : C:\Users\Vašík\AppData\Local\PutLockerDownloader
Folder Deleted : C:\Users\Vašík\AppData\Local\Soft-Search
Folder Deleted : C:\Users\Vašík\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Vašík\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Vašík\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Vašík\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\Vašík\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Vašík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\PutLockerDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PutlockerDownloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_4e24eecb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_703c874a
Key Deleted : HKCU\Software\525588dfe135bf17
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2442941
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D9737252-A498-867F-B048-467C84FB40A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{52EBE0F0-3252-45CF-92AF-F41E72B38350}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC88FC0E-B967-4CA1-883A-96CE3CD91980}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D9737252-A498-867F-B048-467C84FB40A3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D9737252-A498-867F-B048-467C84FB40A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{272E7CA9-CA4E-6C0F-7B5C-6C23B01976AC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D9737252-A498-867F-B048-467C84FB40A3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{52EBE0F0-3252-45CF-92AF-F41E72B38350}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BC88FC0E-B967-4CA1-883A-96CE3CD91980}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{09E55BA0-F9C6-4B81-82DF-46853F6F7B3F}]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Soft-Search
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Uniblue\DriverScanner
Key Deleted : HKLM\Software\Soft-Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Soft-Search Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v29.0.1547.66

[ File : C:\Users\Vašík\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8673 octets] - [07/09/2013 10:31:30]
AdwCleaner[R1].txt - [8733 octets] - [07/09/2013 11:22:24]
AdwCleaner[S0].txt - [6893 octets] - [07/09/2013 11:23:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6953 octets] ##########

[onnetoon]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.07.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Vašík :: VAŠÍK-PC [administrátor]

Ochrana: Povolena

7.9.2013 11:28:43
mbam-log-2013-09-07 (11-28-43).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 269479
Uplynulý čas: 6 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D30E1A0D-FF64-421E-97B4-145D884A3536} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Špatný: (1) Dobrý: (0) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\ProgramData\InstallMate\{56040F63-91A1-40D2-A239-D9838DE72D95}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{56040F63-91A1-40D2-A239-D9838DE72D95}\TsuDll.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\uTorrent\ism.exe (PUP.Optional.Conduit.A) -> Nebyla provedena žádná instrukce.
C:\Users\Vašík\AppData\Roaming\logs.dat (Bifrose.Trace) -> Přesun do karantény a smazání se zdařilo.

(konec)

[onnetoon]

RogueKiller V8.6.9 _x64_ [Sep 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Vašík [Práva správce]
Mód : Kontrola -- Datum : 09/07/2013 11:46:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] snuvcdsm.exe -- C:\Windows\snuvcdsm.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 9 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : vchost (C:\Users\Vašík\AppData\Roaming\install\bmp1.exe [-]) -> NALEZENO
[RUN][SUSP UNIC] HKCU\[...]\Run : Google Update ("C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Run : SNUVCDSM (C:\Windows\snuvcdsm.exe [-]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-4254195534-179189113-2231032786-1000\[...]\Run : vchost (C:\Users\Vašík\AppData\Roaming\install\bmp1.exe [-]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-4254195534-179189113-2231032786-1000\[...]\Run : Google Update ("C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 8 ¤¤¤
[V1][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000UA.job : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> NALEZENO
[V1][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000Core.job : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> NALEZENO
[V2][SUSP PATH] Funmoods : C:\Users\VAK~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE - /Check [x] -> NALEZENO
[V2][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000Core : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> NALEZENO
[V2][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000UA : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> NALEZENO
[V2][SUSP UNIC] SidebarExecute : C:\Program Files (x86)\Windows Sidebar\sidebar.exe - /SL5="$100348,3775942,54272,C:\Users\Vašík\Downloads\Tunngle_Setup_v4.5.1.1.exe" [-][x] -> NALEZENO
[V2][SUSP UNIC] {2EA139DE-BB1C-4FD5-8F27-401987B344B9} : C:\Users\Vašík\Downloads\LeagueofLegends.exe [x] -> NALEZENO
[V2][SUSP UNIC] {815516F0-DED6-4654-9BFD-DEB485A97DEF} : C:\Users\Vašík\Downloads\LeagueofLegends.exe [x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ATA TOSHIBA MK6465GS SCSI Disk Device +++++
--- User ---
[MBR] f4ac4f8b5838d6ae066a429744b62228
[BSP] 720c75126daf5687b04ff39831c3849e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 28674048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 28878848 | Size: 596378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09072013_114644.txt >>

[onnetoon]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.8 (09.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Vaçˇk on so 07.09.2013 at 11:54:48,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4254195534-179189113-2231032786-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Vaçˇk\appdata\local\apn"
Successfully deleted: [Folder] "C:\Program Files (x86)\saveshare"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 07.09.2013 at 12:01:18,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[memphisto]

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[onnetoon]

RogueKiller V8.6.9 _x64_ [Sep 3 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Vašík [Práva správce]
Mód : Odebrat -- Datum : 09/07/2013 19:15:57
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] snuvcdsm.exe -- C:\Windows\snuvcdsm.exe [-] -> SMAZÁNO [TermProc]
[SUSP UNIC] utorrent.exe -- C:\Users\Vašík\AppData\Roaming\uTorrent\utorrent.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 11 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : vchost (C:\Users\Vašík\AppData\Roaming\install\bmp1.exe [-]) -> VYMAZÁNO
[RUN][SUSP UNIC] HKCU\[...]\Run : Google Update ("C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKLM\[...]\Run : SNUVCDSM (C:\Windows\snuvcdsm.exe [-]) -> VYMAZÁNO
[RUN][SUSP UNIC] HKUS\S-1-5-21-4254195534-179189113-2231032786-1000\[...]\Run : vchost (C:\Users\Vašík\AppData\Roaming\install\bmp1.exe [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP UNIC] HKUS\S-1-5-21-4254195534-179189113-2231032786-1000\[...]\Run : Google Update ("C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe" /c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 8 ¤¤¤
[V1][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000UA.job : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> VYMAZÁNO
[V1][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000Core.job : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> VYMAZÁNO
[V2][SUSP PATH] Funmoods : C:\Users\VAK~1\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE - /Check [x] -> VYMAZÁNO
[V2][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000Core : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /c [7] -> ERROR DELETING TASK
[V2][SUSP UNIC] GoogleUpdateTaskUserS-1-5-21-4254195534-179189113-2231032786-1000UA : C:\Users\Vašík\AppData\Local\Google\Update\GoogleUpdate.exe - /ua /installsource scheduler [7][x] -> VYMAZÁNO
[V2][SUSP UNIC] SidebarExecute : C:\Program Files (x86)\Windows Sidebar\sidebar.exe - /SL5="$100348,3775942,54272,C:\Users\Vašík\Downloads\Tunngle_Setup_v4.5.1.1.exe" [-][x] -> VYMAZÁNO
[V2][SUSP UNIC] {2EA139DE-BB1C-4FD5-8F27-401987B344B9} : C:\Users\Vašík\Downloads\LeagueofLegends.exe [x] -> VYMAZÁNO
[V2][SUSP UNIC] {815516F0-DED6-4654-9BFD-DEB485A97DEF} : C:\Users\Vašík\Downloads\LeagueofLegends.exe [x] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ATA TOSHIBA MK6465GS SCSI Disk Device +++++
--- User ---
[MBR] f4ac4f8b5838d6ae066a429744b62228
[BSP] 720c75126daf5687b04ff39831c3849e : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 28674048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 28878848 | Size: 596378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_09072013_191557.txt >>
RKreport[0]_S_09072013_114644.txt;RKreport[0]_S_09072013_191523.txt

[onnetoon]

ComboFix 13-09-06.01 - Vašík 07.09.2013 19:20:35.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4028.2099 [GMT 2:00]
Spuštěný z: C:\Users\VaÜÝk\Desktop\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\install.exe
C:\prefs.js
C:\Program Files (x86)\Common Files\Acer GameZone online.ico
C:\Windows\PFRO.log
C:\Windows\SysWow64\frapsvid.dll
C:\Windows\wininit.ini


((((((((((((((((((((((((( Soubory vytvořené od 2013-08-07 do 2013-09-07 )))))))))))))))))))))))))))))))


2013-09-07 17:27:06 . 2013-09-07 17:27:06 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-09-07 16:58:26 . 2013-09-07 16:58:26 -------- d-----w- C:\ProgramData\boost_interprocess
2013-09-07 09:54:39 . 2013-09-07 09:54:39 -------- d-----w- C:\Windows\ERUNT
2013-09-07 08:35:28 . 2013-09-07 08:35:28 -------- d-----w- C:\Users\Vašík\AppData\Roaming\Malwarebytes
2013-09-07 08:35:10 . 2013-09-07 08:35:10 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-07 08:35:09 . 2013-09-07 08:35:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-07 08:35:09 . 2013-04-04 12:50:32 25928 ----a-w- C:\Windows\system32\drivers\mbam.sys
2013-09-07 08:31:18 . 2013-09-07 09:23:51 -------- d-----w- C:\AdwCleaner
2013-09-07 08:06:43 . 2013-09-07 08:06:43 388096 ----a-r- C:\Users\Vašík\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-07 08:06:43 . 2013-09-07 08:06:43 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-09-05 14:59:31 . 2013-09-05 14:59:32 169080 ----a-w- C:\Windows\SysWow64\uplay_r1_loader.dll
2013-09-05 14:58:56 . 2013-09-05 14:58:56 -------- d-----w- C:\ProgramData\Logs
2013-09-05 13:57:41 . 2013-09-05 13:57:41 -------- d-----w- C:\ProgramData\SystemRequirementsLab
2013-09-05 13:57:41 . 2013-09-05 13:57:41 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2013-09-05 12:19:01 . 2013-09-05 12:19:01 -------- d-----w- C:\Program Files (x86)\Origin Games
2013-09-05 12:18:05 . 2013-09-05 12:19:01 -------- d-----w- C:\Users\Vašík\AppData\Local\Origin
2013-09-05 12:13:55 . 2013-09-07 09:27:51 -------- d-----w- C:\Program Files (x86)\Origin
2013-09-04 14:14:03 . 2013-09-04 14:14:24 -------- d-----w- C:\Users\Vašík\AppData\Roaming\Simple Adblock
2013-09-01 17:51:33 . 2013-09-01 17:51:33 -------- d-----w- C:\Users\Vašík\AppData\Local\2K Games
2013-08-31 08:18:36 . 2013-09-01 14:28:59 -------- d-----w- C:\Program Files (x86)\JC2-MP
2013-08-30 09:40:30 . 2013-08-30 10:04:13 -------- d-----w- C:\Users\Vašík\AppData\Roaming\Natural Selection 2
2013-08-29 12:28:59 . 2013-08-29 12:28:59 -------- d-----w- C:\Users\Vašík\AppData\Roaming\gd.sos.McPixel
2013-08-29 12:20:30 . 2013-08-29 12:20:30 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2013-08-29 12:20:30 . 2013-08-29 12:20:30 -------- d-----w- C:\Users\Vašík\AppData\Local\eSupport.com
2013-08-28 04:59:00 . 2013-08-28 14:15:47 -------- d-----w- C:\Users\Vašík\VirtualBox VMs
2013-08-28 04:53:30 . 2013-08-29 09:38:11 -------- d-----w- C:\Users\Vašík\.VirtualBox
2013-08-28 04:52:18 . 2013-07-04 13:58:48 238352 ----a-w- C:\Windows\system32\drivers\VBoxDrv.sys
2013-08-28 04:52:04 . 2013-07-04 13:57:00 120080 ----a-w- C:\Windows\system32\drivers\VBoxUSBMon.sys
2013-08-27 12:21:12 . 2013-08-27 12:21:58 -------- d-----w- C:\Program Files\Adobe
2013-08-27 12:17:14 . 2013-08-27 12:22:05 -------- d-----w- C:\Program Files\Common Files\Adobe
2013-08-20 10:03:41 . 2013-08-20 10:24:01 -------- d-----w- C:\Users\Vašík\AppData\Roaming\.technic
2013-08-19 17:18:07 . 2013-08-19 17:22:10 -------- d-----w- C:\Users\Vašík\AppData\Roaming\.craftingdead
2013-08-19 10:53:32 . 2013-08-19 08:36:07 2601752 ----a-w- C:\Windows\SysWow64\pbsvc_moh.exe
2013-08-18 13:25:16 . 2013-08-18 13:25:16 -------- d-----w- C:\Users\Vašík\AppData\Local\Criterion Games
2013-08-16 06:54:27 . 2013-08-16 07:50:50 -------- d-----w- C:\Users\Vašík\AppData\Roaming\Tunngle
2013-08-15 05:19:28 . 2013-08-15 05:19:28 -------- d-----w- C:\Users\Vašík\AppData\Roaming\AVG2013
2013-08-15 05:17:05 . 2013-08-15 05:17:05 -------- d-----w- C:\$AVG
2013-08-15 05:16:22 . 2013-08-15 05:16:22 -------- d-----w- C:\Program Files (x86)\AVG
2013-08-14 12:23:16 . 2013-08-14 12:23:17 -------- d-----w- C:\Users\Vašík\AppData\Local\DayZCommander
2013-08-14 12:21:28 . 2013-08-14 12:21:28 -------- d-----w- C:\Program Files (x86)\Dotjosh Studios
2013-08-14 05:04:49 . 2013-07-09 05:52:52 224256 ----a-w- C:\Windows\system32\wintrust.dll
2013-08-14 05:04:49 . 2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\system32\crypt32.dll
2013-08-14 05:04:49 . 2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-08-14 05:04:49 . 2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-14 05:04:48 . 2013-07-09 05:46:20 184320 ----a-w- C:\Windows\system32\cryptsvc.dll
2013-08-14 05:04:48 . 2013-07-09 05:46:20 139776 ----a-w- C:\Windows\system32\cryptnet.dll
2013-08-14 05:04:48 . 2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-08-14 05:04:48 . 2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-08-14 05:04:00 . 2013-07-19 01:58:42 2048 ----a-w- C:\Windows\system32\tzres.dll
2013-08-14 05:04:00 . 2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-08-11 13:49:24 . 2013-09-01 16:50:56 -------- d-----w- C:\Users\Vašík\AppData\Roaming\.minecraft
2013-08-11 13:40:00 . 2013-08-11 13:40:00 -------- d-----w- C:\Users\Vašík\AppData\Roaming\TunkDesign
2013-08-11 13:38:54 . 2013-08-11 13:38:54 -------- d-----w- C:\Users\Vašík\AppData\Roaming\Merver
2013-08-10 18:42:47 . 2013-08-10 19:02:16 -------- d-----w- C:\Program Files (x86)\Codemasters
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-09-07 08:06:43 . 2013-09-07 08:06:43 388096 ----a-r- C:\Users\Vašík\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-07 08:06:43 . 2013-09-07 08:06:43 388096 ----a-r- C:\Users\Vašík\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-29 11:44:24 . 2013-02-20 11:02:24 281312 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2013-08-29 11:44:24 . 2013-02-04 16:38:25 281312 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-08-29 11:42:57 . 2013-02-04 16:38:25 218496 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-08-22 11:52:32 . 2013-01-29 15:55:41 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-22 11:52:32 . 2013-01-29 15:55:41 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-15 04:41:25 . 2013-01-28 20:07:06 78161360 ----a-w- C:\Windows\system32\MRT.exe
2013-07-26 20:56:36 . 2013-02-04 16:38:24 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-07-19 23:51:00 . 2013-07-19 23:51:00 311608 ----a-w- C:\Windows\system32\drivers\avgloga.sys
2013-07-19 23:50:56 . 2013-07-19 23:50:56 71480 ----a-w- C:\Windows\system32\drivers\avgidsha.sys
2013-07-19 23:50:56 . 2013-07-19 23:50:56 246072 ----a-w- C:\Windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50:50 . 2013-07-19 23:50:50 206648 ----a-w- C:\Windows\system32\drivers\avgldx64.sys
2013-07-09 23:32:38 . 2013-07-09 23:32:38 45880 ----a-w- C:\Windows\system32\drivers\avgrkx64.sys
2013-07-09 04:45:07 . 2013-08-14 05:03:54 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-04 13:57:00 . 2013-07-04 13:57:00 131856 ----a-w- C:\Windows\system32\drivers\VBoxNetAdp.sys
2013-06-30 23:45:28 . 2013-06-30 23:45:28 116536 ----a-w- C:\Windows\system32\drivers\avgmfx64.sys
2013-06-23 13:16:18 . 2013-06-23 13:16:21 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-23 13:16:16 . 2013-01-28 16:52:56 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-23 13:16:16 . 2013-01-28 16:52:56 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

[jaro3]

nedal si z mbam po smazání:

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

log Z Combofixu není celý..