PC-HELP.CZ

Zdravim, chcel by som vas poprosit o kontrolu logu, kedze mam v mojim ntb viacero mensich problemov:
- obcas z nicoho nic mi vypadne wifi pripojenie k routeru(na druhom pocitaci je to ok, takze to nieje chyba routru), proste mi ani nenajde router, musim restartovat ntb
- obcas sa mi znicoho nic stane, ze mi nenabehne windows (modra obrazovka- par kontrol+restartu a naskoci to, ale pricinu to neodstrani)
- neviem ci je to len chyba internetu explorer, ale proces mi casto ostava pusteny a zere ramku aj po vypnuti prehliadaca (je to vidiet aj v logu, pritom IE nebol spusteny minimalne hodinu a pol) alebo je to nejaky virus
- tzv. lag spikes pri hrani online hry

-pocitac obcas prebehnem ccleanerom, takisto som sa snazil povypinat co najviac nepotrebnych procesov a sluzieb ktore sa spustali pri starte...inak mam len microsoft security essetials, windows defender (tieto sa mi nedari odinstalovat a ich procesy zeru dost ram/cpu :( ) a este MBAM, ktory ale obcas vypinam

dakujem vopred za kazdu radu a pomoc :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:07:49, on 22. 8. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Users\Ľuboš\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - Startup: HControl - odkaz.lnk = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3}: NameServer = 208.67.222.222,86.110.224.3
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - (no file)
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NBService - Unknown owner - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideAceWindowsService - Unknown owner - C:\ExpressGateUtil\VAWinService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14739 bytes

logy vkládej normálně.

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na b] Kopírovat do schránky [/b]a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 22. 8. 2014
Scan Time: 14:49:59
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.22.04
Rootkit Database: v2014.08.21.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ä1uboA!

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 484933
Time Elapsed: 28 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, , [d1cb4287a3d87bbbb55a8e6145bd6997],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data, , [bae2dbee176420163531a11fdd25946c],

Files: 49
PUP.Optional.BrowserProtect.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\searchplugins\BrowserProtect.xml, , [c8d44b7e047793a3c3c630c1ca38e51b],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\1.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\a.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\b.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\c.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\d.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\e.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\f.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\g.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\h.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\i.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\J.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\k.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\l.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\m.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\mru.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\n.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\o.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\p.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\q.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\r.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\s.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\t.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\u.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\v.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\w.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\x.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\y.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.PriceGong.A, C:\Users\Ä1uboA!\AppData\LocalLow\PriceGong\Data\z.xml, , [bae2dbee176420163531a11fdd25946c],
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.admin", false);), ,[d3c9facf403b59dda3cbdf2ed43154ac]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.aflt", "babsst");), ,[1a8210b97605280ea0ce34d9aa5bd22e]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), ,[2478e5e4bdbed2649dd12be2897cff01]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.autoRvrt", "false");), ,[a9f35a6fa6d5f3437fefe627e025b34d]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.dfltLng", "en");), ,[f2aa5376582351e55a1467a63acbe41c]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.excTlbr", false);), ,[5c402a9ffb804fe7026c030aab5afc04]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.ffxUnstlRst", true);), ,[712b1caddc9f8fa796d84fbeb1547e82]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.id", "a8ee6e770000000000000026c7d94b83");), ,[f2aa8f3ab0cbed4991ddf11c74918878]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.instlDay", "15828");), ,[adef23a618634aecc0ae49c4887dce32]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.instlRef", "sst");), ,[cece09c098e3a88ecaa47c914bbab24e]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.newTab", false);), ,[debe5475e4975bdbe38b55b89e6731cf]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.prdct", "delta");), ,[bddf7c4d8cefc3732945808d8d78bc44]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.prtnrId", "delta");), ,[603c309978035cda422c40cd58ada35d]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.rvrt", "false");), ,[47559138e992ac8aabc3cf3e63a23cc4]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.smplGrp", "none");), ,[afed507918638ea87fef9974c34215eb]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.tlbrId", "base");), ,[68345c6d6f0c81b528463fcea461e61a]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.tlbrSrchUrl", "");), ,[8913b01913681521d39bd13cc63f758b]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.vrsn", "1.8.16.16");), ,[a8f4ae1b2b5081b55c1255b8e42129d7]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.vrsnTs", "1.8.16.1615:53:39");), ,[9dff22a7fc7f91a536383dd073922dd3]
PUP.Optional.Delta.A, C:\Users\Ä1uboA!\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.vrsni", "1.8.16.16");), ,[27753891c8b39c9af67859b4a164d927]

Physical Sectors: 0
(No malicious items detected)

(end)

# AdwCleaner v3.308 - Report created 22/08/2014 at 15:41:50
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ľuboš - LUBOS-PC
# Running from : C:\Users\Ľuboš\Desktop\adwcleaner_3.308.exe
# Option : Scan

***** [ Services ] *****

Service Found : BrowserProtect

***** [ Files / Folders ] *****

File Found : C:\Users\Ľuboš\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\user.js
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\Delta
Folder Found : C:\Program Files (x86)\driver-soft
Folder Found : C:\Program Files (x86)\RegClean Pro
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\Ľuboš\AppData\LocalLow\Conduit
Folder Found : C:\Users\Ľuboš\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Ľuboš\AppData\LocalLow\uTorrentBar
Folder Found : C:\Users\Ľuboš\AppData\Roaming\BabSolution
Folder Found : C:\Users\Ľuboš\AppData\Roaming\Babylon
Folder Found : C:\Users\Ľuboš\AppData\Roaming\driver-soft
Folder Found : C:\Users\Ľuboš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Found : C:\Users\Ľuboš\AppData\Roaming\Systweak

***** [ Scheduled Tasks ] *****

Task Found : BrowserProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0E81104-9F64-43D1-95CD-14FEADBE9DCA}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-crafting-guide_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-crafting-guide_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_videocacheview_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_videocacheview_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-041B-0000-0000000FF1CE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\uTorrentBar
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 sk)

[ File : C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\4c2ccgw0.default\prefs.js ]

[ File : C:\Users\Ľuboš\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "Delta Search");
Line Found : user_pref("browser.search.order.1", "Delta Search");
Line Found : user_pref("browser.search.selectedEngine", "Delta Search");
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "en");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "a8ee6e770000000000000026c7d94b83");
Line Found : user_pref("extensions.delta.instlDay", "15828");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.16.16");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.16.1615:53:39");
Line Found : user_pref("extensions.delta.vrsni", "1.8.16.16");

*************************

AdwCleaner[R0].txt - [6616 octets] - [22/08/2014 15:41:50]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6676 octets] ##########

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

# AdwCleaner v3.308 - Report created 22/08/2014 at 21:56:33
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ľuboš - LUBOS-PC
# Running from : C:\Users\Ľuboš\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BrowserProtect

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\driver-soft
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Users\Ľuboš\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Ľuboš\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Ľuboš\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Ľuboš\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Ľuboš\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Ľuboš\AppData\Roaming\driver-soft
Folder Deleted : C:\Users\Ľuboš\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Ľuboš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
File Deleted : C:\Users\Ľuboš\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : BrowserProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-crafting-guide_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-crafting-guide_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_videocacheview_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_videocacheview_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0E81104-9F64-43D1-95CD-14FEADBE9DCA}
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\uTorrentBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-041B-0000-0000000FF1CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 sk)

[ File : C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\4c2ccgw0.default\prefs.js ]

[ File : C:\Users\Ľuboš\AppData\Roaming\Mozilla\Firefox\Profiles\opvgxs1n.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "Delta Search");
Line Deleted : user_pref("browser.search.order.1", "Delta Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Delta Search");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "a8ee6e770000000000000026c7d94b83");
Line Deleted : user_pref("extensions.delta.instlDay", "15828");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.16.16");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.16.1615:53:39");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.16.16");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\Ľuboš\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6760 octets] - [22/08/2014 15:41:50]
AdwCleaner[R1].txt - [6932 octets] - [22/08/2014 21:50:14]
AdwCleaner[S0].txt - [7036 octets] - [22/08/2014 21:56:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7096 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by •uboç on pi 22. 08. 2014 at 22:06:19,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] "C:\Windows\Tasks\driver robot.job"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"

~~~ FireFox

Emptied folder: C:\Users\•uboç\AppData\Roaming\mozilla\firefox\profiles\opvgxs1n.default\minidumps [36 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 22. 08. 2014 at 22:33:13,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

neviem kde som urobil chybu, ale po skonceni skenovania MBAM mi nevyhodilo nic ako exportovat zaznam, iba ze sa nenaslo hrozba(asi to bude tym ze som si predtym zle precital a dal tie najdene subory do karanteny uz pri prvom skenovani)
ak to je problem, opakovat celu "proceduru" odznova?

tu je log z rogue killera

RogueKiller V9.2.8.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Ľuboš [Práva Správcu]
Režim : Kontrola -- Dátum : 08/23/2014 00:14:58

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 31 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FairplayKD -> NÁJDENÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FairplayKD -> NÁJDENÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\FairplayKD -> NÁJDENÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3} | NameServer : 208.67.222.222,86.110.224.3 -> NÁJDENÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DDF5AD71-555A-464D-9DE8-C4810AACF33F} | DhcpNameServer : 7.254.254.254 -> NÁJDENÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3} | NameServer : 208.67.222.222,86.110.224.3 -> NÁJDENÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DDF5AD71-555A-464D-9DE8-C4810AACF33F} | DhcpNameServer : 7.254.254.254 -> NÁJDENÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3} | NameServer : 208.67.222.222,86.110.224.3 -> NÁJDENÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{DDF5AD71-555A-464D-9DE8-C4810AACF33F} | DhcpNameServer : 7.254.254.254 -> NÁJDENÉ
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NÁJDENÉ
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NÁJDENÉ
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NÁJDENÉ
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> NÁJDENÉ
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NÁJDENÉ
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> NÁJDENÉ
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NÁJDENÉ
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NÁJDENÉ
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NÁJDENÉ
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NÁJDENÉ
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NÁJDENÉ
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NÁJDENÉ
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NÁJDENÉ
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NÁJDENÉ
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.sk/ -> NÁJDENÉ
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.sk/ -> NÁJDENÉ
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NÁJDENÉ
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NÁJDENÉ
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NÁJDENÉ
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NÁJDENÉ
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NÁJDENÉ
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NÁJDENÉ

¤¤¤ naplánované úlohy : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Windows\Media Center\PeriodicScanRetry -- %windir%\ehome\MCUpdate.exe (-pscn 0) -> NÁJDENÉ

¤¤¤ Súbory : 0 ¤¤¤

¤¤¤ Súbor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 8 (Driver: NAHRATÉ) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x3e2f2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x3e2f2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x3e2f2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x3e2f2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_POWER[22] : Unknown @ 0x3e2f2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x3e2f2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_PNP[27] : Unknown @ 0x3e2f2c0
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass0 : \Driver\ETD @ \Device\000000b0 (\SystemRoot\system32\DRIVERS\nvlddmkm.sys)

¤¤¤ webové prehliadače : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] opvgxs1n.default : user_pref("browser.startup.homepage", "google.sk"); -> NÁJDENÉ

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-80A0R SCSI Disk Device +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 MB
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_08222014_225451.log

*teraz asi nemam nic mazat,vsak...a teraz ked to vypnem a nabuduce zapnem, musi mi to zas preskenovat?

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:

- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)

- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

neviem co robim zle,ale po skonceni scanu mi vyhodi len toto a ziadny report, mozte mi prosim poradit co robim zle?
Obrázek

roguekiller:

RogueKiller V9.2.8.0 (x64) [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spustené v : Normálny režim
Užívateľ : Ľuboš [Práva Správcu]
Režim : Odebrať -- Dátum : 08/23/2014 16:26:01

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 31 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\FairplayKD -> VYMAZANÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FairplayKD -> VYMAZANÉ
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\FairplayKD -> VYMAZANÉ
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3} | NameServer : 208.67.222.222,86.110.224.3 -> NAHRADENÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DDF5AD71-555A-464D-9DE8-C4810AACF33F} | DhcpNameServer : 7.254.254.254 -> NAHRADENÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3} | NameServer : 208.67.222.222,86.110.224.3 -> NAHRADENÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DDF5AD71-555A-464D-9DE8-C4810AACF33F} | DhcpNameServer : 7.254.254.254 -> NAHRADENÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1F112442-DC3E-49A8-9C37-0CC8057BE4C3} | NameServer : 208.67.222.222,86.110.224.3 -> NAHRADENÉ ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{DDF5AD71-555A-464D-9DE8-C4810AACF33F} | DhcpNameServer : 7.254.254.254 -> NAHRADENÉ ()
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZANÉ
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> VYMAZANÉ
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0 -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> VYMAZANÉ
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NAHRADENÉ (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> NAHRADENÉ (2)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRADENÉ (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRADENÉ (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NAHRADENÉ (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NAHRADENÉ (0)
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRADENÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRADENÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.sk/ -> NAHRADENÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3288747937-693066357-2820141306-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://google.sk/ -> NAHRADENÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRADENÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> NAHRADENÉ (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRADENÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRADENÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRADENÉ (http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> NAHRADENÉ (http://go.microsoft.com/fwlink/?LinkId=54896)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Windows\Media Center\PeriodicScanRetry -- %windir%\ehome\MCUpdate.exe (-pscn 0) -> VYMAZANÉ

¤¤¤ Súbory : 0 ¤¤¤

¤¤¤ Súbor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 8 (Driver: NAHRATÉ) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CREATE[0] : Unknown @ 0x3e302c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_CLOSE[2] : Unknown @ 0x3e302c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0x3e302c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0x3e302c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_POWER[22] : Unknown @ 0x3e302c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0x3e302c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\DRIVERS\iaStor.sys - IRP_MJ_PNP[27] : Unknown @ 0x3e302c0
[Filter(Root.Keylogger)] \Driver\kbdclass @ \Device\KeyboardClass0 : \Driver\ETD @ \Device\000000b0 (\SystemRoot\system32\DRIVERS\ETD.sys)

¤¤¤ webové prehliadače : 2 ¤¤¤
[IE:Addon] System : Google Toolbar [{2318C2B1-4965-11d4-9B18-009027A5CD4F}] -> VYMAZANÉ
[PUM.HomePage][FIREFX:Config] opvgxs1n.default : user_pref("browser.startup.homepage", "google.sk"); -> NAHRADENÉ (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BEVT-80A0R SCSI Disk Device +++++
--- User ---
[MBR] 697fe5d5f8f6c594432ea117b4bfe546
[BSP] b8e681ec20f3f51e484d81d4ade624cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 63 | Size: 22003 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 45062325 | Size: 119231 MB
2 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 289249280 | Size: 335704 MB
User = LL1 ... OK
User = LL2 ... OK

============================================
RKreport_SCN_08222014_225451.log - RKreport_SCN_08232014_001458.log - RKreport_SCN_08232014_162408.log

PC-HELP.CZ

Prosim o kontrolu logu

Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu