Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-07-25 19:22:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 50 GB (32%) free of 153 GB
Total RAM: 3070 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:22:39, on 25.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\WebcamMax\wcmmon.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Admin\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 1FD08A2DDD
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss ... ffID=17981
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files\Speed Analysis 2\ScriptHost.dll
O2 - BHO: Smiley Bar for Facebook - {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll
O3 - Toolbar: (no name) - !{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Updater Service (IBUpdaterService) - Unknown owner - C:\ProgramData\IBUpdaterService\ibsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 6926 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2056424668-253270494-1716857081-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2056424668-253270494-1716857081-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2056424668-253270494-1716857081-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2056424668-253270494-1716857081-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}]
Speed Analysis 2 - C:\Program Files\Speed Analysis 2\ScriptHost.dll [2013-04-17 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}]
Smiley Bar for Facebook - C:\Program Files\Smiley Bar for Facebook\ScriptHost.dll [2013-03-20 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-17 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-17 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files\Yontoo\YontooIEClient.dll [2012-05-16 194928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-26 336384]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs [2013-05-01 543]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-14 136176]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-11-01 3093624]
"Facebook Update"=C:\Users\Admin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-17 138096]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"WebcamMaxAutoRun"=C:\Program Files\WebcamMax\wcmmon.exe [2011-07-17 1038848]
"uTorrent"=C:\Users\Admin\AppData\Roaming\uTorrent\uTorrent.exe [2013-05-26 802136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-07-25 19:10:40 ----D---- C:\rsit
2013-07-25 19:10:40 ----D---- C:\Program Files\trend micro
2013-07-25 19:05:37 ----A---- C:\AdwCleaner[R1].txt
2013-07-25 19:01:40 ----D---- C:\Windows\system32\MRT
2013-07-18 00:25:37 ----D---- C:\Program Files\CCleaner
2013-07-17 23:28:13 ----A---- C:\Windows\system32\javaws.exe
2013-07-17 23:28:06 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-07-17 23:17:47 ----D---- C:\Program Files\Common Files\Java
2013-07-17 20:13:54 ----A---- C:\Windows\system32\jscript.dll
2013-07-17 20:13:52 ----A---- C:\Windows\system32\jscript9.dll
2013-07-17 20:13:51 ----A---- C:\Windows\system32\jsproxy.dll
2013-07-17 20:13:51 ----A---- C:\Windows\system32\iesetup.dll
2013-07-17 20:13:50 ----A---- C:\Windows\system32\ieui.dll
2013-07-17 20:13:49 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-17 20:13:49 ----A---- C:\Windows\system32\msfeeds.dll
2013-07-17 20:13:49 ----A---- C:\Windows\system32\iernonce.dll
2013-07-17 20:13:49 ----A---- C:\Windows\system32\ie4uinit.exe
2013-07-17 20:13:48 ----A---- C:\Windows\system32\urlmon.dll
2013-07-17 20:13:48 ----A---- C:\Windows\system32\iesysprep.dll
2013-07-17 20:13:47 ----A---- C:\Windows\system32\iertutil.dll
2013-07-17 20:13:44 ----A---- C:\Windows\system32\wininet.dll
2013-07-17 20:13:39 ----A---- C:\Windows\system32\ieframe.dll
2013-07-17 20:13:37 ----A---- C:\Windows\system32\mshtml.dll
2013-07-17 20:04:33 ----A---- C:\Windows\system32\win32k.sys
2013-07-17 20:04:11 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-07-17 20:04:10 ----A---- C:\Windows\system32\DWrite.dll
2013-07-17 20:04:02 ----A---- C:\Windows\system32\qedit.dll
======List of files/folders modified in the last 1 month======
2013-07-25 19:21:18 ----D---- C:\Windows\Temp
2013-07-25 19:20:59 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2013-07-25 19:20:03 ----D---- C:\Windows\system32\Tasks
2013-07-25 19:19:13 ----D---- C:\Windows\system32\catroot2
2013-07-25 19:19:12 ----D---- C:\Windows\system32\config
2013-07-25 19:10:40 ----RD---- C:\Program Files
2013-07-25 19:07:24 ----SHD---- C:\System Volume Information
2013-07-25 19:01:40 ----D---- C:\Windows\System32
2013-07-25 19:01:39 ----D---- C:\Windows\debug
2013-07-18 15:24:19 ----D---- C:\Windows\inf
2013-07-18 15:00:06 ----D---- C:\Windows
2013-07-18 00:31:03 ----D---- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2013-07-18 00:31:02 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2013-07-18 00:31:01 ----D---- C:\ProgramData\LogMeIn
2013-07-18 00:30:58 ----D---- C:\Windows\Panther
2013-07-18 00:30:57 ----D---- C:\Windows\Logs
2013-07-17 23:28:20 ----SHD---- C:\Windows\Installer
2013-07-17 23:27:59 ----A---- C:\Windows\system32\javaw.exe
2013-07-17 23:27:59 ----A---- C:\Windows\system32\java.exe
2013-07-17 23:27:58 ----A---- C:\Windows\system32\npdeployJava1.dll
2013-07-17 23:27:58 ----A---- C:\Windows\system32\deployJava1.dll
2013-07-17 23:27:56 ----D---- C:\Program Files\Java
2013-07-17 23:18:57 ----D---- C:\Program Files\WinRAR
2013-07-17 23:17:47 ----D---- C:\Program Files\Common Files
2013-07-17 23:14:42 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-07-17 21:01:52 ----D---- C:\Windows\rescache
2013-07-17 20:36:29 ----D---- C:\Windows\Microsoft.NET
2013-07-17 20:36:26 ----RSD---- C:\Windows\assembly
2013-07-17 20:25:20 ----D---- C:\Windows\Prefetch
2013-07-17 20:24:55 ----D---- C:\Windows\winsxs
2013-07-17 20:23:11 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-17 20:22:19 ----D---- C:\Program Files\Windows Journal
2013-07-17 20:22:19 ----D---- C:\Program Files\Windows Defender
2013-07-17 20:22:19 ----D---- C:\Program Files\Internet Explorer
2013-07-17 20:14:05 ----D---- C:\Windows\system32\catroot
2013-07-17 20:13:02 ----D---- C:\ProgramData\Microsoft Help
2013-07-17 19:53:08 ----D---- C:\ProgramData\Skype
2013-07-17 19:53:05 ----RD---- C:\Program Files\Skype
2013-07-17 19:52:23 ----D---- C:\Windows\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-17 175176]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-06-17 14392]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-17 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-17 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-03 242240]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys [2012-11-29 47640]
R2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam.sys [2012-04-15 1068216]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-27 238592]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-01-25 3386792]
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys [2012-11-29 10144]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-12-16 37504]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-09-28 44544]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 XDva396;XDva396; \??\C:\Windows\system32\XDva396.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-27 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 284672]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 BrowserProtect;BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2013-06-03 3085264]
R2 IBUpdaterService;Updater Service; C:\ProgramData\IBUpdaterService\ibsvc.exe [2013-05-06 622336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-14 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-17 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-03-14 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím pročistit.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím pročistit.
citat:
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím pročistit.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.3 (07.25.2013:1)
OS: Windows 7 Home Premium x86
Ran by Admin on p 26.07.2013 at 10:47:53,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\propertysync.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{18b9b16e-716f-43df-a6ad-512c7d2eb983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{19975b78-1907-4dd6-a437-4c48120f46a4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{562b9316-c08a-444a-9482-62080dd851ae}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{562b9317-c08a-444a-9482-62080dd851ae}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{cfdafe39-20ce-451d-bd45-a37452f39cf0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{ea28b360-05e0-4f93-8150-02891f1d8d3c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{43969e3f-3e7c-4911-a8f1-79c6ca6ac731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{045f91b3-695f-423a-98c7-8de3c47aa020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{10de7085-6a1e-4d41-a7bf-9af93e351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{1348bd1b-c32a-41a7-9bd4-5377aa1ab925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{1ad27395-1659-4dff-a319-2cfa243861a5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{395afe6e-8308-48db-89be-ed5f4aa3d3ec}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{43969e3f-3e7c-4911-a8f1-79c6ca6ac731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{43b390f0-6ba2-45ca-abf2-5db0cee9b49d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{93cf54f5-cfaa-4440-b588-8ed0dfad5c21}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{94cada2e-1d3f-419f-8a3d-06c58edf53c8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{9e52eb8b-8dd9-4605-ad36-d352bcd482f2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{a1440ec3-f0fa-407a-b811-de6668c06d29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{b9a84ad0-5777-46fd-8b8f-1ebd06750fbc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c1995f88-1c7f-40d7-b0fa-6f107f6308b8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c815e3da-0823-49b0-9270-d1771d58b317}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{d3bc53e7-0437-4c97-90ee-2cd6ff47fb14}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d372567d-67c1-4b29-b3f0-159b52b3e967}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{2eecd738-5844-4a99-b4b6-146bf802613b}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{df7770f7-832f-4bdf-b144-100eddd0c3ae}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{df7770f7-832f-4bdf-b144-100eddd0c3ae}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\babylontoolbarsrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\babylontoolbarsrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT1750559
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0BBEAC00-6BD4-4844-9BB7-0D6F9816D7F9}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{79EF03CE-4946-4B72-BEE3-706F809E6832}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef"
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\browserprotect"
Failed to delete: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Failed to delete: [Folder] "C:\ProgramData\application data\browserprotect"
Failed to delete: [Folder] "C:\ProgramData\application data\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\funmoods"
Successfully deleted: [Folder] "C:\Program Files\yontoo"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 26.07.2013 at 11:02:32,83
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.3 (07.25.2013:1)
OS: Windows 7 Home Premium x86
Ran by Admin on p 26.07.2013 at 10:47:53,08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\propertysync.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{18b9b16e-716f-43df-a6ad-512c7d2eb983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{19975b78-1907-4dd6-a437-4c48120f46a4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{562b9316-c08a-444a-9482-62080dd851ae}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{562b9317-c08a-444a-9482-62080dd851ae}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{cfdafe39-20ce-451d-bd45-a37452f39cf0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{ea28b360-05e0-4f93-8150-02891f1d8d3c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{43969e3f-3e7c-4911-a8f1-79c6ca6ac731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{045f91b3-695f-423a-98c7-8de3c47aa020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{10de7085-6a1e-4d41-a7bf-9af93e351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{1348bd1b-c32a-41a7-9bd4-5377aa1ab925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{1ad27395-1659-4dff-a319-2cfa243861a5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{395afe6e-8308-48db-89be-ed5f4aa3d3ec}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{43969e3f-3e7c-4911-a8f1-79c6ca6ac731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{43b390f0-6ba2-45ca-abf2-5db0cee9b49d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{93cf54f5-cfaa-4440-b588-8ed0dfad5c21}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{94cada2e-1d3f-419f-8a3d-06c58edf53c8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{9e52eb8b-8dd9-4605-ad36-d352bcd482f2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{a1440ec3-f0fa-407a-b811-de6668c06d29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{b9a84ad0-5777-46fd-8b8f-1ebd06750fbc}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c1995f88-1c7f-40d7-b0fa-6f107f6308b8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{c815e3da-0823-49b0-9270-d1771d58b317}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\interface\{d3bc53e7-0437-4c97-90ee-2cd6ff47fb14}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\typelib\{d372567d-67c1-4b29-b3f0-159b52b3e967}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{2eecd738-5844-4a99-b4b6-146bf802613b}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{df7770f7-832f-4bdf-b144-100eddd0c3ae}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{df7770f7-832f-4bdf-b144-100eddd0c3ae}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthost.tool.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.layers.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\babylontoolbarsrv_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\babylontoolbarsrv_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT1750559
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0BBEAC00-6BD4-4844-9BB7-0D6F9816D7F9}
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{79EF03CE-4946-4B72-BEE3-706F809E6832}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\a28b4d68debaa244eb686953b7074fef"
~~~ Files
Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\browserprotect"
Failed to delete: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Failed to delete: [Folder] "C:\ProgramData\application data\browserprotect"
Failed to delete: [Folder] "C:\ProgramData\application data\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Admin\appdata\locallow\funmoods"
Successfully deleted: [Folder] "C:\Program Files\yontoo"
Successfully deleted: [Folder] "C:\ProgramData\ask"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\extensioninstallforcelist [Blacklisted Policy]
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 26.07.2013 at 11:02:32,83
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím pročistit.
no podstatnu cast blbosti sa podarilo zmazat ,,,
pouzi ADWCleaner - volba delete - log vloz
pouzi ADWCleaner - volba delete - log vloz
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím pročistit.
# AdwCleaner v2.305 - Log vytvooen 26/07/2013 v 11:12:12
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (32 bits)
# Uživatel : Admin - ADMIN-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Admin\Downloads\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\InstallMate
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
Klíe Nalezeno : HKU\S-1-5-21-2056424668-253270494-1716857081-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry jsou eisté.
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [14661 octets] - [25/07/2013 19:05:37]
AdwCleaner[R2].txt - [6344 octets] - [26/07/2013 11:09:49]
AdwCleaner[R3].txt - [2032 octets] - [26/07/2013 11:12:12]
AdwCleaner[S1].txt - [6230 octets] - [26/07/2013 11:10:08]
########## EOF - C:\AdwCleaner[R3].txt - [2152 octets] ##########
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (32 bits)
# Uživatel : Admin - ADMIN-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Admin\Downloads\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\ProgramData\BrowserProtect
Složka Nalezeno : C:\ProgramData\InstallMate
***** [Registry] *****
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserProtect
Klíe Nalezeno : HKU\S-1-5-21-2056424668-253270494-1716857081-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
[OK] Registry jsou eisté.
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [14661 octets] - [25/07/2013 19:05:37]
AdwCleaner[R2].txt - [6344 octets] - [26/07/2013 11:09:49]
AdwCleaner[R3].txt - [2032 octets] - [26/07/2013 11:12:12]
AdwCleaner[S1].txt - [6230 octets] - [26/07/2013 11:10:08]
########## EOF - C:\AdwCleaner[R3].txt - [2152 octets] ##########
Re: Prosím pročistit.
# AdwCleaner v2.306 - Log vytvooen 26/07/2013 v 11:10:08
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (32 bits)
# Uživatel : Admin - ADMIN-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Admin\Downloads\adwcleaner (1).exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : BrowserProtect
Zastaveno & vymazáno : IBUpdaterService
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files\Smiley Bar for Facebook
Složka Vymazáno : C:\Program Files\Speed Analysis 2
Složka Vymazáno : C:\ProgramData\IBUpdaterService
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Vymazáno : C:\Users\Admin\AppData\Roaming\SpeedAnalysis2
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\user.js
Soubor Vymazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Soubor Vymazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Vymazáno poi restartu : C:\ProgramData\BrowserProtect
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Vymazáno : HKCU\Software\aedb8de268e543
Klíe Vymazáno : HKCU\Software\BabylonChromeExtension
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKLM\SOFTWARE\aedb8de268e543
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\10
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Klíe Vymazáno : HKLM\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Klíe Vymazáno : HKU\S-1-5-21-2056424668-253270494-1716857081-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a85dfd92000000000000001fd08a2ddd&tlver=1.4.19.19&ss=1&affID=17981 --> hxxp://www.google.com
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.3028] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId[...]
*************************
AdwCleaner[R1].txt - [14661 octets] - [25/07/2013 19:05:37]
AdwCleaner[R2].txt - [6344 octets] - [26/07/2013 11:09:49]
AdwCleaner[S1].txt - [6101 octets] - [26/07/2013 11:10:08]
########## EOF - C:\AdwCleaner[S1].txt - [6161 octets] ##########
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (32 bits)
# Uživatel : Admin - ADMIN-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Admin\Downloads\adwcleaner (1).exe
# Volba [Vymazat]
***** [Služby] *****
Zastaveno & vymazáno : BrowserProtect
Zastaveno & vymazáno : IBUpdaterService
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files\Smiley Bar for Facebook
Složka Vymazáno : C:\Program Files\Speed Analysis 2
Složka Vymazáno : C:\ProgramData\IBUpdaterService
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Vymazáno : C:\Users\Admin\AppData\Roaming\SpeedAnalysis2
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Soubor Vymazáno : C:\user.js
Soubor Vymazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Soubor Vymazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Vymazáno poi restartu : C:\ProgramData\BrowserProtect
***** [Registry] *****
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Vymazáno : HKCU\Software\aedb8de268e543
Klíe Vymazáno : HKCU\Software\BabylonChromeExtension
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKLM\SOFTWARE\aedb8de268e543
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\10
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Klíe Vymazáno : HKLM\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4723AAA8-B2F9-4CC1-9E60-190976DB1FA4}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smiley Bar for Facebook
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Speed Analysis 2
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Klíe Vymazáno : HKU\S-1-5-21-2056424668-253270494-1716857081-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16635
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a85dfd92000000000000001fd08a2ddd&tlver=1.4.19.19&ss=1&affID=17981 --> hxxp://www.google.com
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.3028] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId[...]
*************************
AdwCleaner[R1].txt - [14661 octets] - [25/07/2013 19:05:37]
AdwCleaner[R2].txt - [6344 octets] - [26/07/2013 11:09:49]
AdwCleaner[S1].txt - [6101 octets] - [26/07/2013 11:10:08]
########## EOF - C:\AdwCleaner[S1].txt - [6161 octets] ##########
Re: Prosím pročistit.
este prescanuj PC s MBAM - rychla kontrola
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím pročistit.
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org
Verze: v2013.08.04.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Admin :: ADMIN-PC [administrátor]
Ochrana: Povolena
4.8.2013 14:22:21
MBAM-log-2013-08-04 (14-41-49).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 229913
Uplynulý čas: 6 minut, 18 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (Adware.BProtector) -> Špatný: (c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll) Dobrý: () -> Nebyla provedena žádná instrukce.
Nalezené složky: 2
C:\Users\Guest\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\Users\Guest\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 1
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll (Adware.BProtector) -> Nebyla provedena žádná instrukce.
(konec)
www.malwarebytes.org
Verze: v2013.08.04.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16635
Admin :: ADMIN-PC [administrátor]
Ochrana: Povolena
4.8.2013 14:22:21
MBAM-log-2013-08-04 (14-41-49).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 229913
Uplynulý čas: 6 minut, 18 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Nebyla provedena žádná instrukce.
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (Adware.BProtector) -> Špatný: (c:\progra~2\browse~1\261339~1.144\{c16c1~1\browse~1.dll) Dobrý: () -> Nebyla provedena žádná instrukce.
Nalezené složky: 2
C:\Users\Guest\AppData\LocalLow\Funmoods (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
C:\Users\Guest\AppData\LocalLow\Funmoods\Funmoods (PUP.FunMoods) -> Nebyla provedena žádná instrukce.
Nalezené soubory: 1
C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll (Adware.BProtector) -> Nebyla provedena žádná instrukce.
(konec)
Re: Prosím pročistit.
Projel jsem počítač MBAM. Je už vše v pořádku nebo je třeba ještě něco pročistit?
Re: Prosím pročistit.
ak si dal najdene odstranit v MBAM, tak by mohlo byt hotovo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?