zápas s policejním virem...

[yugges]

Zdravím,

pokouším se prát s policejním virem - jde asi o jednu z novějších mutací, protože Kasperskeho CD mi zatím úspěch nepřineslo. Pročítal jsem si pár témat tady na fóru a chtěl jsem vyzkoušet HitmanPro a jeho KickStart (postup podle http://forum.viry.cz/viewtopic.php?f=29&t=132523). Dostanu se až do situace, kdy se po naběhnutí spustí jeho okno a k výběru jednorázového scanu, ale pak končím na tom, že se neumí připojit k síti a po 5 minutách to "ukončí".
Je to na nějakým malým EEEčku s Win7 Starter. Síťovku bych si dovolil považovat za zdravou, jelikož to "Kasperskyho CD" se bez problémů na tom samém kousku aktualizuje.

Poradíte mi někdo?

Díky, Martin

[vyosek]

Zdravim

Zkuste tento postup http://forum.viry.cz/viewtopic.php?f=24&t=130783

[yugges]

Zdravím, díky za radu.

Je možné to FRST spustit např. přes ERD Commander? Protože ten "fízl" mi tam i při spuštění s přík. řádkem MS DOS hodí po pár vteřinách obrázek Pana Becherovky...

MS

[vyosek]

Myslim ze by to melo jit

[yugges]

Tak tady je první log:

Spuštěný to bylo z instalačky Win7 , z příkazové řádky "opravných nástrojů"


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01
Ran by SYSTEM on MININT-KP9B7NP on 30-09-2013 14:59:35
Running from E:\
Windows 7 Starter (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet002
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKU\WIN7\...\Winlogon: [Shell] cmd.exe [ 2010-11-20] (Microsoft Corporation) <==== ATTENTION
HKU\WIN7\...\Command Processor: "C:\Users\WIN7\AppData\Local\t7z5hZARWN\DGSmw9eV.exe" <===== ATTENTION!
AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll [ 2013-09-24] ()

========================== Services (Whitelisted) =================

S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.)
S4 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-09-02] (Spigot, Inc.)
S4 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3419136 2013-09-24] (Bandoo Media Inc.)
S4 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1440080 2013-06-28] (LogMeIn Inc.)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
S4 Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [155344 2010-10-26] (Avanquest Software)
S4 TorchCrashHandler; C:\Users\WIN7\AppData\Local\Torch\Update\TorchCrashHandler.exe [1205088 2013-06-27] (TorchMedia Inc.)
S4 VideoDownloadConverter_4zService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [42504 2013-05-17] (COMPANYVERS_NAME)
S4 Winmgmt; C:\PROGRA~2\b34btbztdb0vavaw.exe [x]

==================== Drivers (Whitelisted) ====================

S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [119592 2012-10-17] (ELAN Microelectronics Corp.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-30 14:59 - 2013-09-30 14:59 - 00000000 ____D C:\FRST
2013-09-27 15:33 - 2013-09-27 15:33 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-27 15:26 - 2013-09-27 15:26 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-27 13:54 - 2013-09-27 13:54 - 00003368 ____N C:\bootsqm.dat
2013-09-26 17:11 - 2013-09-27 15:50 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-09-26 13:03 - 2013-09-26 13:05 - 00000000 ____D C:\Users\WIN7\AppData\Local\t7z5hZARWN
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Roaming\VAyQjp8zx8K
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Local\tTBDtPZd0
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\ProgramData\xaQ2Nkho4L
2013-09-25 12:55 - 2013-09-25 12:56 - 00003531 _____ C:\Users\WIN7\Desktop\.TMP
2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-24 19:20 - 2013-09-24 19:20 - 00001251 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2013-09-24 19:20 - 2013-09-24 19:20 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-09-24 19:20 - 2013-09-24 19:20 - 00000000 ____D C:\ProgramData\APN
2013-09-24 19:19 - 2013-09-24 19:19 - 00000000 ____D C:\Program Files\GreenTree Applications
2013-09-24 19:17 - 2013-09-24 19:19 - 10995784 _____ C:\Users\WIN7\Desktop\YTDSetup.exe
2013-09-24 18:54 - 2013-09-27 14:42 - 00000000 ____D C:\ProgramData\Datamngr
2013-09-21 10:47 - 2013-09-21 10:48 - 39154360 _____ (Social Safe Limited) C:\Users\WIN7\Desktop\SocialSafe-installer.exe
2013-09-11 21:12 - 2013-08-10 04:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-11 21:12 - 2013-08-10 04:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-11 21:12 - 2013-08-10 04:59 - 00042496 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-11 21:12 - 2013-08-10 04:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-09-11 21:12 - 2013-08-10 04:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-09-11 21:12 - 2013-08-10 04:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-09-11 21:12 - 2013-08-10 03:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-11 15:07 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-09-11 15:07 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-09-11 15:06 - 2013-08-08 02:03 - 02348544 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-09-11 15:06 - 2013-08-05 02:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys
2013-09-11 15:06 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-09-11 15:06 - 2013-08-02 02:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-09-11 15:06 - 2013-08-02 02:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-09-11 15:06 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 15:06 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Dealio Toolbar
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Application Updater
2013-09-09 21:11 - 2013-09-09 21:11 - 01211837 _____ (ImageTopTeam, Inc. ) C:\Users\WIN7\Downloads\Stream-Recorder-Net.exe
2013-09-09 19:20 - 2013-09-09 19:20 - 00785032 _____ (Google Inc.) C:\Users\WIN7\Downloads\googleupdatesetup.exe
2013-09-09 19:09 - 2013-09-09 19:09 - 00000000 ____D C:\Users\WIN7\AppData\Local\CrashRpt
2013-09-09 19:08 - 2013-09-09 19:09 - 00000000 ____D C:\Users\WIN7\Desktop\Softonic
2013-09-09 19:08 - 2013-09-09 19:08 - 00000608 _____ C:\Users\WIN7\Desktop\Softonic.lnk
2013-09-09 19:04 - 2013-09-09 19:06 - 00392024 _____ (Softonic ) C:\Users\WIN7\Desktop\SoftonicDownloader_for_best-blacklist.exe
2013-09-02 17:31 - 2013-09-02 17:37 - 570570144 _____ (Microsoft Corporation) C:\Users\WIN7\Desktop\Microsoft Office.exe

==================== One Month Modified Files and Folders =======

2013-09-30 14:59 - 2013-09-30 14:59 - 00000000 ____D C:\FRST
2013-09-30 14:57 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-09-27 16:16 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-27 16:16 - 2009-07-14 05:34 - 00009696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-27 15:50 - 2013-09-26 17:11 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2013-09-27 15:33 - 2013-09-27 15:33 - 00000000 ____D C:\Program Files\HitmanPro
2013-09-27 15:26 - 2013-09-27 15:26 - 00000000 ____D C:\ProgramData\HitmanPro
2013-09-27 14:42 - 2013-09-24 18:54 - 00000000 ____D C:\ProgramData\Datamngr
2013-09-27 14:42 - 2012-10-17 03:29 - 01164435 _____ C:\Windows\WindowsUpdate.log
2013-09-27 14:36 - 2013-06-30 18:19 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2013-09-27 14:35 - 2009-07-14 05:39 - 00066787 _____ C:\Windows\setupact.log
2013-09-27 13:59 - 2013-04-08 19:53 - 00000000 ____D C:\Users\WIN7\AppData\Local\LogMeIn Hamachi
2013-09-27 13:54 - 2013-09-27 13:54 - 00003368 ____N C:\bootsqm.dat
2013-09-27 09:50 - 2009-07-14 03:37 - 00000000 ___RD C:\users\Public
2013-09-26 13:05 - 2013-09-26 13:03 - 00000000 ____D C:\Users\WIN7\AppData\Local\t7z5hZARWN
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Roaming\VAyQjp8zx8K
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Local\tTBDtPZd0
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\ProgramData\xaQ2Nkho4L
2013-09-26 12:59 - 2012-10-19 18:34 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\Skype
2013-09-26 12:04 - 2012-12-16 18:11 - 00000000 ____D C:\Users\WIN7\AppData\Roaming\Seznam.cz
2013-09-25 12:56 - 2013-09-25 12:55 - 00003531 _____ C:\Users\WIN7\Desktop\.TMP
2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-24 19:20 - 2013-09-24 19:20 - 00001251 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2013-09-24 19:20 - 2013-09-24 19:20 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2013-09-24 19:20 - 2013-09-24 19:20 - 00000000 ____D C:\ProgramData\APN
2013-09-24 19:19 - 2013-09-24 19:19 - 00000000 ____D C:\Program Files\GreenTree Applications
2013-09-24 19:19 - 2013-09-24 19:17 - 10995784 _____ C:\Users\WIN7\Desktop\YTDSetup.exe
2013-09-24 18:54 - 2013-06-30 18:10 - 00000000 ____D C:\ProgramData\Wincert
2013-09-21 10:48 - 2013-09-21 10:47 - 39154360 _____ (Social Safe Limited) C:\Users\WIN7\Desktop\SocialSafe-installer.exe
2013-09-20 16:34 - 2012-10-17 07:37 - 00034710 _____ C:\Windows\PFRO.log
2013-09-20 13:55 - 2012-10-17 11:58 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-09-20 13:55 - 2012-10-17 11:58 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-09-13 19:48 - 2013-03-22 20:38 - 00000000 ____D C:\Users\WIN7\Desktop\Pisnicky
2013-09-12 14:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-09-12 14:15 - 2009-07-14 05:33 - 00262216 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-11 21:11 - 2013-08-28 07:39 - 00000000 ____D C:\Windows\System32\MRT
2013-09-11 21:07 - 2012-10-17 09:18 - 76725432 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-09-10 18:12 - 2012-12-21 15:26 - 00000000 ____D C:\Users\WIN7\Desktop\Filmy
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Dealio Toolbar
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Application Updater
2013-09-09 21:11 - 2013-09-09 21:11 - 01211837 _____ (ImageTopTeam, Inc. ) C:\Users\WIN7\Downloads\Stream-Recorder-Net.exe
2013-09-09 19:20 - 2013-09-09 19:20 - 00785032 _____ (Google Inc.) C:\Users\WIN7\Downloads\googleupdatesetup.exe
2013-09-09 19:09 - 2013-09-09 19:09 - 00000000 ____D C:\Users\WIN7\AppData\Local\CrashRpt
2013-09-09 19:09 - 2013-09-09 19:08 - 00000000 ____D C:\Users\WIN7\Desktop\Softonic
2013-09-09 19:08 - 2013-09-09 19:08 - 00000608 _____ C:\Users\WIN7\Desktop\Softonic.lnk
2013-09-09 19:06 - 2013-09-09 19:04 - 00392024 _____ (Softonic ) C:\Users\WIN7\Desktop\SoftonicDownloader_for_best-blacklist.exe
2013-09-06 21:03 - 2013-06-30 18:16 - 00000000 ____D C:\Users\WIN7\AppData\Local\Torch
2013-09-06 20:44 - 2013-06-13 15:55 - 00000000 ____D C:\Users\WIN7\Documents\VirtualDJ
2013-09-02 18:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF
2013-09-02 17:37 - 2013-09-02 17:31 - 570570144 _____ (Microsoft Corporation) C:\Users\WIN7\Desktop\Microsoft Office.exe

Files to move or delete:
====================
C:\Users\WIN7\AppData\Local\t7z5hZARWN\DGSmw9eV.exe


Some content of TEMP:
====================
C:\Users\WIN7\AppData\Local\Temp\ApnStub.exe
C:\Users\WIN7\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\WIN7\AppData\Local\Temp\i4jdel0.exe
C:\Users\WIN7\AppData\Local\Temp\Minecraft-1.5.1-CRACKED.exe
C:\Users\WIN7\AppData\Local\Temp\MybabylonTB.exe
C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.dll
C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.exe
C:\Users\WIN7\AppData\Local\Temp\propsys.dll
C:\Users\WIN7\AppData\Local\Temp\setup.exe
C:\Users\WIN7\AppData\Local\Temp\SkypeSetup.exe
C:\Users\WIN7\AppData\Local\Temp\Softonic_EN_1-5-1.exe
C:\Users\WIN7\AppData\Local\Temp\Updater.exe
C:\Users\WIN7\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

13
Restore point made on: 2013-07-29 21:32:31
Restore point made on: 2013-07-31 08:35:05
Restore point made on: 2013-07-31 16:30:33
Restore point made on: 2013-08-03 18:55:47
Restore point made on: 2013-08-08 15:16:11
Restore point made on: 2013-08-27 20:15:58
Restore point made on: 2013-08-28 07:15:37
Restore point made on: 2013-09-03 15:14:09
Restore point made on: 2013-09-06 15:53:09
Restore point made on: 2013-09-10 16:26:47
Restore point made on: 2013-09-11 21:06:39
Restore point made on: 2013-09-17 15:38:25
Restore point made on: 2013-09-24 19:21:00

==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 1014.18 MB
Available physical RAM: 605.67 MB
Total Pagefile: 1014.18 MB
Available Pagefile: 623.94 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.74 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:232.88 GB) (Free:139.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (GRMCPRFREO_CS_DVD) (CDROM) (Total:2.23 GB) (Free:0 GB) UDF
Drive e: (BLACKKING) (Removable) (Total:7.44 GB) (Free:3.05 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: CB5BD2B2)
Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7 GB) (Disk ID: F118F118)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)


LastRegBack: 2013-09-02 05:50

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [] - [x]
  HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
  HKU\WIN7\...\Winlogon: [Shell] cmd.exe [ 2010-11-20] (Microsoft Corporation) <==== ATTENTION
  HKU\WIN7\...\Command Processor: "C:\Users\WIN7\AppData\Local\t7z5hZARWN\DGSmw9eV.exe" <===== ATTENTION!
  AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll [ 2013-09-24] ()
  
  S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.)
  S4 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-09-02] (Spigot, Inc.)
  S4 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3419136 2013-09-24] (Bandoo Media Inc.)
  S4 TorchCrashHandler; C:\Users\WIN7\AppData\Local\Torch\Update\TorchCrashHandler.exe [1205088 2013-06-27] (TorchMedia Inc.)
  S4 Winmgmt; C:\PROGRA~2\b34btbztdb0vavaw.exe [x]
  
  2013-09-26 13:03 - 2013-09-26 13:05 - 00000000 ____D C:\Users\WIN7\AppData\Local\t7z5hZARWN
  2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Roaming\VAyQjp8zx8K
  2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Local\tTBDtPZd0
  2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\ProgramData\xaQ2Nkho4L
  2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
  2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\Program Files\AskPartnerNetwork
  2013-09-24 19:20 - 2013-09-24 19:20 - 00000000 ____D C:\ProgramData\APN
  2013-09-24 18:54 - 2013-09-27 14:42 - 00000000 ____D C:\ProgramData\Datamngr
  2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Dealio Toolbar
  2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Common Files\Spigot
  2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Application Updater
  C:\Program Files\Movies Toolbar
  C:\Users\WIN7\AppData\Local\t7z5hZARWN\
  C:\Users\WIN7\AppData\Local\Temp\ApnStub.exe
  C:\Users\WIN7\AppData\Local\Temp\BundleSweetIMSetup.exe
  C:\Users\WIN7\AppData\Local\Temp\i4jdel0.exe
  C:\Users\WIN7\AppData\Local\Temp\Minecraft-1.5.1-CRACKED.exe
  C:\Users\WIN7\AppData\Local\Temp\MybabylonTB.exe
  C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.dll
  C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.exe
  C:\Users\WIN7\AppData\Local\Temp\propsys.dll
  C:\Users\WIN7\AppData\Local\Temp\setup.exe
  C:\Users\WIN7\AppData\Local\Temp\SkypeSetup.exe
  C:\Users\WIN7\AppData\Local\Temp\Softonic_EN_1-5-1.exe
  C:\Users\WIN7\AppData\Local\Temp\Updater.exe
  C:\Users\WIN7\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
  
  Hosts:
  CMD: shutdown /r /f /t 2
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[yugges]

Tady je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2013 01
Ran by SYSTEM at 2013-09-30 15:42:57 Run:1
Running from E:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [] - [x]
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKU\WIN7\...\Winlogon: [Shell] cmd.exe [ 2010-11-20] (Microsoft Corporation) <==== ATTENTION
HKU\WIN7\...\Command Processor: "C:\Users\WIN7\AppData\Local\t7z5hZARWN\DGSmw9eV.exe" <===== ATTENTION!
AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll [ 2013-09-24] ()

S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [164816 2013-08-20] (APN LLC.)
S4 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-09-02] (Spigot, Inc.)
S4 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3419136 2013-09-24] (Bandoo Media Inc.)
S4 TorchCrashHandler; C:\Users\WIN7\AppData\Local\Torch\Update\TorchCrashHandler.exe [1205088 2013-06-27] (TorchMedia Inc.)
S4 Winmgmt; C:\PROGRA~2\b34btbztdb0vavaw.exe [x]

2013-09-26 13:03 - 2013-09-26 13:05 - 00000000 ____D C:\Users\WIN7\AppData\Local\t7z5hZARWN
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Roaming\VAyQjp8zx8K
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\Users\WIN7\AppData\Local\tTBDtPZd0
2013-09-26 13:03 - 2013-09-26 13:03 - 00197632 _____ C:\ProgramData\xaQ2Nkho4L
2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-09-24 19:21 - 2013-09-24 19:21 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-09-24 19:20 - 2013-09-24 19:20 - 00000000 ____D C:\ProgramData\APN
2013-09-24 18:54 - 2013-09-27 14:42 - 00000000 ____D C:\ProgramData\Datamngr
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Dealio Toolbar
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Common Files\Spigot
2013-09-10 13:21 - 2013-09-10 13:21 - 00000000 ____D C:\Program Files\Application Updater
C:\Program Files\Movies Toolbar
C:\Users\WIN7\AppData\Local\t7z5hZARWN\
C:\Users\WIN7\AppData\Local\Temp\ApnStub.exe
C:\Users\WIN7\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\WIN7\AppData\Local\Temp\i4jdel0.exe
C:\Users\WIN7\AppData\Local\Temp\Minecraft-1.5.1-CRACKED.exe
C:\Users\WIN7\AppData\Local\Temp\MybabylonTB.exe
C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.dll
C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.exe
C:\Users\WIN7\AppData\Local\Temp\propsys.dll
C:\Users\WIN7\AppData\Local\Temp\setup.exe
C:\Users\WIN7\AppData\Local\Temp\SkypeSetup.exe
C:\Users\WIN7\AppData\Local\Temp\Softonic_EN_1-5-1.exe
C:\Users\WIN7\AppData\Local\Temp\Updater.exe
C:\Users\WIN7\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore => Value deleted successfully.
HKU\WIN7\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\WIN7\Software\Microsoft\Command Processor\\AutoRun => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
APNMCP => Service deleted successfully.
Application Updater => Service deleted successfully.
DatamngrCoordinator => Service deleted successfully.
TorchCrashHandler => Service deleted successfully.
Winmgmt => Service restored successfully.
C:\Users\WIN7\AppData\Local\t7z5hZARWN => Moved successfully.
C:\Users\WIN7\AppData\Roaming\VAyQjp8zx8K => Moved successfully.
C:\Users\WIN7\AppData\Local\tTBDtPZd0 => Moved successfully.
C:\ProgramData\xaQ2Nkho4L => Moved successfully.
C:\ProgramData\AskPartnerNetwork => Moved successfully.
C:\Program Files\AskPartnerNetwork => Moved successfully.
C:\ProgramData\APN => Moved successfully.
C:\ProgramData\Datamngr => Moved successfully.
C:\Program Files\Dealio Toolbar => Moved successfully.
C:\Program Files\Common Files\Spigot => Moved successfully.
C:\Program Files\Application Updater => Moved successfully.
C:\Program Files\Movies Toolbar => Moved successfully.
"C:\Users\WIN7\AppData\Local\t7z5hZARWN\" => File/Directory not found.
C:\Users\WIN7\AppData\Local\Temp\ApnStub.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\BundleSweetIMSetup.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\Minecraft-1.5.1-CRACKED.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\MybabylonTB.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.dll => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\ooabraylyhtkkjancrd.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\propsys.dll => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\setup.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\Softonic_EN_1-5-1.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\Updater.exe => Moved successfully.
C:\Users\WIN7\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

[vyosek]

Fajn, FRST nam udelalo co melo...

Da se nyni jiz spustit PC v normalnim rezimu, pripadne dejte log z RSIT

[yugges]

Zdravím.

PC se dá spustit bez zemanovo xichta, nedělal jsem s ním zatím nic dalšího, jen jsem se zkusil kouknout jen na msconfig, jak se to naposled spouštělo, je to nějakej hybrid mezi tím, co jsem zvládnul nastavit během několika málo sekund mezi Kasperskeho CDčkem a pokusem o start do příkaz. řádky kvůli spuštění RogueKillera a "plnym" startem.... Takže funkčnost zatím spíš nic než moc... (např. neběží korektně ovladače zvukovky). RSIT log se pokusím dát zítra dopoledne

Zatím dobrou , MS

[vyosek]

OK, pockam si na RSIT a pak s tim zkusime neco udelat

[yugges]

dobře rano, zde log z rsit:

Logfile of random's system information tool 1.09 (written by random/random)
Run by WIN7 at 2013-10-01 09:25:48
WIN_7 Service Pack 1
System drive C: has 143 GB (60%) free of 238 GB
Total RAM: 1014 MB (58% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-701422995-3309736128-4025207364-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-701422995-3309736128-4025207364-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\IE\7.6\dealioToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbar.dll [2013-05-17 708168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5347542D-5637-006A-76A7-7A786E7484D7}]
Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\SGT-V7\Passport.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-09 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-27 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-08-14 4533120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2013-05-17 62864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-09 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ec2bae47-25af-4ce9-9e78-10627a49c9ea}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2013-05-17 708168]
{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-08-27 192592]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\IE\7.6\dealioToolbarIE.dll []
{5347542D-5637-006A-76A7-7A786E7484D7} - Ask Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\SGT-V7\Passport.dll []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\WIN7\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\WIN7\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DGSmw9eV.exe]
C:\Users\WIN7\AppData\Local\t7z5hZARWN\DGSmw9eV.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2012-10-17 1813800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\WIN7\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-17 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-10-17 174360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-10-17 142104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2013-06-28 2255184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-10-17 150808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowDesktopAsRun]
C:\Users\WIN7\Desktop\obrazky\StartMenu\desktop.scf []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19876968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Softonic for Windows]
C:\Users\WIN7\Desktop\Softonic\Softonic.exe [2013-07-03 3973616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2010-11-16 422912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartMenu]
C:\Users\WIN7\Desktop\obrazky\StartMenu\StartMenu.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysUpdateHelper]
C:\Users\WIN7\AppData\Roaming\update_tc\update.exe [2013-05-15 712783]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter Search Scope Monitor]
C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2013-05-17 44784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoDownloadConverter_4z Browser Plugin Loader]
C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbrmon.exe [2013-05-17 30096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-17 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-01 09:25:49 ----D---- C:\Program Files\trend micro
2013-10-01 09:25:48 ----D---- C:\rsit
2013-09-30 15:59:28 ----D---- C:\FRST
2013-09-27 16:33:50 ----D---- C:\Program Files\HitmanPro
2013-09-27 16:26:08 ----D---- C:\ProgramData\HitmanPro
2013-09-27 14:54:56 ----N---- C:\bootsqm.dat
2013-09-26 18:11:27 ----AD---- C:\Kaspersky Rescue Disk 10.0
2013-09-24 20:20:20 ----D---- C:\ProgramData\YTD Video Downloader
2013-09-24 20:19:53 ----D---- C:\Program Files\GreenTree Applications
2013-09-11 22:12:57 ----A---- C:\Windows\system32\jscript.dll
2013-09-11 22:12:55 ----A---- C:\Windows\system32\jscript9.dll
2013-09-11 22:12:53 ----A---- C:\Windows\system32\jsproxy.dll
2013-09-11 22:12:53 ----A---- C:\Windows\system32\iesetup.dll
2013-09-11 22:12:52 ----A---- C:\Windows\system32\ieui.dll
2013-09-11 22:12:51 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 22:12:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-09-11 22:12:51 ----A---- C:\Windows\system32\iernonce.dll
2013-09-11 22:12:51 ----A---- C:\Windows\system32\ie4uinit.exe
2013-09-11 22:12:50 ----A---- C:\Windows\system32\urlmon.dll
2013-09-11 22:12:50 ----A---- C:\Windows\system32\iesysprep.dll
2013-09-11 22:12:49 ----A---- C:\Windows\system32\iertutil.dll
2013-09-11 22:12:45 ----A---- C:\Windows\system32\wininet.dll
2013-09-11 22:12:43 ----A---- C:\Windows\system32\ieframe.dll
2013-09-11 22:12:37 ----A---- C:\Windows\system32\mshtml.dll
2013-09-11 16:07:17 ----A---- C:\Windows\system32\shell32.dll
2013-09-11 16:07:16 ----A---- C:\Windows\system32\shdocvw.dll
2013-09-11 16:06:34 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-09-11 16:06:32 ----A---- C:\Windows\system32\win32k.sys
2013-09-11 16:06:30 ----A---- C:\Windows\system32\winsrv.dll
2013-09-11 16:06:30 ----A---- C:\Windows\system32\KernelBase.dll
2013-09-11 16:06:30 ----A---- C:\Windows\system32\kernel32.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 16:06:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 16:06:29 ----A---- C:\Windows\system32\conhost.exe
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 16:06:28 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

======List of files/folders modified in the last 1 month======

2013-10-01 09:25:49 ----RD---- C:\Program Files
2013-10-01 09:03:24 ----SD---- C:\ProgramData\Microsoft
2013-09-30 16:43:03 ----D---- C:\Windows\system32\drivers\etc
2013-09-30 16:43:00 ----HD---- C:\ProgramData
2013-09-30 16:43:00 ----D---- C:\Program Files\Common Files
2013-09-30 15:57:21 ----D---- C:\Windows\system32\LogFiles
2013-09-28 01:31:09 ----SHD---- C:\System Volume Information
2013-09-27 17:23:38 ----D---- C:\Windows\system32\drivers
2013-09-27 15:47:17 ----A---- C:\Windows\ntbtlog.txt
2013-09-27 15:42:46 ----D---- C:\Windows\Temp
2013-09-27 15:36:07 ----D---- C:\ProgramData\TorchCrashHandler
2013-09-26 14:05:04 ----D---- C:\Windows\system32\config
2013-09-26 13:59:10 ----D---- C:\Users\WIN7\AppData\Roaming\Skype
2013-09-26 13:04:04 ----D---- C:\Users\WIN7\AppData\Roaming\Seznam.cz
2013-09-24 20:22:34 ----SHD---- C:\Windows\Installer
2013-09-24 19:54:55 ----D---- C:\ProgramData\Wincert
2013-09-20 14:55:32 ----D---- C:\Windows\System32
2013-09-20 14:55:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-09-12 15:29:56 ----D---- C:\Windows\Microsoft.NET
2013-09-12 15:28:47 ----RSD---- C:\Windows\assembly
2013-09-12 15:15:38 ----D---- C:\Windows\winsxs
2013-09-12 15:12:49 ----D---- C:\Program Files\Internet Explorer
2013-09-12 15:12:48 ----D---- C:\Windows\system32\cs-CZ
2013-09-12 15:12:43 ----D---- C:\Windows\system32\DriverStore
2013-09-11 22:13:28 ----D---- C:\Windows\system32\catroot2
2013-09-11 22:13:25 ----D---- C:\Windows\system32\catroot
2013-09-11 22:11:50 ----D---- C:\Windows\system32\MRT
2013-09-11 22:07:05 ----A---- C:\Windows\system32\MRT.exe
2013-09-03 06:56:59 ----SD---- C:\Users\WIN7\AppData\Roaming\Microsoft
2013-09-02 19:11:22 ----D---- C:\Windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-17 119592]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-10-17 4815872]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x86.sys [2009-07-14 50688]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-20 257416]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-16 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-16 116648]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-12-16 194032]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2013-06-28 1440080]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]
S4 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~1\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2013-05-17 42504]

-----------------EOF-----------------

[vyosek]

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[yugges]

zde log z jrt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Starter x86
Ran by WIN7 on Łt 01.10.2013 at 9:37:24,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-701422995-3309736128-4025207364-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.api.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\webcakeieclient.layers.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\webcakeieclient.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{13119113-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{33119133-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividmoviestoolbardla
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dealio
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.dynamicbarbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.dynamicbarbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.feedmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.feedmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlmenu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlmenu.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.htmlpanel.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.multiplebutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.multiplebutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.pseudotransparentplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.pseudotransparentplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radio
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radio.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radiosettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.radiosettings.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.scriptbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.scriptbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.settingsplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.settingsplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.skinlauncher
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.skinlauncher.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.thirdpartyinstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.thirdpartyinstaller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.urlalertbutton
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.urlalertbutton.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.xmlsessionplugin
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\videodownloadconverter_4z.xmlsessionplugin.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbardlaie
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\videodownloadconverter_4zbar uninstall
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c4ed781c-7394-4906-aaff-d6ab64ff7c38}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{06EE8207-0A43-4240-9347-B251EBC46711}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D925B2B4-E6B1-49E6-BAFC-BA178F53AC7A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ec2bae47-25af-4ce9-9e78-10627a49c9ea}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{ec2bae47-25af-4ce9-9e78-10627a49c9ea}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ec2bae47-25af-4ce9-9e78-10627a49c9ea}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\torchcrashhandler"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\WIN7\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\local\ilivid"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\locallow\dealio"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\locallow\ilividmoviestoolbardla"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Users\WIN7\appdata\locallow\videodownloadconverter_4z"
Successfully deleted: [Folder] "C:\Program Files\video download converter"
Successfully deleted: [Folder] "C:\Program Files\videodownloadconverter_4z"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 01.10.2013 at 9:45:10,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[yugges]

zde log z adwcleaneru:

# AdwCleaner v3.006 - Report created 01/10/2013 at 09:49:42
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : WIN7 - WIN7-PC
# Running from : C:\Users\WIN7\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : VideoDownloadConverter_4zService

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\Users\WIN7\AppData\Local\Temp\apn
Folder Deleted : C:\Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
Folder Deleted : C:\Users\WIN7\Desktop\Softonic
File Deleted : C:\Users\WIN7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{747C9528-2D6E-4F72-B4BF-9CC16AB0BCFA}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{747C9528-2D6E-4F72-B4BF-9CC16AB0BCFA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EC2BAE47-25AF-4CE9-9E78-10627A49C9EA}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Key Deleted : HKCU\Software\Dealio
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\ilividmoviestoolbardla
Key Deleted : HKLM\Software\Dealio
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v

[ File : C:\Users\WIN7\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\WIN7\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8660 octets] - [01/10/2013 09:48:11]
AdwCleaner[S0].txt - [8669 octets] - [01/10/2013 09:49:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8729 octets] ##########

[vyosek]

Presunte FRST z flash disku na plochu

Dle tohoto navodu aplikujte FRSTLauncher (FRST stahovat jiz nemusite) http://forum.viry.cz/viewtopic.php?f=24&t=132509