Prosím o kontrolu, pomalý PC. Děkuji.

Zpráva

bjes_des · #1 Příspěvek od **bjes_des** » 28 pro 2013 21:55

Logfile of random's system information tool 1.09 (written by random/random)
Run by bjes_des at 2013-12-28 21:49:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 671 MB (2%) free of 31 GB
Total RAM: 1790 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:08, on 28.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\taskhost.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Downloads\RSIT (2).exe
C:\Program Files\trend micro\bjes_des.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/ig?hl=cs
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\b0514676-a388-4547-9649-2bff03de4d22.exe /check
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: SimilarSites - {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - C:\Program Files\SimilarSites\similarsites.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 5161 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-03 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-03 606544]
{FE69C007-C452-4d3e-86D2-1730DF8BC871} - SimilarSites - C:\Program Files\SimilarSites\similarsites.dll [2012-02-01 316928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-03 3568312]
""= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"20131224"=C:\Program Files\AVAST Software\Avast\setup\emupdate\b0514676-a388-4547-9649-2bff03de4d22.exe [2013-12-28 181136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2516296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader Application Helper]
C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [2013-11-27 899400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-02-28 18642024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-09-17 5703920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2013-08-27 248208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TurboHddUsb]
C:\Program Files\TurboHddUsb\TurboHddUsb.exe [2012-01-23 3994112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FMVC"=fmcodec.dll
"vidc.dvsd"=pdvcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-22 19:14:49 ----D---- C:\Program Files\Tracker Software
2013-12-21 14:55:15 ----D---- C:\ProgramData\YTD Video Downloader
2013-12-17 11:03:41 ----D---- C:\Windows\system32\Adobe
2013-12-11 22:02:47 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 22:02:41 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 21:59:52 ----A---- C:\Windows\system32\jscript.dll
2013-12-11 21:59:48 ----A---- C:\Windows\system32\jscript9.dll
2013-12-11 21:59:44 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-11 21:59:43 ----A---- C:\Windows\system32\iesetup.dll
2013-12-11 21:59:42 ----A---- C:\Windows\system32\ieui.dll
2013-12-11 21:59:39 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-11 21:59:38 ----A---- C:\Windows\system32\iernonce.dll
2013-12-11 21:59:38 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-11 21:59:35 ----A---- C:\Windows\system32\urlmon.dll
2013-12-11 21:59:35 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-11 21:59:33 ----A---- C:\Windows\system32\iertutil.dll
2013-12-11 21:59:28 ----A---- C:\Windows\system32\wininet.dll
2013-12-11 21:59:25 ----A---- C:\Windows\system32\ieframe.dll
2013-12-11 21:59:16 ----A---- C:\Windows\system32\mshtml.dll
2013-12-11 14:20:41 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 14:20:40 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 14:20:30 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 14:20:16 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-11 14:20:11 ----A---- C:\Windows\system32\wscript.exe
2013-12-11 14:20:11 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 14:20:10 ----A---- C:\Windows\system32\cscript.exe
2013-12-11 14:20:07 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 14:19:58 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 14:19:57 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-04 18:51:59 ----D---- C:\ProgramData\Zoner
2013-12-03 10:07:15 ----D---- C:\Users\bjes_des\AppData\Roaming\AVAST Software

======List of files/folders modified in the last 1 month======

2013-12-28 21:50:08 ----D---- C:\Program Files\trend micro
2013-12-28 21:49:58 ----D---- C:\Windows\Prefetch
2013-12-28 21:48:55 ----D---- C:\rsit
2013-12-28 20:18:22 ----SHD---- C:\System Volume Information
2013-12-28 13:31:24 ----D---- C:\Windows\Temp
2013-12-28 11:13:32 ----A---- C:\Windows\ntbtlog.txt
2013-12-28 10:42:08 ----D---- C:\Windows\system32\config
2013-12-28 09:29:43 ----D---- C:\Windows\system32\catroot2
2013-12-27 19:30:50 ----D---- C:\Windows\system32\NDF
2013-12-24 10:42:19 ----D---- C:\Windows\System32
2013-12-24 10:42:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-24 10:42:18 ----D---- C:\Windows\inf
2013-12-22 19:14:49 ----RD---- C:\Program Files
2013-12-22 10:18:29 ----D---- C:\ProgramData\CanonIJPLM
2013-12-21 14:55:15 ----HD---- C:\ProgramData
2013-12-19 08:08:59 ----SHD---- C:\Config.Msi
2013-12-18 14:57:40 ----SHD---- C:\Windows\Installer
2013-12-17 11:04:01 ----D---- C:\Windows\winsxs
2013-12-12 08:37:58 ----D---- C:\Windows\system32\cs-CZ
2013-12-12 08:37:54 ----D---- C:\Program Files\Windows Media Player
2013-12-12 08:37:53 ----D---- C:\Program Files\Internet Explorer
2013-12-12 08:37:40 ----D---- C:\Windows\system32\DriverStore
2013-12-12 08:37:39 ----D---- C:\Windows\system32\drivers
2013-12-11 22:09:04 ----D---- C:\Windows\system32\MRT
2013-12-11 22:04:20 ----A---- C:\Windows\system32\MRT.exe
2013-12-11 22:03:21 ----D---- C:\Windows\system32\catroot
2013-12-10 23:04:41 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 09:57:07 ----D---- C:\Program Files\Google
2013-12-07 18:48:27 ----D---- C:\Program Files\Common Files\Sony Shared
2013-12-03 10:04:33 ----D---- C:\Windows\system32\Tasks
2013-12-03 10:04:01 ----D---- C:\Windows
2013-12-03 10:03:57 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-03 09:58:41 ----D---- C:\ProgramData\AVAST Software
2013-11-30 19:30:55 ----D---- C:\Program Files\LibreOffice 4.0
2013-11-30 19:30:38 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-12-03 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-03 178304]
R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2013-03-16 14352]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-12-03 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-03 774392]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-03 403440]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-12-03 57672]
R1 FNETURPX;FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [2012-01-23 7936]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-12-03 35656]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-03 70384]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-09-01 140376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2010-03-31 379904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 FNETTBOH_120;FNETTBOH_120; C:\Windows\System32\drivers\FNETTBOH_120.SYS [2012-01-23 24192]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s1029bus;Sony Ericsson Device 1029 driver (WDM); C:\Windows\system32\DRIVERS\s1029bus.sys [2009-05-25 90280]
S3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1029mdfl.sys [2009-05-25 15016]
S3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1029mdm.sys [2009-05-25 122280]
S3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1029mgmt.sys [2009-05-25 115880]
S3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1029nd5.sys [2009-05-25 26024]
S3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1029obex.sys [2009-05-25 111912]
S3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1029unic.sys [2009-05-25 116904]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-09-15 116608]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-03 50344]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-23 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-23 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2013-11-26 73728]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-25 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 28 pro 2013 22:08

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

bjes_des · #3 Příspěvek od **bjes_des** » 28 pro 2013 22:57

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x86
Ran by bjes_des on so 28.12.2013 at 22:37:11,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ib updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_installer_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_installer_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\similarsites
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_google-chrome_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_google-chrome_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BD337023-3A2E-46D0-8857-5C3C4C0674BB}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Program Files\perion"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 28.12.2013 at 22:51:11,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.016 - Report created 28/12/2013 at 22:45:54
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : bjes_des - BJES_DES-PC
# Running from : C:\Users\bjes_des\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\user.js
Folder Found : C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Found C:\Program Files\GreenTree Applications
Folder Found C:\Program Files\SimilarSites
Folder Found C:\Users\bjes_des\AppData\Roaming\SimilarSites

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKCU\Software\ParetoLogic
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\ParetoLogic
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SimilarSites
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v

[ File : C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2784 octets] - [28/12/2013 22:45:54]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2844 octets] ##########

#4 Příspěvek od **vyosek** » 28 pro 2013 23:04

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

bjes_des · #5 Příspěvek od **bjes_des** » 28 pro 2013 23:27

# AdwCleaner v3.016 - Report created 28/12/2013 at 23:20:38
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : bjes_des - BJES_DES-PC
# Running from : C:\Users\bjes_des\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Users\bjes_des\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
File Deleted : C:\Program Files\Mozilla Firefox\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SimilarSites
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v

[ File : C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2924 octets] - [28/12/2013 22:45:54]
AdwCleaner[R1].txt - [2899 octets] - [28/12/2013 23:16:51]
AdwCleaner[S0].txt - [2876 octets] - [28/12/2013 23:20:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2936 octets] ##########

#6 Příspěvek od **vyosek** » 29 pro 2013 11:56

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

bjes_des · #7 Příspěvek od **bjes_des** » 29 pro 2013 12:56

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2013
Ran by bjes_des (administrator) on BJES_DES-PC on 29-12-2013 12:47:17
Running from C:\Users\bjes_des\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\bjes_des\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-12-03] (AVAST Software)
HKLM\...\Run: [] - [x]
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
MountPoints2: {eb2af49b-9620-11e1-9342-00269e48f4ca} - E:\Startme.exe
HKU\Default\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] - %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/ig?hl=cs
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKLM - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 10.0.20.53 10.0.20.10

Chrome:
=======
CHR HomePage: https://news.google.cz/nwshp?hl=cs&tab= ... CAsQqS4oCA
CHR RestoreOnStartup: "hxxp://www.ighome.com/?t=379213"
CHR Plugin: (Shockwave Flash) - C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U15) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Reader Application Detector) - C:\Program Files\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\Windows\system32\npDeployJava1.dll No File
CHR Extension: (YouTube) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (FlashFree) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebmieckllmmifjjbipnppinpiohpfahm\2.1.1_0
CHR Extension: (AdBlock) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Mail Checker) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Google Wallet) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (CraterLake) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcamgplnhlcjkmbgobjbadbokkllhhgc\1.0_0
CHR Extension: (Gmail) - C:\Users\bjes_des\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\bjes_des\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-15] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-03] (AVAST Software)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [35656 2013-12-03] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [20624 2012-10-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2013-12-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [774392 2013-12-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [403440 2013-12-03] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2013-12-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178304 2013-12-03] ()
S3 FNETTBOH_120; C:\Windows\System32\drivers\FNETTBOH_120.SYS [24192 2012-01-23] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [7936 2012-01-23] (FNet Co., Ltd.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [379904 2010-03-31] (Realtek Semiconductor Corporation )
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [90280 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [15016 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [122280 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [115880 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [26024 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [111912 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [116904 2009-05-25] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-29 12:47 - 2013-12-29 12:47 - 00009604 _____ C:\Users\bjes_des\Desktop\FRST.txt
2013-12-29 12:47 - 2013-12-29 12:47 - 00000000 ____D C:\FRST
2013-12-29 12:43 - 2013-12-29 12:42 - 00112640 _____ (forum.viry.cz) C:\Users\bjes_des\Desktop\FRSTLauncher.exe
2013-12-29 12:21 - 2013-12-29 12:19 - 01064131 _____ (Farbar) C:\Users\bjes_des\Desktop\FRST.exe
2013-12-28 22:51 - 2013-12-28 22:51 - 00003082 _____ C:\Users\bjes_des\Desktop\JRT.txt
2013-12-28 22:45 - 2013-12-28 23:21 - 00000000 ____D C:\AdwCleaner
2013-12-28 22:38 - 2013-12-28 22:36 - 01233962 _____ C:\Users\bjes_des\Desktop\adwcleaner.exe
2013-12-28 22:38 - 2013-12-28 22:36 - 01034531 _____ (Thisisu) C:\Users\bjes_des\Desktop\JRT.exe
2013-12-28 22:36 - 2013-12-28 22:36 - 00000000 ____D C:\Windows\ERUNT
2013-12-23 00:24 - 2013-12-23 00:24 - 00000000 ____D C:\Users\bjes_des\AppData\Local\Tracker Software
2013-12-22 19:15 - 2013-12-22 19:15 - 00001171 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2013-12-22 19:14 - 2013-12-22 19:15 - 00000000 ____D C:\Program Files\Tracker Software
2013-12-17 11:03 - 2013-12-17 11:03 - 00000000 ____D C:\Windows\system32\Adobe
2013-12-11 22:02 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 22:02 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 21:59 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 21:59 - 2013-10-25 05:45 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 21:59 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 21:59 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 21:59 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 21:59 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 14:20 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 14:20 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 14:20 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 14:20 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 14:20 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 14:20 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 14:20 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 14:20 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 14:20 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 14:19 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 14:19 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-07 18:48 - 2013-12-07 18:48 - 00002023 _____ C:\Users\Public\Desktop\Reader for PC.lnk
2013-12-04 18:51 - 2013-12-04 18:51 - 00000000 ____D C:\ProgramData\Zoner
2013-12-03 10:07 - 2013-12-03 10:07 - 00000000 ____D C:\Users\bjes_des\AppData\Roaming\AVAST Software
2013-12-03 10:04 - 2013-12-03 10:04 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-30 19:29 - 2013-11-30 19:29 - 00001054 _____ C:\Users\Public\Desktop\LibreOffice 4.0.lnk

==================== One Month Modified Files and Folders =======

2013-12-29 12:47 - 2013-12-29 12:47 - 00009604 _____ C:\Users\bjes_des\Desktop\FRST.txt
2013-12-29 12:47 - 2013-12-29 12:47 - 00000000 ____D C:\FRST
2013-12-29 12:42 - 2013-12-29 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\bjes_des\Desktop\FRSTLauncher.exe
2013-12-29 12:26 - 2012-01-23 18:27 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001UA.job
2013-12-29 12:19 - 2013-12-29 12:21 - 01064131 _____ (Farbar) C:\Users\bjes_des\Desktop\FRST.exe
2013-12-29 12:04 - 2013-04-15 06:12 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-29 11:55 - 2012-08-23 21:02 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-29 11:46 - 2012-01-23 16:43 - 01281978 _____ C:\Windows\WindowsUpdate.log
2013-12-29 10:38 - 2012-11-15 18:05 - 00042172 _____ C:\Users\bjes_des\Desktop\Datainfo.ods
2013-12-29 09:15 - 2009-07-14 05:34 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-29 09:15 - 2009-07-14 05:34 - 00020688 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-29 09:08 - 2012-08-23 21:02 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-29 09:07 - 2013-09-19 08:04 - 00010774 _____ C:\Windows\setupact.log
2013-12-29 09:07 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 23:21 - 2013-12-28 22:45 - 00000000 ____D C:\AdwCleaner
2013-12-28 23:20 - 2012-10-04 16:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-28 22:51 - 2013-12-28 22:51 - 00003082 _____ C:\Users\bjes_des\Desktop\JRT.txt
2013-12-28 22:36 - 2013-12-28 22:38 - 01233962 _____ C:\Users\bjes_des\Desktop\adwcleaner.exe
2013-12-28 22:36 - 2013-12-28 22:38 - 01034531 _____ (Thisisu) C:\Users\bjes_des\Desktop\JRT.exe
2013-12-28 22:36 - 2013-12-28 22:36 - 00000000 ____D C:\Windows\ERUNT
2013-12-28 21:50 - 2012-08-01 11:56 - 00000000 ____D C:\Program Files\trend micro
2013-12-28 21:48 - 2012-08-01 11:56 - 00000000 ____D C:\rsit
2013-12-28 19:26 - 2012-01-23 18:27 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001Core.job
2013-12-27 19:30 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-24 10:42 - 2010-11-20 22:01 - 01470062 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-23 00:24 - 2013-12-23 00:24 - 00000000 ____D C:\Users\bjes_des\AppData\Local\Tracker Software
2013-12-22 19:15 - 2013-12-22 19:15 - 00001171 _____ C:\Users\Public\Desktop\PDF-Viewer.lnk
2013-12-22 19:15 - 2013-12-22 19:14 - 00000000 ____D C:\Program Files\Tracker Software
2013-12-22 10:18 - 2013-09-12 09:09 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-12-17 11:03 - 2013-12-17 11:03 - 00000000 ____D C:\Windows\system32\Adobe
2013-12-12 08:40 - 2009-07-14 05:33 - 00325400 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 22:09 - 2013-07-15 22:01 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 22:04 - 2012-02-07 10:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 23:04 - 2013-03-19 16:41 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 23:04 - 2012-01-23 17:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 09:57 - 2012-01-23 19:59 - 00000000 ____D C:\Program Files\Google
2013-12-09 20:24 - 2012-01-23 18:26 - 00071744 _____ C:\Users\bjes_des\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-07 18:48 - 2013-12-07 18:48 - 00002023 _____ C:\Users\Public\Desktop\Reader for PC.lnk
2013-12-07 18:48 - 2012-09-26 16:37 - 00000000 ____D C:\Users\bjes_des\AppData\Local\Sony Corporation
2013-12-07 18:48 - 2012-05-04 22:42 - 00000000 ____D C:\Program Files\Common Files\Sony Shared
2013-12-06 11:12 - 2012-01-23 18:29 - 00002382 _____ C:\Users\bjes_des\Desktop\Google Chrome.lnk
2013-12-04 18:51 - 2013-12-04 18:51 - 00000000 ____D C:\ProgramData\Zoner
2013-12-03 10:07 - 2013-12-03 10:07 - 00000000 ____D C:\Users\bjes_des\AppData\Roaming\AVAST Software
2013-12-03 10:06 - 2010-11-20 22:48 - 00115660 _____ C:\Windows\PFRO.log
2013-12-03 10:04 - 2013-12-03 10:04 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-03 10:03 - 2013-03-19 08:23 - 00178304 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-12-03 10:03 - 2013-03-19 08:23 - 00049944 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-12-03 10:03 - 2012-04-17 12:24 - 00079720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-12-03 10:03 - 2012-01-23 18:45 - 00774392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-12-03 10:03 - 2012-01-23 18:45 - 00403440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-12-03 10:03 - 2012-01-23 18:45 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-12-03 10:03 - 2012-01-23 18:45 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-12-03 10:03 - 2012-01-23 18:45 - 00035656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-12-03 10:03 - 2012-01-23 18:44 - 00269216 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-12-03 10:03 - 2012-01-23 18:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-12-03 09:58 - 2012-01-23 18:44 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-03 09:57 - 2009-07-14 03:04 - 00002577 _____ C:\Windows\system32\config.nt
2013-11-30 19:30 - 2013-02-08 13:21 - 00000000 ____D C:\Program Files\LibreOffice 4.0
2013-11-30 19:29 - 2013-11-30 19:29 - 00001054 _____ C:\Users\Public\Desktop\LibreOffice 4.0.lnk
2013-11-30 18:56 - 2013-03-11 15:25 - 00009216 ___SH C:\Users\bjes_des\Downloads\Thumbs.db

Files to move or delete:
====================
C:\ProgramData\hpe9A75.dll

Some content of TEMP:
====================
C:\Users\bjes_des\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\bjes_des\AppData\Local\Temp\Quarantine.exe
C:\Users\bjes_des\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-20 09:43

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:29.9 GB) (Free:0.59 GB) NTFS
Drive d: () (Fixed) (Total:112.21 GB) (Free:44.51 GB) NTFS

Available physical RAM: 904.08 MB
Total physical RAM: 1790.11 MB
Percentage of memory in use: 49%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 0645753A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=7 GB) - (Type=FE)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001Core.job => C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001UA.job => C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\bjes_des\Desktop" je 75 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reader Application Helper
C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TurboHddUsb
C:\Program Files\TurboHddUsb\TurboHddUsb.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 30 pro 2013 06:31

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001Core.job => C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001UA.job => C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\bjes_des\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\bjes_des\AppData\Local\Temp\Quarantine.exe
C:\Users\bjes_des\AppData\Local\Temp\SkypeSetup.exe
C:\ProgramData\hpe9A75.dll
CHR HomePage: https://news.google.cz/nwshp?hl=cs&tab= ... CAsQqS4oCA
CHR RestoreOnStartup: "hxxp://www.ighome.com/?t=379213"
URLSearchHook: HKLM - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
MountPoints2: {eb2af49b-9620-11e1-9342-00269e48f4ca} - E:\Startme.exe
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe"/f
Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

bjes_des · #9 Příspěvek od **bjes_des** » 30 pro 2013 09:54

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2013 01
Ran by bjes_des at 2013-12-30 09:47:42 Run:1
Running from C:\Users\bjes_des\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001Core.job => C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001UA.job => C:\Users\bjes_des\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\bjes_des\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\bjes_des\AppData\Local\Temp\Quarantine.exe
C:\Users\bjes_des\AppData\Local\Temp\SkypeSetup.exe
C:\ProgramData\hpe9A75.dll
CHR HomePage: https://news.google.cz/nwshp?hl=cs&tab= ... CAsQqS4oCA
CHR RestoreOnStartup: "hxxp://www.ighome.com/?t=379213"
URLSearchHook: HKLM - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
MountPoints2: {eb2af49b-9620-11e1-9342-00269e48f4ca} - E:\Startme.exe
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware"/f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe"/f
Hosts:

End
*****************

C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254357478-2013232218-1666598634-1001UA.job => Moved successfully.
C:\Users\bjes_des\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\bjes_des\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\bjes_des\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\ProgramData\hpe9A75.dll => Moved successfully.
CHR HomePage: https://news.google.cz/nwshp?hl=cs&tab= ... CAsQqS4oCA ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.ighome.com/?t=379213" ==> The Chrome "Settings" can be used to fix the entry.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb2af49b-9620-11e1-9342-00269e48f4ca} => Key deleted successfully.
HKCR\CLSID\{eb2af49b-9620-11e1-9342-00269e48f4ca} => Key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM"/f =========

Chcete klˇź registru HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM/f trvale odstranit (Y-Ano/N-Ne)? Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update"/f =========

Chcete klˇź registru HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update/f trvale odstranit (Y-Ano/N-Ne)? Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype"/f =========

Chcete klˇź registru HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype/f trvale odstranit (Y-Ano/N-Ne)? Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware"/f =========

Chcete klˇź registru HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware/f trvale odstranit (Y-Ano/N-Ne)? Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe"/f =========

Chcete klˇź registru HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe/f trvale odstranit (Y-Ano/N-Ne)? Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 30 pro 2013 19:59

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel èistiè

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

bjes_des · #11 Příspěvek od **bjes_des** » 30 pro 2013 21:23

Díky za věnovaný čas a Hezký večer do Šalingradu!

#12 Příspěvek od **vyosek** » 30 pro 2013 22:16

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosím o kontrolu, pomalý PC. Děkuji.

Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.

Re: Prosím o kontrolu, pomalý PC. Děkuji.