Dobrý den....v PC je spousta problémů, od pomalého startu, přes pomalý chod, sekání, teď byl problém průzkumník přestal pracovat a podobně. Jsem laik...a dopředu vím, že se zhrozíte kolik špíny v PC mám... prosím tedy o pomoc...a o co nejlepší řešení situace.
zde přikládám LOG z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-01-2014
Ran by mAt (administrator) on MAT-PC on 22-01-2014 12:46:09
Running from C:\Users\mAt\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
() C:\Windows\System32\dmwu.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BitTorrent, Inc.) C:\Program Files\BitTorrent\BitTorrent.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Lavasoft.) C:\ProgramData\Search Protection\SearchProtection.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
() C:\Windows\System32\jmdp\stij.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\mAt\Desktop\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AMD AVT] - C:\Program Files\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [SearchProtection] - C:\ProgramData\Search Protection\_run.bat [168 2013-04-13] ()
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3451496 2011-02-23] (AVAST Software)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-04-06] (AMD)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
AppInit_DLLs: c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll => File Not Found
AppInit_DLLs: c:\progra~1\sshelp~1\sprote~1.dll => File Not Found
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3225826
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
URLSearchHook: HKLM - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
URLSearchHook: HKCU - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1379248759
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/?q={searchTe ... 19dbd857be
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1379248759
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://lavasoft.blekko.com/ws/?source=f ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb128/?se ... 2f3kA&i=26
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
Toolbar: HKCU - BitTorrentControl_v12 Toolbar - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\mAt\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2013-04-10]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-22]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-22]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Classic Isoball) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aklhapmhpooalphfffjnjinmhcgdeijd [2013-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Disk Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Select all Facebook friends) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-09-15]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (Rush Team) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdnoeebfjlplfkljdedokbcmebojbpb [2013-09-15]
CHR Extension: (Donna Karan) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2013-09-15]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnibmbcdeepaahjmddiihohjanlimlmj [2013-10-06]
CHR Extension: (Flow Game ) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhkenkiidlghkpkihaiojpjnngfocahn [2013-09-15]
CHR Extension: (Skype Click to Call) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-09-15]
CHR Extension: (BeGone) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-09-15]
CHR Extension: (Simple Adblock) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2013-09-15]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-22]
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2012-08-22]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [2013-09-16]
========================== Services (Whitelisted) =================
R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184 2011-02-23] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-10-14] (Flexera Software, Inc.)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1560368 2014-01-08] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-06-05] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-06-05] ()
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-09-15] (Taiwan Shui Mu Chih Ching Technology Limited.)
S4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [x]
S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [x]
==================== Drivers (Whitelisted) ====================
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-03] (ATI Technologies Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-13] (GFI Software)
S2 aswFsBlk; No ImagePath
S1 aswFW; No ImagePath
S0 aswNdis2; No ImagePath
S1 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-22 12:46 - 2014-01-22 12:46 - 00021735 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-22 12:45 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-22 12:45 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-22 12:45 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-22 12:44 - 01221632 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:44 - 2014-01-22 12:44 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\FRSTLauncher (1).exe
2014-01-22 12:43 - 2014-01-22 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\Nepotvrzeno 263839.crdownload
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 09:03 - 2014-01-22 09:06 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-21 18:52 - 2014-01-21 18:52 - 00000000 ____D C:\Windows\system32\jmdp
2014-01-21 18:49 - 2014-01-22 09:18 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 18:05 - 2014-01-21 20:04 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 16:08 - 2014-01-21 16:14 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:39 - 2014-01-21 14:40 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-19 20:03 - 2014-01-19 20:05 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:00 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:57 - 2014-01-19 19:59 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:33 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:26 - 2014-01-20 05:56 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-19 18:09 - 2014-01-19 19:11 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-18 21:51 - 2014-01-18 23:43 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:06 - 2014-01-21 20:47 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-17 18:02 - 2014-01-17 18:05 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:02 - 2014-01-17 14:03 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:14 - 2014-01-15 19:55 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-14 12:14 - 2014-01-15 08:57 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
==================== One Month Modified Files and Folders =======
2014-01-22 12:46 - 2014-01-22 12:46 - 00021735 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-22 12:45 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-22 12:45 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-22 12:45 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-22 12:44 - 01221632 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:44 - 2014-01-22 12:44 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\FRSTLauncher (1).exe
2014-01-22 12:44 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 12:44 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 12:43 - 2014-01-22 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\Nepotvrzeno 263839.crdownload
2014-01-22 12:43 - 2013-09-15 13:45 - 00000000 ____D C:\Program Files\WinZipper
2014-01-22 12:43 - 2012-08-22 21:34 - 01628321 _____ C:\Windows\WindowsUpdate.log
2014-01-22 12:41 - 2013-04-13 10:27 - 00000000 ____D C:\Program Files\Steam
2014-01-22 12:37 - 2013-09-15 14:07 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 12:37 - 2013-05-18 15:56 - 00000286 ____H C:\Windows\Tasks\Acrobat Update.job
2014-01-22 12:37 - 2012-08-22 22:18 - 00000000 ____D C:\Users\mAt\AppData\Roaming\BitTorrent
2014-01-22 12:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 12:37 - 2009-07-14 05:39 - 00080887 _____ C:\Windows\setupact.log
2014-01-22 12:24 - 2013-05-07 21:30 - 05958656 ___SH C:\Users\mAt\Desktop\Thumbs.db
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 12:13 - 2012-08-23 23:42 - 00007622 _____ C:\Users\mAt\AppData\Local\resmon.resmoncfg
2014-01-22 11:22 - 2013-09-15 14:07 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 09:18 - 2014-01-21 18:49 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-22 09:06 - 2014-01-22 09:03 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-22 08:50 - 2012-08-24 01:45 - 00000000 ____D C:\Users\mAt\AppData\Local\Adobe
2014-01-21 20:47 - 2014-01-18 21:06 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-21 20:04 - 2014-01-21 18:05 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 20:01 - 2012-10-24 20:28 - 00000000 ____D C:\Users\mAt\AppData\Local\CutePDF Writer
2014-01-21 18:52 - 2014-01-21 18:52 - 00000000 ____D C:\Windows\system32\jmdp
2014-01-21 16:14 - 2014-01-21 16:08 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:40 - 2014-01-21 14:39 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-21 12:42 - 2012-09-17 02:33 - 00000000 ____D C:\Windows\system32\ARFC
2014-01-21 12:41 - 2012-09-17 02:33 - 00000000 ____D C:\Windows\system32\WNLT
2014-01-20 08:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\TZI
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-20 05:56 - 2014-01-19 19:26 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-20 05:29 - 2012-08-22 21:53 - 00016777 _____ C:\Users\mAt\Documents\plot.log
2014-01-19 20:05 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:03 - 2014-01-19 20:00 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:59 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:57 - 2014-01-19 19:33 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:11 - 2014-01-19 18:09 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-19 10:15 - 2009-07-14 05:33 - 04151448 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 23:43 - 2014-01-18 21:51 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:55 - 2012-08-22 22:19 - 00148840 _____ C:\Users\mAt\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 21:43 - 2012-08-22 22:52 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2014-01-18 21:38 - 2012-08-22 22:52 - 00000000 ____D C:\ProgramData\Autodesk
2014-01-18 21:28 - 2010-11-20 22:01 - 01583754 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 21:24 - 2013-12-21 13:19 - 00000000 ____D C:\Users\mAt\Downloads\Insidious Chapter 2 (2013)
2014-01-18 18:30 - 2013-11-26 17:04 - 00000000 ____D C:\Users\mAt\Desktop\PP
2014-01-18 10:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\NK2
2014-01-17 18:05 - 2014-01-17 18:02 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:03 - 2014-01-17 14:02 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-16 13:49 - 2013-07-05 14:07 - 00000000 ____D C:\Users\mAt\Desktop\loga
2014-01-15 19:55 - 2014-01-14 12:14 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-15 08:57 - 2014-01-14 12:14 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:17 - 2013-06-07 20:48 - 00109568 ___SH C:\Users\mAt\Thumbs.db
2014-01-12 14:26 - 2013-05-13 09:34 - 00000000 ____D C:\Users\mAt\Desktop\sdilena slozka
2014-01-12 14:08 - 2013-11-02 13:46 - 00000000 ____D C:\Users\mAt\Desktop\PS5
2014-01-11 15:39 - 2010-11-20 22:48 - 00046618 _____ C:\Windows\PFRO.log
2014-01-11 10:57 - 2013-01-15 14:10 - 00000132 _____ C:\Users\mAt\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-08 20:30 - 2012-09-17 02:33 - 01560368 _____ C:\Windows\system32\dmwu.exe
2014-01-08 20:23 - 2012-09-17 02:33 - 00027136 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
2014-01-02 11:08 - 2013-11-26 17:54 - 00000000 ____D C:\Users\mAt\Desktop\interier
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 13:08
==================== End Of Log ============================
v příloze log Addition
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zasekané neudržované PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
zasekané neudržované PC
- Přílohy
-
- Addition.zip
- (6.75 KiB) Staženo 38 x
Re: zasekané neudržované PC
Zdravim 
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna doamci verze 
Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna doamci verze "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: zasekané neudržované PC
Dobrý den legalní je...dostal jsem jej od zaměstnavatele, když jsme přecházeli na WIN 7, po nákupu vícero kusů nám byly přiděleny verze navíc
Re: zasekané neudržované PC
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Spustte tradicne dvouklikem
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zasekané neudržované PC
SC log....opoprve se mne neulozil... ale pote jiz ano
Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/22/2014 05:45:19 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\mAt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\mAt\Desktop
0 bad shortcuts found.
Program finished at: 01/22/2014 05:45:20 PM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)
JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by mAt on st 22.01.2014 at 17:30:37,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336d0c35-8a85-403a-b9d2-65c292c39087}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3225826
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
Successfully deleted: [File] "C:\Windows\System32\Tasks\desk 365 runasstduser"
Successfully deleted: [File] "C:\Users\mAt\appdata\locallow\SkwConfig.bin"
Failed to delete: [File] "C:\Windows\system32\dmwu.exe"
Failed to delete: [File] "C:\Windows\system32\imhttpcomm.dll"
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\adawaretb"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\desk 365"
Successfully deleted: [Folder] "C:\Program Files\goforfiles"
Successfully deleted: [Folder] "C:\Program Files\web assistant"
Successfully deleted: [Folder] "C:\Windows\system32\arfc"
Successfully deleted: [Folder] "C:\Windows\system32\jmdp"
Successfully deleted: [Folder] "C:\Windows\system32\wnlt"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 22.01.2014 at 17:33:32,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner[S0] LOG
# AdwCleaner v3.017 - Report created 22/01/2014 at 17:36:39
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : mAt - MAT-PC
# Running from : C:\Users\mAt\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : IBUpdaterService
[#] Service Deleted : Web Assistant
Service Deleted : winzipersvc
[#] Service Deleted : WsysSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\Conduit
Folder Deleted : C:\ProgramData\savenshare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Omiga Plus
Folder Deleted : C:\Program Files\ss helper
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\BitTorrentControl_v12
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\mAt\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\mAt\AppData\Roaming\337
Folder Deleted : C:\Users\mAt\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\mAt\AppData\Roaming\Omiga Plus
Folder Deleted : C:\Users\mAt\AppData\Roaming\WinZipper
File Deleted : C:\Windows\system32\dmwu.exe
File Deleted : C:\Windows\system32\ImhxxpComm.dll
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F5899F8-4F8B-431B-8753-78FCC38EAE63}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F5899F8-4F8B-431B-8753-78FCC38EAE63}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{014A4030-6161-4788-8FCF-718D9BA5AECE}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{014A4030-6161-4788-8FCF-718D9BA5AECE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_360582d7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FARO LS_is1
Key Deleted : HKCU\Software\5e2d888bc6fea48
Key Deleted : HKLM\SOFTWARE\5e2d888bc6fea48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80218C8E-7E3B-404D-953A-E0CD9483FB40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11F9D507-3B95-4B5B-9A19-CE8A93CD6E48}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\BitTorrentControl_v12
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Mozilla Firefox v
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8432 octets] - [22/01/2014 17:34:19]
AdwCleaner[S0].txt - [8177 octets] - [22/01/2014 17:36:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8237 octets] ##########
Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/22/2014 05:45:19 PM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\mAt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\mAt\Desktop
0 bad shortcuts found.
Program finished at: 01/22/2014 05:45:20 PM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)
JRT
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by mAt on st 22.01.2014 at 17:30:37,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336d0c35-8a85-403a-b9d2-65c292c39087}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3225826
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
~~~ Files
Successfully deleted: [File] "C:\Windows\System32\Tasks\desk 365 runasstduser"
Successfully deleted: [File] "C:\Users\mAt\appdata\locallow\SkwConfig.bin"
Failed to delete: [File] "C:\Windows\system32\dmwu.exe"
Failed to delete: [File] "C:\Windows\system32\imhttpcomm.dll"
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\adawaretb"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\desk 365"
Successfully deleted: [Folder] "C:\Program Files\goforfiles"
Successfully deleted: [Folder] "C:\Program Files\web assistant"
Successfully deleted: [Folder] "C:\Windows\system32\arfc"
Successfully deleted: [Folder] "C:\Windows\system32\jmdp"
Successfully deleted: [Folder] "C:\Windows\system32\wnlt"
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 22.01.2014 at 17:33:32,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
AdwCleaner[S0] LOG
# AdwCleaner v3.017 - Report created 22/01/2014 at 17:36:39
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : mAt - MAT-PC
# Running from : C:\Users\mAt\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : IBUpdaterService
[#] Service Deleted : Web Assistant
Service Deleted : winzipersvc
[#] Service Deleted : WsysSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\Conduit
Folder Deleted : C:\ProgramData\savenshare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Omiga Plus
Folder Deleted : C:\Program Files\ss helper
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\BitTorrentControl_v12
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\mAt\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\mAt\AppData\Roaming\337
Folder Deleted : C:\Users\mAt\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\mAt\AppData\Roaming\Omiga Plus
Folder Deleted : C:\Users\mAt\AppData\Roaming\WinZipper
File Deleted : C:\Windows\system32\dmwu.exe
File Deleted : C:\Windows\system32\ImhxxpComm.dll
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F5899F8-4F8B-431B-8753-78FCC38EAE63}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F5899F8-4F8B-431B-8753-78FCC38EAE63}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{014A4030-6161-4788-8FCF-718D9BA5AECE}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{014A4030-6161-4788-8FCF-718D9BA5AECE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_360582d7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FARO LS_is1
Key Deleted : HKCU\Software\5e2d888bc6fea48
Key Deleted : HKLM\SOFTWARE\5e2d888bc6fea48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80218C8E-7E3B-404D-953A-E0CD9483FB40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11F9D507-3B95-4B5B-9A19-CE8A93CD6E48}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\BitTorrentControl_v12
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Mozilla Firefox v
-\\ Google Chrome v32.0.1700.76
[ File : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8432 octets] - [22/01/2014 17:34:19]
AdwCleaner[S0].txt - [8177 octets] - [22/01/2014 17:36:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8237 octets] ##########
Re: zasekané neudržované PC
Poprosim o novy log z FRSTLaucheru
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zasekané neudržované PC
log z frst
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-01-2014
Ran by mAt (administrator) on MAT-PC on 23-01-2014 03:04:09
Running from C:\Users\mAt\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(BitTorrent, Inc.) C:\Program Files\BitTorrent\BitTorrent.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(forum.viry.cz) C:\Users\mAt\Desktop\FRST-OlderVersion\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AMD AVT] - C:\Program Files\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3451496 2011-02-23] (AVAST Software)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-04-06] (AMD)
HKCU\...\Run: [AdobeBridge] - [x]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\mAt\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2013-04-10]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Classic Isoball) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aklhapmhpooalphfffjnjinmhcgdeijd [2013-10-06]
CHR Extension: (Google Docs) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Google Drive) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Select all Facebook friends) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-09-15]
CHR Extension: (Google Search) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (Rush Team) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdnoeebfjlplfkljdedokbcmebojbpb [2013-09-15]
CHR Extension: (Donna Karan) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2013-09-15]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnibmbcdeepaahjmddiihohjanlimlmj [2013-10-06]
CHR Extension: (Flow Game ) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhkenkiidlghkpkihaiojpjnngfocahn [2013-09-15]
CHR Extension: (Skype Click to Call) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
CHR Extension: (Google Mail Checker) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-09-15]
CHR Extension: (BeGone) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-09-15]
CHR Extension: (Simple Adblock) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
========================== Services (Whitelisted) =================
R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184 2011-02-23] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-10-14] (Flexera Software, Inc.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-06-05] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-06-05] ()
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-03] (ATI Technologies Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-13] (GFI Software)
S2 aswFsBlk; No ImagePath
S1 aswFW; No ImagePath
S0 aswNdis2; No ImagePath
S1 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-23 03:04 - 2014-01-23 03:04 - 00015486 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:37 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:30 - 2014-01-22 17:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 14:16 - 2014-01-22 14:16 - 07560104 _____ C:\Users\mAt\Desktop\da5_skripta_08.zip
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-23 02:59 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-23 02:59 - 01222144 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 09:03 - 2014-01-22 17:29 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-21 18:49 - 2014-01-22 09:18 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 18:05 - 2014-01-21 20:04 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 16:08 - 2014-01-21 16:14 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:39 - 2014-01-21 14:40 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-19 20:03 - 2014-01-19 20:05 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:00 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:57 - 2014-01-19 19:59 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:33 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:26 - 2014-01-20 05:56 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-19 18:09 - 2014-01-19 19:11 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-18 21:51 - 2014-01-18 23:43 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:06 - 2014-01-21 20:47 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-17 18:02 - 2014-01-17 18:05 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:02 - 2014-01-17 14:03 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:14 - 2014-01-15 19:55 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-14 12:14 - 2014-01-15 08:57 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
==================== One Month Modified Files and Folders =======
2014-01-23 03:04 - 2014-01-23 03:04 - 00015486 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 03:03 - 2014-01-23 02:59 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-23 03:03 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-23 03:03 - 2012-08-24 01:45 - 00000000 ____D C:\Users\mAt\AppData\Local\Adobe
2014-01-23 03:03 - 2012-08-22 22:18 - 00000000 ____D C:\Users\mAt\AppData\Roaming\BitTorrent
2014-01-23 03:00 - 2013-05-18 15:56 - 00000286 ____H C:\Windows\Tasks\Acrobat Update.job
2014-01-23 03:00 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-23 03:00 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-23 02:59 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-23 02:59 - 2014-01-22 12:44 - 01222144 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-23 02:56 - 2012-08-22 21:34 - 01635774 _____ C:\Windows\WindowsUpdate.log
2014-01-23 02:53 - 2013-09-15 14:07 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-23 02:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-23 02:53 - 2009-07-14 05:39 - 00080999 _____ C:\Windows\setupact.log
2014-01-22 19:22 - 2013-09-15 14:07 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 17:45 - 2014-01-22 17:29 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:40 - 2013-04-13 10:27 - 00000000 ____D C:\Program Files\Steam
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:38 - 2010-11-20 22:48 - 00046946 _____ C:\Windows\PFRO.log
2014-01-22 17:37 - 2014-01-22 17:34 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:36 - 2012-08-22 22:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:30 - 2014-01-22 17:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:30 - 2014-01-22 12:47 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 17:29 - 2014-01-22 09:03 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-22 17:29 - 2012-08-23 06:44 - 00001417 _____ C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 14:16 - 2014-01-22 14:16 - 07560104 _____ C:\Users\mAt\Desktop\da5_skripta_08.zip
2014-01-22 14:02 - 2013-05-07 21:30 - 05977088 ___SH C:\Users\mAt\Desktop\Thumbs.db
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 12:13 - 2012-08-23 23:42 - 00007622 _____ C:\Users\mAt\AppData\Local\resmon.resmoncfg
2014-01-22 09:18 - 2014-01-21 18:49 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 20:47 - 2014-01-18 21:06 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-21 20:04 - 2014-01-21 18:05 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 20:01 - 2012-10-24 20:28 - 00000000 ____D C:\Users\mAt\AppData\Local\CutePDF Writer
2014-01-21 16:14 - 2014-01-21 16:08 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:40 - 2014-01-21 14:39 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 08:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\TZI
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-20 05:56 - 2014-01-19 19:26 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-20 05:29 - 2012-08-22 21:53 - 00016777 _____ C:\Users\mAt\Documents\plot.log
2014-01-19 20:05 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:03 - 2014-01-19 20:00 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:59 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:57 - 2014-01-19 19:33 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:11 - 2014-01-19 18:09 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-19 10:15 - 2009-07-14 05:33 - 04151448 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 23:43 - 2014-01-18 21:51 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:55 - 2012-08-22 22:19 - 00148840 _____ C:\Users\mAt\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 21:43 - 2012-08-22 22:52 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2014-01-18 21:38 - 2012-08-22 22:52 - 00000000 ____D C:\ProgramData\Autodesk
2014-01-18 21:28 - 2010-11-20 22:01 - 01583754 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 21:24 - 2013-12-21 13:19 - 00000000 ____D C:\Users\mAt\Downloads\Insidious Chapter 2 (2013)
2014-01-18 18:30 - 2013-11-26 17:04 - 00000000 ____D C:\Users\mAt\Desktop\PP
2014-01-18 10:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\NK2
2014-01-17 18:05 - 2014-01-17 18:02 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:03 - 2014-01-17 14:02 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-16 13:49 - 2013-07-05 14:07 - 00000000 ____D C:\Users\mAt\Desktop\loga
2014-01-15 19:55 - 2014-01-14 12:14 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-15 08:57 - 2014-01-14 12:14 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:17 - 2013-06-07 20:48 - 00109568 ___SH C:\Users\mAt\Thumbs.db
2014-01-12 14:26 - 2013-05-13 09:34 - 00000000 ____D C:\Users\mAt\Desktop\sdilena slozka
2014-01-12 14:08 - 2013-11-02 13:46 - 00000000 ____D C:\Users\mAt\Desktop\PS5
2014-01-11 10:57 - 2013-01-15 14:10 - 00000132 _____ C:\Users\mAt\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
2014-01-02 11:08 - 2013-11-26 17:54 - 00000000 ____D C:\Users\mAt\Desktop\interier
Some content of TEMP:
====================
C:\Users\mAt\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 13:08
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-01-2014
Ran by mAt (administrator) on MAT-PC on 23-01-2014 03:04:09
Running from C:\Users\mAt\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) ===================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(BitTorrent, Inc.) C:\Program Files\BitTorrent\BitTorrent.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(forum.viry.cz) C:\Users\mAt\Desktop\FRST-OlderVersion\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AMD AVT] - C:\Program Files\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3451496 2011-02-23] (AVAST Software)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-04-06] (AMD)
HKCU\...\Run: [AdobeBridge] - [x]
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\mAt\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2013-04-10]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Classic Isoball) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aklhapmhpooalphfffjnjinmhcgdeijd [2013-10-06]
CHR Extension: (Google Docs) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Google Drive) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Select all Facebook friends) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-09-15]
CHR Extension: (Google Search) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (Rush Team) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdnoeebfjlplfkljdedokbcmebojbpb [2013-09-15]
CHR Extension: (Donna Karan) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2013-09-15]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnibmbcdeepaahjmddiihohjanlimlmj [2013-10-06]
CHR Extension: (Flow Game ) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhkenkiidlghkpkihaiojpjnngfocahn [2013-09-15]
CHR Extension: (Skype Click to Call) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
CHR Extension: (Google Mail Checker) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-09-15]
CHR Extension: (BeGone) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-09-15]
CHR Extension: (Simple Adblock) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
========================== Services (Whitelisted) =================
R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184 2011-02-23] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-10-14] (Flexera Software, Inc.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-06-05] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-06-05] ()
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [x]
==================== Drivers (Whitelisted) ====================
R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-03] (ATI Technologies Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-13] (GFI Software)
S2 aswFsBlk; No ImagePath
S1 aswFW; No ImagePath
S0 aswNdis2; No ImagePath
S1 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-23 03:04 - 2014-01-23 03:04 - 00015486 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:37 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:30 - 2014-01-22 17:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 14:16 - 2014-01-22 14:16 - 07560104 _____ C:\Users\mAt\Desktop\da5_skripta_08.zip
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-23 02:59 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-23 02:59 - 01222144 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 09:03 - 2014-01-22 17:29 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-21 18:49 - 2014-01-22 09:18 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 18:05 - 2014-01-21 20:04 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 16:08 - 2014-01-21 16:14 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:39 - 2014-01-21 14:40 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-19 20:03 - 2014-01-19 20:05 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:00 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:57 - 2014-01-19 19:59 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:33 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:26 - 2014-01-20 05:56 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-19 18:09 - 2014-01-19 19:11 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-18 21:51 - 2014-01-18 23:43 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:06 - 2014-01-21 20:47 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-17 18:02 - 2014-01-17 18:05 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:02 - 2014-01-17 14:03 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:14 - 2014-01-15 19:55 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-14 12:14 - 2014-01-15 08:57 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
==================== One Month Modified Files and Folders =======
2014-01-23 03:04 - 2014-01-23 03:04 - 00015486 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 03:03 - 2014-01-23 02:59 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-23 03:03 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-23 03:03 - 2012-08-24 01:45 - 00000000 ____D C:\Users\mAt\AppData\Local\Adobe
2014-01-23 03:03 - 2012-08-22 22:18 - 00000000 ____D C:\Users\mAt\AppData\Roaming\BitTorrent
2014-01-23 03:00 - 2013-05-18 15:56 - 00000286 ____H C:\Windows\Tasks\Acrobat Update.job
2014-01-23 03:00 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-23 03:00 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-23 02:59 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-23 02:59 - 2014-01-22 12:44 - 01222144 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-23 02:56 - 2012-08-22 21:34 - 01635774 _____ C:\Windows\WindowsUpdate.log
2014-01-23 02:53 - 2013-09-15 14:07 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-23 02:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-23 02:53 - 2009-07-14 05:39 - 00080999 _____ C:\Windows\setupact.log
2014-01-22 19:22 - 2013-09-15 14:07 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 17:45 - 2014-01-22 17:29 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:40 - 2013-04-13 10:27 - 00000000 ____D C:\Program Files\Steam
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:38 - 2010-11-20 22:48 - 00046946 _____ C:\Windows\PFRO.log
2014-01-22 17:37 - 2014-01-22 17:34 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:36 - 2012-08-22 22:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:30 - 2014-01-22 17:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:30 - 2014-01-22 12:47 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 17:29 - 2014-01-22 09:03 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-22 17:29 - 2012-08-23 06:44 - 00001417 _____ C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 14:16 - 2014-01-22 14:16 - 07560104 _____ C:\Users\mAt\Desktop\da5_skripta_08.zip
2014-01-22 14:02 - 2013-05-07 21:30 - 05977088 ___SH C:\Users\mAt\Desktop\Thumbs.db
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 12:13 - 2012-08-23 23:42 - 00007622 _____ C:\Users\mAt\AppData\Local\resmon.resmoncfg
2014-01-22 09:18 - 2014-01-21 18:49 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 20:47 - 2014-01-18 21:06 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-21 20:04 - 2014-01-21 18:05 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 20:01 - 2012-10-24 20:28 - 00000000 ____D C:\Users\mAt\AppData\Local\CutePDF Writer
2014-01-21 16:14 - 2014-01-21 16:08 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:40 - 2014-01-21 14:39 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 08:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\TZI
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-20 05:56 - 2014-01-19 19:26 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-20 05:29 - 2012-08-22 21:53 - 00016777 _____ C:\Users\mAt\Documents\plot.log
2014-01-19 20:05 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:03 - 2014-01-19 20:00 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:59 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:57 - 2014-01-19 19:33 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:11 - 2014-01-19 18:09 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-19 10:15 - 2009-07-14 05:33 - 04151448 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 23:43 - 2014-01-18 21:51 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:55 - 2012-08-22 22:19 - 00148840 _____ C:\Users\mAt\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 21:43 - 2012-08-22 22:52 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2014-01-18 21:38 - 2012-08-22 22:52 - 00000000 ____D C:\ProgramData\Autodesk
2014-01-18 21:28 - 2010-11-20 22:01 - 01583754 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 21:24 - 2013-12-21 13:19 - 00000000 ____D C:\Users\mAt\Downloads\Insidious Chapter 2 (2013)
2014-01-18 18:30 - 2013-11-26 17:04 - 00000000 ____D C:\Users\mAt\Desktop\PP
2014-01-18 10:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\NK2
2014-01-17 18:05 - 2014-01-17 18:02 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:03 - 2014-01-17 14:02 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-16 13:49 - 2013-07-05 14:07 - 00000000 ____D C:\Users\mAt\Desktop\loga
2014-01-15 19:55 - 2014-01-14 12:14 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-15 08:57 - 2014-01-14 12:14 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:17 - 2013-06-07 20:48 - 00109568 ___SH C:\Users\mAt\Thumbs.db
2014-01-12 14:26 - 2013-05-13 09:34 - 00000000 ____D C:\Users\mAt\Desktop\sdilena slozka
2014-01-12 14:08 - 2013-11-02 13:46 - 00000000 ____D C:\Users\mAt\Desktop\PS5
2014-01-11 10:57 - 2013-01-15 14:10 - 00000132 _____ C:\Users\mAt\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
2014-01-02 11:08 - 2013-11-26 17:54 - 00000000 ____D C:\Users\mAt\Desktop\interier
Some content of TEMP:
====================
C:\Users\mAt\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-19 13:08
==================== End Of Log ============================
Re: zasekané neudržované PC
Odinstalujte Ad-Aware Antivirus a Ad-Aware Browsing Protection Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft) HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.) HKCU\...\Run: [AdobeBridge] - [x] URLSearchHook: ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM - DefaultScope value is missing. CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15] R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited) S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x] S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] 2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat 2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion 2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt 2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp 2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log 2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt 2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt 2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt 2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe 2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe 2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe 2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip 2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt 2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE C:\ProgramData\adawaretb C:\Program Files\Ad-Aware Antivirus C:\ProgramData\Ad-Aware Browsing Protection C:\Users\mAt\AppData\Local\Temp\svchost.exe Task: {F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} - System32\Tasks\Acrobat Update => C:\Users\mAt\AppData\Local\Temp\svchost.exe <==== ATTENTION Task: C:\Windows\Tasks\Acrobat Update.job => C:\Users\mAt\AppData\Local\Temp\svchost.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zasekané neudržované PC
zde je ten frstlog
popravde nevim jestli jsem dokazal splnit vsechyn kroky...ADaware jsem odintaloval ale browser se mne nepodarilo najit... snad se to zdarilo jak melo...dopredu dekuji za ochotu a pomoc
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-01-2014
Ran by mAt at 2014-01-24 18:11:49 Run:3
Running from C:\Users\mAt\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]
R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
C:\ProgramData\adawaretb
C:\Program Files\Ad-Aware Antivirus
C:\ProgramData\Ad-Aware Browsing Protection
C:\Users\mAt\AppData\Local\Temp\svchost.exe
Task: {F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} - System32\Tasks\Acrobat Update => C:\Users\mAt\AppData\Local\Temp\svchost.exe <==== ATTENTION
Task: C:\Windows\Tasks\Acrobat Update.job => C:\Users\mAt\AppData\Local\Temp\svchost.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Browsing Protection => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Antivirus => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value not found.
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik => Key not found.
"C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx" => File/Directory not found.
Ad-Aware Service => Service not found.
cpuz130 => Service not found.
SBRE => Service not found.
VGPU => Service not found.
"C:\Users\mAt\Desktop\LM.bat" => File/Directory not found.
"C:\Users\mAt\Desktop\FRST-OlderVersion" => File/Directory not found.
"C:\Users\mAt\Desktop\AdwCleaner[S0].txt" => File/Directory not found.
"C:\Users\mAt\AppData\Local\adawarebp" => File/Directory not found.
"C:\Users\mAt\Desktop\17646152614554672593.log" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT1.txt" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT.txt" => File/Directory not found.
"C:\sc-cleaner.txt" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\sc-cleaner.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\adwcleaner.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\Addition.zip" => File/Directory not found.
"C:\Users\mAt\Desktop\FRST2.txt" => File/Directory not found.
"C:\Users\mAt\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\ProgramData\adawaretb" => File/Directory not found.
"C:\Program Files\Ad-Aware Antivirus" => File/Directory not found.
"C:\ProgramData\Ad-Aware Browsing Protection" => File/Directory not found.
"C:\Users\mAt\AppData\Local\Temp\svchost.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} => Key not found.
C:\Windows\System32\Tasks\Acrobat Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acrobat Update => Key not found.
C:\Windows\Tasks\Acrobat Update.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
popravde nevim jestli jsem dokazal splnit vsechyn kroky...ADaware jsem odintaloval ale browser se mne nepodarilo najit... snad se to zdarilo jak melo...dopredu dekuji za ochotu a pomoc
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-01-2014
Ran by mAt at 2014-01-24 18:11:49 Run:3
Running from C:\Users\mAt\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]
R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
C:\ProgramData\adawaretb
C:\Program Files\Ad-Aware Antivirus
C:\ProgramData\Ad-Aware Browsing Protection
C:\Users\mAt\AppData\Local\Temp\svchost.exe
Task: {F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} - System32\Tasks\Acrobat Update => C:\Users\mAt\AppData\Local\Temp\svchost.exe <==== ATTENTION
Task: C:\Windows\Tasks\Acrobat Update.job => C:\Users\mAt\AppData\Local\Temp\svchost.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Browsing Protection => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Antivirus => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value not found.
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik => Key not found.
"C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx" => File/Directory not found.
Ad-Aware Service => Service not found.
cpuz130 => Service not found.
SBRE => Service not found.
VGPU => Service not found.
"C:\Users\mAt\Desktop\LM.bat" => File/Directory not found.
"C:\Users\mAt\Desktop\FRST-OlderVersion" => File/Directory not found.
"C:\Users\mAt\Desktop\AdwCleaner[S0].txt" => File/Directory not found.
"C:\Users\mAt\AppData\Local\adawarebp" => File/Directory not found.
"C:\Users\mAt\Desktop\17646152614554672593.log" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT1.txt" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT.txt" => File/Directory not found.
"C:\sc-cleaner.txt" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\sc-cleaner.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\adwcleaner.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\Addition.zip" => File/Directory not found.
"C:\Users\mAt\Desktop\FRST2.txt" => File/Directory not found.
"C:\Users\mAt\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\ProgramData\adawaretb" => File/Directory not found.
"C:\Program Files\Ad-Aware Antivirus" => File/Directory not found.
"C:\ProgramData\Ad-Aware Browsing Protection" => File/Directory not found.
"C:\Users\mAt\AppData\Local\Temp\svchost.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} => Key not found.
C:\Windows\System32\Tasks\Acrobat Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acrobat Update => Key not found.
C:\Windows\Tasks\Acrobat Update.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: zasekané neudržované PC
Jak se chova PC??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zasekané neudržované PC
PC se chova dober...je rychlejsi a i privetivejsi...uz mne nedela naschvaly....., moc Vam dekuji
chci se zeptat, kdyz jsem odinstaloval ADaaware, jaky antivir by ste doporucil...a popripade jak casto mam tento zpusob procisteni pc opakovat....
, moc Vam dekujichci se zeptat, kdyz jsem odinstaloval ADaaware, jaky antivir by ste doporucil...a popripade jak casto mam tento zpusob procisteni pc opakovat....
Re: zasekané neudržované PC
Dobrý den, bohužel teď se objevily problémy s PC...padá a samo od sebe se vypíná, také jsem zjistil, že nejdou některé programy ani spustit. Chci se zeptat kde by mohl být problém a jak jej vyřešit
Re: zasekané neudržované PC
Problemy stale pretrvavaji??
Vypina\pada pri nejake konkretni cinnosti nebo jen nahodne?
Vypina\pada pri nejake konkretni cinnosti nebo jen nahodne?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: zasekané neudržované PC
problemy stale pretrvavaji. vzdy se objevi modra smrt a to zcela necekane....prehrivat se neprehriva...teploty CPU nepresahuji pri max zatezi 40 C, tak nevim kde to muze byt, dal jsem bod obnovy, ale stale se tak deje
Re: zasekané neudržované PC
Zabalte mi prosim obsah slozky c:\windows\minidump a nekam uploadnete Udelejte CDI dle kolegy
MiliNess píše:Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?