Prosba o kontrolu - otevírají se nežádoucí okna v prohlížeči

Zpráva

liceli · #1 Příspěvek od **liceli** » 23 úno 2014 21:02

Logfile of random's system information tool 1.09 (written by random/random)
Run by Briza at 2014-02-23 20:51:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 55 GB (36%) free of 153 GB
Total RAM: 2943 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:51:54, on 23.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TechSmith\Jing\Jing.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Briza\Downloads\RSIT.exe
C:\Program Files\trend micro\Briza.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0050778 - {11111111-1111-1111-1111-110511071178} - C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll
O2 - BHO: LinkSwift - {323420b6-65e5-4657-8106-a27392d4d4aa} - C:\Program Files\LinkSwift\LinkSwiftBHO.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Briza\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.samsungsetup.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: All History Cleaner Service (HSService) - Unknown owner - C:\Program Files\All History Cleaner\HSService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: TipCtrl - Utipu inc. - C:\Program Files\uTIPu\TipCtrl.exe
O23 - Service: Update LinkSwift - Unknown owner - C:\Program Files\LinkSwift\updateLinkSwift.exe
O23 - Service: Util LinkSwift - Unknown owner - C:\Program Files\LinkSwift\bin\utilLinkSwift.exe

--
End of file - 7890 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Plus-HD-7.6-codedownloader.job
C:\Windows\tasks\Plus-HD-7.6-enabler.job
C:\Windows\tasks\Plus-HD-7.6-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-7.6-updater.job
C:\Windows\tasks\Plus-HD-7.6-validator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.novinky.cz/finance/325768-be ... AF2E269725"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"

"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.70 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\extensions\
1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}]
Plus-HD-7.6 - C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll [2014-02-18 633704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420b6-65e5-4657-8106-a27392d4d4aa}]
LinkSwift - C:\Program Files\LinkSwift\LinkSwiftBHO.dll [2014-02-04 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-15 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-15 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2013-07-20 2010624]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Jing"=C:\Program Files\TechSmith\Jing\Jing.exe [2013-01-07 2909640]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-12-11 845168]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-12-11 1564528]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Briza\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
C:\Program Files\Samsung\Kies\Kies.exe [2013-12-11 1564528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-12-11 311152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenshot Captor]
C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe [2011-06-07 6510080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Driver Updater]
C:\Program Files\Smart PC Solutions\Smart Driver Updater\SDULauncher.exe [2013-03-15 391992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-02-23 20:51:38 ----D---- C:\rsit
2014-02-18 01:07:51 ----D---- C:\Program Files\Seznam.cz
2014-02-18 01:07:31 ----D---- C:\Users\Briza\AppData\Roaming\Seznam.cz
2014-02-18 01:06:37 ----D---- C:\Program Files\Plus-HD-7.6
2014-02-18 01:04:43 ----D---- C:\Program Files\DAEMON Tools Lite
2014-02-16 20:09:30 ----D---- C:\Program Files\D4
2014-02-15 21:37:47 ----D---- C:\Program Files\Mozilla Firefox
2014-02-15 14:55:40 ----D---- C:\Program Files\NinjaTrader 7
2014-02-14 06:57:20 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 06:57:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 06:57:20 ----A---- C:\Windows\system32\ie4uinit.exe
2014-02-14 06:57:19 ----A---- C:\Windows\system32\msrating.dll
2014-02-14 06:57:19 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 06:57:19 ----A---- C:\Windows\system32\iesetup.dll
2014-02-14 06:57:19 ----A---- C:\Windows\system32\iernonce.dll
2014-02-14 06:57:18 ----A---- C:\Windows\system32\jscript9diag.dll
2014-02-14 06:57:18 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 06:57:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-02-14 06:57:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-02-14 06:57:17 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 06:57:17 ----A---- C:\Windows\system32\ieapfltr.dll
2014-02-14 06:57:16 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 06:57:15 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 06:57:15 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 06:57:13 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 06:57:12 ----A---- C:\Windows\system32\mshtml.dll
2014-02-14 06:57:11 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 06:37:39 ----A---- C:\Windows\system32\vbscript.dll
2014-02-13 06:05:05 ----A---- C:\Windows\system32\msxml3r.dll
2014-02-13 06:05:05 ----A---- C:\Windows\system32\msxml3.dll
2014-02-13 06:04:50 ----A---- C:\Windows\system32\d3d10warp.dll
2014-02-13 06:04:50 ----A---- C:\Windows\system32\d2d1.dll
2014-02-13 06:04:47 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-02-13 06:04:47 ----A---- C:\Windows\system32\RMActivate.exe
2014-02-13 06:04:46 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 06:04:46 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-02-13 06:04:46 ----A---- C:\Windows\system32\secproc_isv.dll
2014-02-13 06:04:46 ----A---- C:\Windows\system32\secproc.dll
2014-02-13 06:04:46 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 06:04:46 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 06:04:46 ----A---- C:\Windows\system32\msdrm.dll

======List of files/folders modified in the last 1 month======

2014-02-23 20:51:44 ----D---- C:\Program Files\trend micro
2014-02-23 20:46:41 ----D---- C:\Windows\temp
2014-02-23 20:42:34 ----D---- C:\Windows\system32\config
2014-02-23 20:39:02 ----D---- C:\Program Files\All History Cleaner
2014-02-23 20:37:33 ----D---- C:\Windows\Microsoft.NET
2014-02-23 20:29:09 ----D---- C:\Windows\system32\inetsrv
2014-02-23 20:26:55 ----D---- C:\Windows
2014-02-23 20:26:51 ----D---- C:\ProgramData\NVIDIA
2014-02-23 20:22:48 ----SHD---- C:\Windows\Installer
2014-02-23 20:22:47 ----D---- C:\Config.Msi
2014-02-23 20:22:22 ----D---- C:\Windows\System32
2014-02-23 20:22:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-23 20:22:05 ----D---- C:\Windows\inf
2014-02-23 20:21:55 ----RSD---- C:\Windows\assembly
2014-02-23 20:20:08 ----D---- C:\Windows\system32\catroot2
2014-02-23 20:20:03 ----SHD---- C:\System Volume Information
2014-02-23 09:59:39 ----D---- C:\Windows\Prefetch
2014-02-23 09:28:52 ----D---- C:\Users\Briza\AppData\Roaming\DAEMON Tools Lite
2014-02-23 09:28:49 ----D---- C:\Users\Briza\AppData\Roaming\Media Player Classic
2014-02-23 09:27:16 ----D---- C:\Windows\Panther
2014-02-23 09:27:11 ----D---- C:\Windows\Logs
2014-02-23 09:27:09 ----D---- C:\Windows\Minidump
2014-02-23 09:27:09 ----D---- C:\Windows\debug
2014-02-23 09:17:29 ----D---- C:\Program Files\CCleaner
2014-02-21 20:37:47 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 13:06:17 ----D---- C:\Windows\Tasks
2014-02-21 13:06:17 ----D---- C:\Windows\system32\Tasks
2014-02-19 20:41:44 ----D---- C:\RTSStavitel
2014-02-18 02:07:26 ----D---- C:\Windows\system32\catroot
2014-02-18 01:07:51 ----RD---- C:\Program Files
2014-02-18 01:04:06 ----D---- C:\Windows\system32\DriverStore
2014-02-18 01:04:06 ----D---- C:\Windows\system32\drivers
2014-02-17 05:22:29 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-02-14 09:05:49 ----D---- C:\Windows\rescache
2014-02-14 07:42:08 ----D---- C:\Windows\winsxs
2014-02-14 07:39:10 ----D---- C:\Program Files\Internet Explorer
2014-02-14 06:52:02 ----D---- C:\Windows\system32\MRT
2014-02-14 06:44:00 ----A---- C:\Windows\system32\MRT.exe
2014-02-14 06:36:45 ----D---- C:\Windows\system32\cs-CZ
2014-02-04 17:05:59 ----D---- C:\_EKUS,dokumenty
2014-02-04 06:52:39 ----D---- C:\Program Files\LinkSwift
2014-01-24 06:34:31 ----D---- C:\Users\Briza\AppData\Roaming\602XML

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-18 324096]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-09-10 5120]
R3 dfmirage;dfmirage; C:\Windows\system32\DRIVERS\dfmirage.sys [2008-03-26 34128]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
R3 GemCCID;GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [2013-04-24 98816]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2010-11-20 141824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2012-07-03 149352]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 CFcatchme;CFcatchme; \??\C:\Users\Briza\AppData\Local\Temp\CFcatchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 87064]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 25112]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2013-09-30 15688]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 10320]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-12-09 27632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\Windows\system32\DRIVERS\sscebus.sys [2013-04-03 136904]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\Windows\system32\DRIVERS\sscemdfl.sys [2013-04-03 17864]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\Windows\system32\DRIVERS\sscemdm.sys [2013-04-03 153672]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 182680]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2013-02-05 233472]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HSService;All History Cleaner Service; C:\Program Files\All History Cleaner\HSService.exe [2012-08-28 293664]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 8704]
R2 MSMQTriggers;@mqutil.dll,-6203; C:\Windows\system32\mqtgsvc.exe [2010-11-20 126464]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 639776]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2010-11-20 47616]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer9;TeamViewer 9; C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
R2 Update LinkSwift;Update LinkSwift; C:\Program Files\LinkSwift\updateLinkSwift.exe [2014-02-21 111392]
R2 Util LinkSwift;Util LinkSwift; C:\Program Files\LinkSwift\bin\utilLinkSwift.exe [2014-02-21 111392]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-08 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-29 1260472]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21 257928]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-04-16 77944]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-08-08 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 108032]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TipCtrl;TipCtrl; C:\Program Files\uTIPu\TipCtrl.exe [2010-09-28 318144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-11 1343400]
S3 WMSVC;@%windir%\system32\inetsrv\iisres.dll,-20001; C:\Windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 71680]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 23 úno 2014 21:37

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

liceli · #3 Příspěvek od **liceli** » 23 úno 2014 22:24

Dobrý večer, děkuji za rychlou reakci.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x86
Ran by Briza on ne 23.02.2014 at 22:00:20,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\performersoft
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\linkswift
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522072278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555075578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566076678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544074478}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\taskhost_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6EE2A89C-8738-416A-9495-CE81EC8D2F6E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E913F0C0-80C0-4E66-AE84-BA1D0FC4CAFF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{099EF85B-3260-4b87-9239-33355EE6A548}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323420b6-65e5-4657-8106-a27392d4d4aa}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{323420b6-65e5-4657-8106-a27392d4d4aa}

~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\scheduled update for ask toolbar"
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-codedownloader
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-enabler
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-firefoxinstaller
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-updater
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-validator
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-validator.job

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\Users\Briza\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\Briza\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Briza\appdata\locallow\myashampoo"
Failed to delete: [Folder] "C:\Program Files\linkswift"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"

~~~ FireFox

Successfully deleted the following from C:\Users\Briza\AppData\Roaming\mozilla\firefox\profiles\ofzcbymo.default\prefs.js

user_pref("extensions.crossrider.bic", "14445a9a0fbceee0508d232e5cf51787");
Emptied folder: C:\Users\Briza\AppData\Roaming\mozilla\firefox\profiles\ofzcbymo.default\minidumps [368 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 23.02.2014 at 22:03:38,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# AdwCleaner v3.019 - Report created 23/02/2014 at 22:17:56
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Briza - TRADER
# Running from : C:\Users\Briza\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
Folder Deleted : C:\Program Files\LinkSwift
Folder Deleted : C:\Program Files\TechSmith
Folder Deleted : C:\Program Files\Plus-HD-7.6
Folder Deleted : C:\Users\Briza\AppData\Local\TechSmith
Folder Deleted : C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\Extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com
File Deleted : C:\Users\Briza\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Briza\Desktop\Smart Driver Updater.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E6DD504-168A-4A84-9337-4BFF360CD020}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E6DD504-168A-4A84-9337-4BFF360CD020}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{323420B6-65E5-4657-8106-A27392D4D4AA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a29a50b7-9687-4473-9a51-e6987fa15fc7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b12ceca4-637c-4638-b748-c13b229c2191}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : HKCU\Software\LinkSwift
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-7.6
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\LinkSwift
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Plus-HD-7.6
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\prefs.js ]

Line Deleted : user_pref("extensions.LinkSwift.aul", "1393145916419");
Line Deleted : user_pref("extensions.LinkSwift.irl", true);
Line Deleted : user_pref("extensions.LinkSwift.is", "trlscz");
Line Deleted : user_pref("extensions.LinkSwift.ug", "B27D90AC-AE59-41FF-A4DA-0220AA71C2CC");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.InstallationTime", 1392681991);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.active", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.addressbar", "NA");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncdb.was_copied", "true");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncinternaldb.was_copied", "true");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.backgroundver", 1);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.changeprevious", false);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallationTime.value", "%221392681991%22");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001106%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie._GPL_aoi.value", "%221393172251%22");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie._GPL_parent_zoneid.value", "%22527802%22");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.description", "Turn YouTube videos to High Definition by default");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.domain", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.enablesearch", false);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.homepage", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.iframe", false);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%228D837D16011C4D08946159613AC69[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001106%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001106%22%2C%22sub_id%22%3A%220%2[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%228D837D16011C4D089461[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_appVer.value", "26");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_nextCheck.expiration", "Sun Feb 23 2014 23:17:23 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__global_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__global_rules.value", "%5B%7B%22rules%22%3A%7B%22delay_between_ads_in_second[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__global_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__global_rules_verion.value", "4");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__is_send_log.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__is_send_log.value", "false");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__last_daily_visit.expiration", "Mon Feb 24 2014 05:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__last_daily_visit.value", "1393172253785");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__last_impression_time.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__last_impression_time.value", "1393187524453");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__marketing_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__marketing_rules.value", "%7B%22rules%22%3A%5B%7B%22ad_type%22%3A%22siteunde[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__marketing_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__marketing_rules_verion.value", "12");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__pages_visited_count.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__pages_visited_count.value", "5");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__pagevies_count_24.1.2014.expiration", "Thu Mar 06 2014 05:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__pagevies_count_24.1.2014.value", "66");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__send_log_percent.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__send_log_percent.value", "0.0005");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__total_impressions_today.expiration", "Mon Feb 24 2014 05:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__total_impressions_today.value", "11");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__total_impressions_today_siteunder.expiration", "Mon Feb 24 2014 05:00:00 GM[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__total_impressions_today_siteunder.value", "11");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__verions_data.expiration", "Sun Feb 23 2014 23:17:32 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_LITE__verions_data.value", "%7B%22global_rules_version%22%3A4%2C%22marketing_rule[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__defualt_browser__.value", "%22ch%22");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb._country_code_.value", "%22CZ%22");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%228D837D16[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_last_executable_request.expiration", "Mon Feb 24 2014 08:50:15 GMT+[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//images.malwareremoval.[...]
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.lastDailyReport", "1393172242415");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.lastUpdate", "1393172243550");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.manifesturl", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.name", "Plus-HD-7.6");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.newtab", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.opensearch", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/50778/plugins/093/ff/plugins.json");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.pluginsversion", 22);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.publisher", "Plus HD");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.searchstatus", 0);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.setnewtab", false);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.thankyou", "");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.updateinterval", 360);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.ver", 26);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.FilesValidatorDueTime", "1393172295783");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.apps", "50778");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.bic", "14445a9a0fbceee0508d232e5cf51787");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.cid", 50778);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.firstrun", false);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.hadappinstalled", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.installationdate", 1392738149);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.modetype", "production");
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.reportInstall", true);
Line Deleted : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.statsDailyCounter", 12);

-\\ Google Chrome v33.0.1750.117

[ File : C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [22369 octets] - [23/02/2014 22:16:03]
AdwCleaner[S0].txt - [22312 octets] - [23/02/2014 22:17:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22373 octets] ##########

#4 Příspěvek od **vyosek** » 23 úno 2014 22:28

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

liceli · #5 Příspěvek od **liceli** » 23 úno 2014 23:10

Dobrý večer, posílám log.

Zoek.exe v5.0.0.0 Updated 19-February-2014
Tool run by Briza on ne 23.02.2014 at 22:32:49,50.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Briza\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.2.2014 22:34:32 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1874530476-975385563-1636237756-1000\Software\Microsoft\Internet Explorer\SearchScopes\{59173899-6F4A-4792-9EFA-A7B81730A6C3} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update LinkSwift deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update LinkSwift deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\prefs.js:
user_pref("browser.startup.homepage", "http://forum.viry.cz/viewtopic.php?f=30&t=136420");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default

user.js not found
---- Lines FFPDFArchitectConverter@pdfarchitect.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"FFPDFArchitectConverter@pdfarchitect.com\":{\"descriptor\":\"C:\\
---- FireFox user.js and prefs.js backups ----

prefs_23.02.2014_2247_.backup

==== Deleting Files \ Folders ======================

C:\Users\Briza\AppData\Roaming\Smart PC Solutions\Smart Driver Updater deleted
C:\Users\Briza\Downloads\rcpsetup_dcomnew_util_300_dcomnew_util_300.exe deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\CT2475029 deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
A9C86900D2A61728C8326FE7147617C5 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll - Google Update
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
3220B1254AEF7A191187EC03F51B3D61 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
B2576571746839180833E048AC2CCA5C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
D7EFF0B98C370E03D7E2593399D9B669 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
75A1232EAC640B782CDD2132B5271AA8 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
11EF47BE3D8A4A943E10A63870C1F2C6 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
BB7F5F4966E76578A3EC0D11C444C545 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
16112E74A62381C69456566D35F9E51E - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
BB28A86CDFFFBB041C72AD9EFEAA00D0 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
2DA7883A884BE60F9EB2810F67E0E361 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
DE5507DBA44CC5B6869205871B64A587 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
419680FCE774976FD752EB425D91AEDF - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
8322DF0F670E2E45599728AA2D4896FA - C:\Program Files\Software602\602XML\Filler\npfiller.dll - Software602 Form Filler
9A2C025C372CE6C5F36C21785E379398 - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
odpccdgkmiicgocepijnaeihjnjnomca - C:\Program Files\LinkSwift\odpccdgkmiicgocepijnaeihjnjnomca.crx[]

Seznam LiĹˇtiÄŤka - Email - Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam LiĹˇtiÄŤka - SlovnĂk - Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Plus-HD-7.6 - Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpkonlbialedjgeegikdallckpnliboc
AdBlock - Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Chrome Fix ======================

C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpkonlbialedjgeegikdallckpnliboc deleted successfully
C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fpkonlbialedjgeegikdallckpnliboc_0.localstorage deleted successfully
C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fpkonlbialedjgeegikdallckpnliboc_0.localstorage-journal deleted successfully
C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fpkonlbialedjgeegikdallckpnliboc_0 deleted successfully
C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fpkonlbialedjgeegikdallckpnliboc deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\odpccdgkmiicgocepijnaeihjnjnomca deleted successfully

==== Empty IE Cache ======================

C:\Users\Briza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Briza\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Briza\AppData\Local\Mozilla\Firefox\Profiles\ofzcbymo.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=181 folders=37 95170303 bytes)

==== Empty Temp Folders ======================

C:\Users\Briza\AppData\Local\temp will be emptied at reboot
C:\Users\Classic .NET AppPool\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Users\CLASSI~1.NET\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Briza\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 23.02.2014 at 23:04:28,51 ======================

#6 Příspěvek od **vyosek** » 24 úno 2014 08:04

Dejte log dle tohoto http://forum.viry.cz/viewtopic.php?f=30&t=133101

liceli · #7 Příspěvek od **liceli** » 24 úno 2014 09:01

Dobré ráno, posílám požadovaný log.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2014 02
Ran by Briza (administrator) on TRADER on 24-02-2014 08:49:57
Running from C:\Users\Briza\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files\All History Cleaner\HSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(Teruten) C:\Windows\system32\FsUsbExService.Exe
(Microsoft Corporation) C:\Windows\system32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\system32\mqtgsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [KeePass 2 PreLoad] - C:\Program Files\KeePass Password Safe 2\KeePass.exe [2010624 2013-07-20] (Dominik Reichl)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Briza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.98.231.66 10.98.0.202

FireFox:
========
FF ProfilePath: C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Seznam
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-02-18]
FF Extension: Adblock Plus - C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-23]
CHR Extension: (Disk Google) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-23]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-02-23]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-02-18]
CHR Extension: (YouTube) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-23]
CHR Extension: (Peněženka Google) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-02-18]
CHR Extension: (Gmail) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-23]

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [310272 2012-06-01] (Microsoft Corporation)
R2 HSService; C:\Program Files\All History Cleaner\HSService.exe [293664 2012-08-28] ()
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-14] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [126464 2010-11-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 TipCtrl; C:\Program Files\uTIPu\TipCtrl.exe [318144 2010-09-28] (Utipu inc.)
S2 HPSLPSVC; C:\Users\Briza\AppData\Local\temp\7zS1367\hpslpsvc32.dll [X]

==================== Drivers (Whitelisted) ====================

R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [98816 2013-04-24] (Gemalto)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-18] (Duplex Secure Ltd.)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [136904 2013-04-03] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [17864 2013-04-03] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [153672 2013-04-03] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()
U3 acaw3czk; C:\Windows\system32\Drivers\acaw3czk.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 CFcatchme; \??\C:\Users\Briza\AppData\Local\Temp\CFcatchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-24 08:49 - 2014-02-24 08:50 - 00015685 _____ () C:\Users\Briza\Desktop\FRST.txt
2014-02-24 08:48 - 2014-02-24 08:49 - 00000000 ____D () C:\FRST
2014-02-24 08:47 - 2014-02-24 08:46 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe
2014-02-24 08:45 - 2014-02-24 08:46 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Downloads\FRSTLauncher.exe
2014-02-24 08:45 - 2014-02-24 08:45 - 01144320 _____ (Farbar) C:\Users\Briza\Desktop\FRST.exe
2014-02-24 06:12 - 2014-02-24 05:56 - 00027029 _____ () C:\Users\Briza\Desktop\Indicator (1).zip
2014-02-24 05:56 - 2014-02-24 05:56 - 00027029 _____ () C:\Users\Briza\Downloads\Indicator (1).zip
2014-02-23 23:03 - 2014-02-23 23:03 - 00000328 _____ () C:\Windows\PFRO.log
2014-02-23 22:50 - 2014-02-23 22:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-23 22:34 - 2014-02-23 23:04 - 00013197 _____ () C:\zoek-results.log
2014-02-23 22:32 - 2014-02-23 22:48 - 00000000 ____D () C:\zoek_backup
2014-02-23 22:30 - 2014-02-23 22:30 - 01284608 _____ () C:\Users\Briza\Desktop\zoek.exe
2014-02-23 22:15 - 2014-02-23 22:24 - 00000000 ____D () C:\AdwCleaner
2014-02-23 22:03 - 2014-02-23 22:03 - 00006623 _____ () C:\Users\Briza\Desktop\JRT.txt
2014-02-23 22:00 - 2014-02-23 22:00 - 01241834 _____ () C:\Users\Briza\Desktop\adwcleaner.exe
2014-02-23 22:00 - 2014-02-23 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 21:59 - 2014-02-23 21:59 - 01037734 _____ (Thisisu) C:\Users\Briza\Desktop\JRT.exe
2014-02-23 20:51 - 2014-02-23 20:56 - 00000000 ____D () C:\rsit
2014-02-23 20:50 - 2014-02-23 20:50 - 00781383 _____ () C:\Users\Briza\Desktop\RSIT.exe
2014-02-23 20:26 - 2014-02-24 06:21 - 00000280 _____ () C:\Windows\setupact.log
2014-02-23 20:26 - 2014-02-23 20:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 09:16 - 2014-02-23 09:17 - 04721920 _____ (Piriform Ltd) C:\Users\Briza\Downloads\ccsetup410.exe
2014-02-21 08:54 - 2014-02-21 15:51 - 00011543 _____ () C:\Users\Briza\Desktop\odkouřeníTurbo,Schinkmann.xlsx
2014-02-21 08:54 - 2014-02-21 08:54 - 00000969 _____ () C:\Users\Briza\Downloads\export-21-02-2014_08-54-13-196836b2a72c1b6b6e70e7d56954119b.xls
2014-02-18 21:18 - 2014-02-18 21:18 - 00000000 ____D () C:\Users\Briza\Documents\PŘÍPRAVA 03 2014
2014-02-18 01:07 - 2014-02-24 06:27 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\Seznam.cz
2014-02-18 01:07 - 2014-02-18 01:07 - 00000000 ____D () C:\Program Files\Seznam.cz
2014-02-18 01:05 - 2014-02-18 01:05 - 00001896 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-18 01:04 - 2014-02-18 01:04 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-02-16 20:09 - 2014-02-16 20:09 - 00000000 ____D () C:\Program Files\D4
2014-02-16 20:07 - 2014-02-16 20:07 - 00299008 _____ () C:\Users\Briza\Downloads\d4time531.msi
2014-02-15 21:55 - 2014-02-15 21:55 - 00014539 _____ () C:\Users\Briza\Desktop\dValueArea7.zip
2014-02-15 21:50 - 2014-02-15 21:50 - 00024830 _____ () C:\Users\Briza\Desktop\ALTOAreasOfBusiness.zip
2014-02-15 21:50 - 2014-02-15 21:50 - 00016213 _____ () C:\Users\Briza\Desktop\ALTOAreaOfBussines1.2.zip
2014-02-15 21:49 - 2014-02-15 21:49 - 00012033 _____ () C:\Users\Briza\Desktop\GomVolumeLadder3.4.zip
2014-02-15 21:47 - 2014-02-15 21:47 - 00031072 _____ () C:\Users\Briza\Desktop\GomBaseAndDeltaPackage.2.5.zip
2014-02-15 21:37 - 2014-02-15 21:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 15:00 - 2014-02-15 15:00 - 00000000 ____D () C:\Users\Briza\Documents\Ninja_Mirus_2014
2014-02-15 14:55 - 2014-02-19 10:39 - 00000000 ____D () C:\Users\Briza\Documents\NinjaTrader 7
2014-02-15 14:55 - 2014-02-15 14:55 - 00002585 _____ () C:\Users\Public\Desktop\NinjaTrader 7.lnk
2014-02-15 14:55 - 2014-02-15 14:55 - 00000000 ____D () C:\Users\Briza\Documents\NinjaTrader Backup
2014-02-15 14:55 - 2014-02-15 14:55 - 00000000 ____D () C:\Program Files\NinjaTrader 7
2014-02-15 14:50 - 2014-02-15 14:51 - 53218816 _____ () C:\Users\Briza\Downloads\NinjaTrader.Install (1).msi
2014-02-14 06:57 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 06:57 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 06:57 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 06:57 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 06:57 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 06:57 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 06:57 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 06:57 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 06:57 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 06:57 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 06:57 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 06:57 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 06:57 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 06:57 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 06:57 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 06:57 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 06:57 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 06:57 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 06:57 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 06:57 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 06:57 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 06:37 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 06:05 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 06:05 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 06:05 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 06:04 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 06:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 06:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 06:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 06:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 06:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 06:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 06:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 06:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 06:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 06:04 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 15:14 - 2014-02-12 15:14 - 01413939 _____ () C:\Users\Briza\Desktop\Nová složka.7z
2014-02-11 10:46 - 2014-02-11 10:47 - 00023899 _____ () C:\Users\Briza\Documents\ES 03-14.20140211.Binary.dat
2014-02-11 10:46 - 2014-02-11 10:47 - 00008029 _____ () C:\Users\Briza\Documents\YM 03-14.20140211.Binary.dat
2014-02-11 10:46 - 2014-02-11 10:47 - 00006821 _____ () C:\Users\Briza\Documents\NQ 03-14.20140211.Binary.dat
2014-02-11 10:34 - 2014-02-11 10:46 - 00714595 _____ () C:\Users\Briza\Documents\ES 03-14.20140210.Binary.dat
2014-02-11 10:34 - 2014-02-11 10:46 - 00283986 _____ () C:\Users\Briza\Documents\NQ 03-14.20140210.Binary.dat
2014-02-11 10:34 - 2014-02-11 10:46 - 00176320 _____ () C:\Users\Briza\Documents\YM 03-14.20140210.Binary.dat
2014-02-08 18:07 - 2014-02-08 18:07 - 00410304 _____ () C:\Users\Briza\Downloads\Akumulační_nádrže[1].one
2014-02-04 22:15 - 2014-02-04 22:18 - 63904641 _____ () C:\Users\Briza\Downloads\Vítr to ví (Blowing in the wind) - W. Matuška.mp4
2014-02-03 13:33 - 2014-02-08 16:51 - 00000000 ____D () C:\Users\Briza\Desktop\Foto,Sam,3,2,2014
2014-02-03 08:18 - 2014-02-03 08:18 - 00000000 ____D () C:\Users\Briza\Desktop\Mobilní dům
2014-01-31 16:53 - 2014-01-31 16:56 - 00000000 ____D () C:\Users\Briza\Desktop\David,foto,Praha
2014-01-30 18:36 - 2014-01-30 18:36 - 04454912 _____ () C:\Users\Briza\Desktop\bez názvu.msg
2014-01-25 20:36 - 2014-01-25 20:36 - 01069512 _____ (Solid State Networks) C:\Users\Briza\Downloads\install_flashplayer12x32au_mssa_awc_aih.exe

==================== One Month Modified Files and Folders =======

2014-02-24 08:50 - 2014-02-24 08:49 - 00015685 _____ () C:\Users\Briza\Desktop\FRST.txt
2014-02-24 08:49 - 2014-02-24 08:48 - 00000000 ____D () C:\FRST
2014-02-24 08:46 - 2014-02-24 08:47 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe
2014-02-24 08:46 - 2014-02-24 08:45 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Downloads\FRSTLauncher.exe
2014-02-24 08:45 - 2014-02-24 08:45 - 01144320 _____ (Farbar) C:\Users\Briza\Desktop\FRST.exe
2014-02-24 08:37 - 2012-04-03 05:38 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 08:28 - 2013-10-11 13:11 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 07:38 - 2011-03-10 21:25 - 01271437 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 06:33 - 2013-01-10 20:05 - 00000000 ____D () C:\Program Files\All History Cleaner
2014-02-24 06:30 - 2009-07-14 05:34 - 00011152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 06:30 - 2009-07-14 05:34 - 00011152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 06:27 - 2014-02-18 01:07 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\Seznam.cz
2014-02-24 06:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2014-02-24 06:22 - 2013-10-11 13:11 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 06:21 - 2014-02-23 20:26 - 00000280 _____ () C:\Windows\setupact.log
2014-02-24 06:21 - 2011-05-10 19:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-24 06:21 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 05:56 - 2014-02-24 06:12 - 00027029 _____ () C:\Users\Briza\Desktop\Indicator (1).zip
2014-02-24 05:56 - 2014-02-24 05:56 - 00027029 _____ () C:\Users\Briza\Downloads\Indicator (1).zip
2014-02-24 05:30 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-24 05:25 - 2011-03-10 22:02 - 01685034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-23 23:04 - 2014-02-23 22:34 - 00013197 _____ () C:\zoek-results.log
2014-02-23 23:03 - 2014-02-23 23:03 - 00000328 _____ () C:\Windows\PFRO.log
2014-02-23 22:48 - 2014-02-23 22:32 - 00000000 ____D () C:\zoek_backup
2014-02-23 22:47 - 2013-08-27 08:22 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\Smart PC Solutions
2014-02-23 22:32 - 2014-02-23 22:50 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-23 22:30 - 2014-02-23 22:30 - 01284608 _____ () C:\Users\Briza\Desktop\zoek.exe
2014-02-23 22:24 - 2014-02-23 22:15 - 00000000 ____D () C:\AdwCleaner
2014-02-23 22:03 - 2014-02-23 22:03 - 00006623 _____ () C:\Users\Briza\Desktop\JRT.txt
2014-02-23 22:00 - 2014-02-23 22:00 - 01241834 _____ () C:\Users\Briza\Desktop\adwcleaner.exe
2014-02-23 22:00 - 2014-02-23 22:00 - 00000000 ____D () C:\Windows\ERUNT
2014-02-23 21:59 - 2014-02-23 21:59 - 01037734 _____ (Thisisu) C:\Users\Briza\Desktop\JRT.exe
2014-02-23 20:56 - 2014-02-23 20:51 - 00000000 ____D () C:\rsit
2014-02-23 20:51 - 2013-02-25 13:41 - 00000000 ____D () C:\Program Files\trend micro
2014-02-23 20:50 - 2014-02-23 20:50 - 00781383 _____ () C:\Users\Briza\Desktop\RSIT.exe
2014-02-23 20:26 - 2014-02-23 20:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-23 17:17 - 2012-12-16 18:09 - 00000000 ____D () C:\Users\Briza\Desktop\smazat
2014-02-23 09:45 - 2009-07-14 05:53 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-23 09:28 - 2011-05-28 11:21 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\DAEMON Tools Lite
2014-02-23 09:28 - 2011-04-17 14:17 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\Media Player Classic
2014-02-23 09:27 - 2013-08-19 05:38 - 00000000 ____D () C:\Windows\Minidump
2014-02-23 09:27 - 2011-03-10 21:20 - 00000000 ____D () C:\Windows\Panther
2014-02-23 09:17 - 2014-02-23 09:16 - 04721920 _____ (Piriform Ltd) C:\Users\Briza\Downloads\ccsetup410.exe
2014-02-23 09:17 - 2013-10-06 08:10 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-23 09:17 - 2013-10-06 08:10 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 20:37 - 2012-04-03 05:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-21 20:37 - 2011-09-26 04:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 15:51 - 2014-02-21 08:54 - 00011543 _____ () C:\Users\Briza\Desktop\odkouřeníTurbo,Schinkmann.xlsx
2014-02-21 08:54 - 2014-02-21 08:54 - 00000969 _____ () C:\Users\Briza\Downloads\export-21-02-2014_08-54-13-196836b2a72c1b6b6e70e7d56954119b.xls
2014-02-19 20:41 - 2012-01-01 08:37 - 00000000 ____D () C:\RTSStavitel
2014-02-19 18:39 - 2013-12-24 15:31 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-19 10:39 - 2014-02-15 14:55 - 00000000 ____D () C:\Users\Briza\Documents\NinjaTrader 7
2014-02-18 21:18 - 2014-02-18 21:18 - 00000000 ____D () C:\Users\Briza\Documents\PŘÍPRAVA 03 2014
2014-02-18 01:07 - 2014-02-18 01:07 - 00000000 ____D () C:\Program Files\Seznam.cz
2014-02-18 01:05 - 2014-02-18 01:05 - 00001896 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-02-18 01:05 - 2011-05-28 11:21 - 00324096 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-02-18 01:04 - 2014-02-18 01:04 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-02-17 05:22 - 2012-04-26 08:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-16 20:09 - 2014-02-16 20:09 - 00000000 ____D () C:\Program Files\D4
2014-02-16 20:07 - 2014-02-16 20:07 - 00299008 _____ () C:\Users\Briza\Downloads\d4time531.msi
2014-02-15 21:55 - 2014-02-15 21:55 - 00014539 _____ () C:\Users\Briza\Desktop\dValueArea7.zip
2014-02-15 21:50 - 2014-02-15 21:50 - 00024830 _____ () C:\Users\Briza\Desktop\ALTOAreasOfBusiness.zip
2014-02-15 21:50 - 2014-02-15 21:50 - 00016213 _____ () C:\Users\Briza\Desktop\ALTOAreaOfBussines1.2.zip
2014-02-15 21:49 - 2014-02-15 21:49 - 00012033 _____ () C:\Users\Briza\Desktop\GomVolumeLadder3.4.zip
2014-02-15 21:47 - 2014-02-15 21:47 - 00031072 _____ () C:\Users\Briza\Desktop\GomBaseAndDeltaPackage.2.5.zip
2014-02-15 21:38 - 2014-02-15 21:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-15 15:00 - 2014-02-15 15:00 - 00000000 ____D () C:\Users\Briza\Documents\Ninja_Mirus_2014
2014-02-15 14:55 - 2014-02-15 14:55 - 00002585 _____ () C:\Users\Public\Desktop\NinjaTrader 7.lnk
2014-02-15 14:55 - 2014-02-15 14:55 - 00000000 ____D () C:\Users\Briza\Documents\NinjaTrader Backup
2014-02-15 14:55 - 2014-02-15 14:55 - 00000000 ____D () C:\Program Files\NinjaTrader 7
2014-02-15 14:51 - 2014-02-15 14:50 - 53218816 _____ () C:\Users\Briza\Downloads\NinjaTrader.Install (1).msi
2014-02-14 09:05 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-14 06:52 - 2013-07-18 05:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 06:44 - 2011-03-10 23:37 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 15:14 - 2014-02-12 15:14 - 01413939 _____ () C:\Users\Briza\Desktop\Nová složka.7z
2014-02-11 10:47 - 2014-02-11 10:46 - 00023899 _____ () C:\Users\Briza\Documents\ES 03-14.20140211.Binary.dat
2014-02-11 10:47 - 2014-02-11 10:46 - 00008029 _____ () C:\Users\Briza\Documents\YM 03-14.20140211.Binary.dat
2014-02-11 10:47 - 2014-02-11 10:46 - 00006821 _____ () C:\Users\Briza\Documents\NQ 03-14.20140211.Binary.dat
2014-02-11 10:46 - 2014-02-11 10:34 - 00714595 _____ () C:\Users\Briza\Documents\ES 03-14.20140210.Binary.dat
2014-02-11 10:46 - 2014-02-11 10:34 - 00283986 _____ () C:\Users\Briza\Documents\NQ 03-14.20140210.Binary.dat
2014-02-11 10:46 - 2014-02-11 10:34 - 00176320 _____ () C:\Users\Briza\Documents\YM 03-14.20140210.Binary.dat
2014-02-10 19:26 - 2011-04-25 19:16 - 00000000 ____D () C:\Users\Briza\Documents\3_____Zdraví
2014-02-08 18:07 - 2014-02-08 18:07 - 00410304 _____ () C:\Users\Briza\Downloads\Akumulační_nádrže[1].one
2014-02-08 16:51 - 2014-02-03 13:33 - 00000000 ____D () C:\Users\Briza\Desktop\Foto,Sam,3,2,2014
2014-02-08 15:52 - 2011-05-04 07:49 - 00000000 ____D () C:\Users\Briza\AppData\Local\Paint.NET
2014-02-06 11:38 - 2014-02-14 06:57 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-14 06:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-14 06:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-14 06:57 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-14 06:57 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 06:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-14 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 06:57 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-14 06:57 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-14 06:57 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-14 06:57 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-14 06:57 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-14 06:57 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-14 06:57 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:25 - 2014-02-14 06:57 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:13 - 2014-02-14 06:57 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 06:57 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 06:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-14 06:57 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-14 06:57 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-14 06:57 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-04 22:18 - 2014-02-04 22:15 - 63904641 _____ () C:\Users\Briza\Downloads\Vítr to ví (Blowing in the wind) - W. Matuška.mp4
2014-02-04 17:05 - 2014-01-16 07:37 - 00000000 ____D () C:\_EKUS,dokumenty
2014-02-03 13:30 - 2011-04-05 20:38 - 00000000 ____D () C:\Users\Briza\Documents\1____LIPOTOP
2014-02-03 08:18 - 2014-02-03 08:18 - 00000000 ____D () C:\Users\Briza\Desktop\Mobilní dům
2014-01-31 16:56 - 2014-01-31 16:53 - 00000000 ____D () C:\Users\Briza\Desktop\David,foto,Praha
2014-01-30 18:36 - 2014-01-30 18:36 - 04454912 _____ () C:\Users\Briza\Desktop\bez názvu.msg
2014-01-27 12:08 - 2013-11-14 09:57 - 00000000 ____D () C:\Users\Briza\Desktop\Platební příkazy
2014-01-25 20:36 - 2014-01-25 20:36 - 01069512 _____ (Solid State Networks) C:\Users\Briza\Downloads\install_flashplayer12x32au_mssa_awc_aih.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Briza\Desktop" je 6020 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenshot Captor
"C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe" /autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Driver Updater
C:\Program Files\Smart PC Solutions\Smart Driver Updater\SDULauncher.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 24 úno 2014 11:07

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [] - [X]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Briza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

S2 HPSLPSVC; C:\Users\Briza\AppData\Local\temp\7zS1367\hpslpsvc32.dll [X]
S3 CFcatchme; \??\C:\Users\Briza\AppData\Local\Temp\CFcatchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

2014-02-24 08:47 - 2014-02-24 08:46 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe
2014-02-24 08:45 - 2014-02-24 08:46 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Downloads\FRSTLauncher.exe
2014-02-23 22:50 - 2014-02-23 22:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-23 22:34 - 2014-02-23 23:04 - 00013197 _____ () C:\zoek-results.log
2014-02-23 22:32 - 2014-02-23 22:48 - 00000000 ____D () C:\zoek_backup
2014-02-23 22:30 - 2014-02-23 22:30 - 01284608 _____ () C:\Users\Briza\Desktop\zoek.exe
2014-02-23 22:03 - 2014-02-23 22:03 - 00006623 _____ () C:\Users\Briza\Desktop\JRT.txt
2014-02-23 22:00 - 2014-02-23 22:00 - 01241834 _____ () C:\Users\Briza\Desktop\adwcleaner.exe
2014-02-23 21:59 - 2014-02-23 21:59 - 01037734 _____ (Thisisu) C:\Users\Briza\Desktop\JRT.exe
2014-02-23 20:50 - 2014-02-23 20:50 - 00781383 _____ () C:\Users\Briza\Desktop\RSIT.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe


REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenshot Captor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Driver Updater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

liceli · #9 Příspěvek od **liceli** » 24 úno 2014 13:31

Dobrý den, děkuji a posílám log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-02-2014 02
Ran by Briza at 2014-02-24 13:08:34 Run:1
Running from C:\Users\Briza\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [] - [X]
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845168 2013-12-11] (Samsung)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-12-11] (Samsung)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Briza\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Briza\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

S2 HPSLPSVC; C:\Users\Briza\AppData\Local\temp\7zS1367\hpslpsvc32.dll [X]
S3 CFcatchme; \??\C:\Users\Briza\AppData\Local\Temp\CFcatchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]

2014-02-24 08:47 - 2014-02-24 08:46 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe
2014-02-24 08:45 - 2014-02-24 08:46 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Downloads\FRSTLauncher.exe
2014-02-23 22:50 - 2014-02-23 22:32 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-02-23 22:34 - 2014-02-23 23:04 - 00013197 _____ () C:\zoek-results.log
2014-02-23 22:32 - 2014-02-23 22:48 - 00000000 ____D () C:\zoek_backup
2014-02-23 22:30 - 2014-02-23 22:30 - 01284608 _____ () C:\Users\Briza\Desktop\zoek.exe
2014-02-23 22:03 - 2014-02-23 22:03 - 00006623 _____ () C:\Users\Briza\Desktop\JRT.txt
2014-02-23 22:00 - 2014-02-23 22:00 - 01241834 _____ () C:\Users\Briza\Desktop\adwcleaner.exe
2014-02-23 21:59 - 2014-02-23 21:59 - 01037734 _____ (Thisisu) C:\Users\Briza\Desktop\JRT.exe
2014-02-23 20:50 - 2014-02-23 20:50 - 00781383 _____ () C:\Users\Briza\Desktop\RSIT.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenshot Captor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Driver Updater" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} => Key deleted successfully.
HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711} => Key deleted successfully.
HPSLPSVC => Service deleted successfully.
CFcatchme => Service deleted successfully.
dgderdrv => Service deleted successfully.
DgiVecp => Service deleted successfully.
C:\Users\Briza\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Briza\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Briza\Desktop\zoek.exe => Moved successfully.
C:\Users\Briza\Desktop\JRT.txt => Moved successfully.
C:\Users\Briza\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Briza\Desktop\JRT.exe => Moved successfully.
C:\Users\Briza\Desktop\RSIT.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Screenshot Captor" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Driver Updater" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 25 úno 2014 13:14

Jak se chova PC???

liceli · #11 Příspěvek od **liceli** » 25 úno 2014 14:06

Dobrý den,
PC je podle chování v pořádku. Jen mě obtěžuje vždy když ho ránu zapnu, tak běží pevný disk a PC je pomalé. Zdá se mi, že neustále stahuje nějaké aktualizace. Pokaždé, když ho jdu vypínat, tak na tlačítku vypnout svítí vykřičník. Když koukám do správce úloh, tak tam žádné spuštěné aplikace nevidím, ale disk se točí.
Děkuji

#12 Příspěvek od **vyosek** » 25 úno 2014 21:46

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

@echo off
net stop bits
net stop /s wuauserv
regsvr32 /u wuaueng.dll /s
del /f /s /q %windir%\SoftwareDistribution\*.*
del /f /s /q %windir%\windowsupdate.log
regsvr32 wuaueng.dll /s
net start bits
net start wuauserv
wuauclt.exe /resetauthorization /detectnow

Soubor ulozte jako del.bat
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem del.bat
Okno jen problikne a provede mazani - soubor muzete smazat

Restart PC a zkuste nainstalovat znovu aktualizace

VIRY.CZ

Prosba o kontrolu - otevírají se nežádoucí okna v prohlížeči

Prosba o kontrolu - otevírají se nežádoucí okna v prohlížeči

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí

Re: Prosba o kontrolu - otevírají se nežádoucí okna v prohlí