Extrémne spomalený notebook

Zpráva

psychoSVK · #1 Příspěvek od **psychoSVK** » 05 bře 2014 11:24

Zdravím dostal sa mi do rúk starší notebook, v ktorom je kvantum bordelu a je extrémne spomalený.

Logfile of random's system information tool 1.08 (written by random/random)
Run by zdenoz at 2014-02-26 23:35:30
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (15%) free of 183 GB
Total RAM: 2046 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:36:04, on 26.02.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\FILSHtray\FILSHtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\explorer.exe
C:\Users\zdenoz\Desktop\RSIT-1.06.exe
C:\Program Files\trend micro\zdenoz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10641A& ... =2-263&t=6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [FILSHtray] "C:\Program Files\FILSHtray\FILSHtray.exe"
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\zdenoz\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12395 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cee96d70d04f1d.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf322b449304f0.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-25 4669440]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-09-19 311296]
"MarketingTools"=C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2007-11-22 36864]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"Skytel"=C:\Windows\Skytel.exe [2007-08-25 1826816]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-16 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-16 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-16 81920]
"FILSHtray"=C:\Program Files\FILSHtray\FILSHtray.exe [2011-12-16 596992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2007-09-20 253952]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-06-03 19603048]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe"="C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-02-26 23:35:31 ----D---- C:\Program Files\trend micro
2014-02-26 23:35:30 ----D---- C:\rsit
2014-02-26 23:10:19 ----D---- C:\Windows\Migration
2014-02-26 23:10:11 ----SHD---- C:\Config.Msi
2014-02-26 03:02:43 ----A---- C:\Windows\system32\vbscript.dll
2014-02-26 03:02:43 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-26 03:02:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-26 03:02:41 ----A---- C:\Windows\system32\ieui.dll
2014-02-26 03:02:40 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-26 03:02:40 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-26 03:02:39 ----A---- C:\Windows\system32\wininet.dll
2014-02-26 03:02:39 ----A---- C:\Windows\system32\jscript.dll
2014-02-26 03:02:37 ----A---- C:\Windows\system32\url.dll
2014-02-26 03:02:37 ----A---- C:\Windows\system32\jscript9.dll
2014-02-26 03:02:36 ----A---- C:\Windows\system32\iertutil.dll
2014-02-26 03:02:35 ----A---- C:\Windows\system32\urlmon.dll
2014-02-26 03:02:34 ----A---- C:\Windows\system32\ieframe.dll
2014-02-26 03:02:31 ----A---- C:\Windows\system32\mshtml.dll
2014-02-25 14:08:37 ----D---- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2014-02-25 14:07:04 ----A---- C:\Windows\system32\wscript.exe
2014-02-25 14:07:04 ----A---- C:\Windows\system32\cscript.exe
2014-02-25 14:07:03 ----A---- C:\Windows\system32\wshcon.dll
2014-02-25 14:07:03 ----A---- C:\Windows\system32\scrrun.dll
2014-02-25 14:07:00 ----A---- C:\Windows\system32\win32k.sys
2014-02-25 14:06:57 ----A---- C:\Windows\system32\msxml3.dll
2014-02-25 14:06:56 ----A---- C:\Windows\system32\SysFxUI.dll
2014-02-25 14:06:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-02-25 14:06:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-02-25 14:06:54 ----A---- C:\Windows\system32\imagehlp.dll
2014-02-25 13:46:04 ----A---- C:\AVScanner.ini
2014-02-25 13:40:45 ----D---- C:\Program Files\CCleaner
2014-02-25 13:33:41 ----D---- C:\ProgramData\2961
2014-01-16 01:40:14 ----A---- C:\SecurityScanner.dll

======List of files/folders modified in the last 3 months======

2014-02-26 23:35:46 ----D---- C:\Windows\Temp
2014-02-26 23:35:31 ----RD---- C:\Program Files
2014-02-26 23:34:35 ----D---- C:\Windows\System32
2014-02-26 23:34:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-26 23:31:03 ----D---- C:\Windows\Microsoft.NET
2014-02-26 23:31:02 ----RSD---- C:\Windows\assembly
2014-02-26 23:28:28 ----D---- C:\Users\zdenoz\AppData\Roaming\Skype
2014-02-26 23:25:26 ----D---- C:\ProgramData\TorchCrashHandler
2014-02-26 23:21:40 ----D---- C:\Windows
2014-02-26 23:21:25 ----D---- C:\Windows\system32\migration
2014-02-26 23:21:22 ----D---- C:\Program Files\Internet Explorer
2014-02-26 23:21:15 ----D---- C:\Windows\system32\drivers
2014-02-26 23:21:14 ----D---- C:\Windows\system32\RTCOM
2014-02-26 23:21:08 ----D---- C:\Windows\inf
2014-02-26 23:19:58 ----D---- C:\Windows\winsxs
2014-02-26 23:19:36 ----SHD---- C:\Windows\Installer
2014-02-26 23:16:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-26 23:11:20 ----D---- C:\Windows\system32\en-US
2014-02-26 23:10:19 ----SD---- C:\ProgramData\Microsoft
2014-02-26 03:11:30 ----D---- C:\Windows\system32\MRT
2014-02-26 03:04:51 ----D---- C:\Windows\system32\catroot
2014-02-26 03:03:49 ----D---- C:\Windows\system32\catroot2
2014-02-26 03:01:34 ----SHD---- C:\System Volume Information
2014-02-25 14:20:22 ----HD---- C:\ProgramData
2014-02-25 14:20:21 ----D---- C:\Program Files\Google
2014-02-25 14:12:43 ----D---- C:\Windows\Tasks
2014-02-25 14:05:51 ----D---- C:\Program Files\iMesh Applications
2014-02-25 14:04:13 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-02-25 14:00:11 ----SHD---- C:\Windows\system32\AI_RecycleBin
2014-02-25 13:58:54 ----D---- C:\Program Files\Mozilla Firefox
2014-02-25 13:57:48 ----D---- C:\ProgramData\YAHOO
2014-02-25 13:57:42 ----D---- C:\Program Files\Yahoo!
2014-02-25 13:56:49 ----D---- C:\Program Files\Common Files
2014-02-25 13:54:01 ----D---- C:\Big Fish Games
2014-02-25 13:52:13 ----D---- C:\Program Files\BearShare Applications
2014-02-25 13:44:30 ----D---- C:\ProgramData\Google
2014-02-25 13:40:54 ----D---- C:\Windows\system32\Tasks
2014-02-25 13:38:40 ----D---- C:\Windows\Prefetch
2014-02-04 19:09:42 ----A---- C:\Windows\system32\mrt.exe
2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-27 17:33:56 ----D---- C:\Program Files\Picasa2
2013-11-27 16:45:44 ----D---- C:\Windows\rescache
2013-11-27 15:19:09 ----D---- C:\Windows\system32\de-DE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-01 277784]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-10-26 43872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2009-05-27 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-09-19 10216]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-10-25 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-25 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2009-05-27 52056]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-10-25 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-10-25 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-25 1841312]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-16 7626400]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-10-25 659968]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-25 246784]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-15 705024]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG-Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver; C:\Windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-26 128104]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2007-09-20 204800]
R2 TorchCrashHandler;Torch Crash Handler; C:\Users\zdenoz\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-06-20 1205088]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2007-08-28 192512]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2007-08-28 131072]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-25 386560]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2007-06-28 274432]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-20 136176]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26 257928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-20 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-06-28 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2007-06-20 2523136]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-06-20 499712]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-09-20 79136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLBrowser;SQL Server-Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 05 bře 2014 14:19

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

psychoSVK · #3 Příspěvek od **psychoSVK** » 05 bře 2014 14:51

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by zdenoz on 05.03.2014 at 14:50:01,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

Successfully stopped: [Service] torchcrashhandler
Successfully deleted: [Service] torchcrashhandler

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\torchcrashhandler"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\imeshbandmltbpi"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\mediabarim"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Program Files\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"

~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\imeshwebsearch.xml"
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\search_results.xml"
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\searchplugins\imeshwebsearch.xml
Successfully deleted: [File] C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\searchplugins\searchresults.xml
Failed to delete: [Folder] "C:\Program Files\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted the following from C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\prefs.js

user_pref("browser.search.defaultenginename", "Search Results");
user_pref("browser.search.order.1", "Search Results");
user_pref("browser.search.selectedEngine", "Search Results");
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10641A&gct=hp&d=2-263&t=6");
user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=263&systemid=2&apn_dtid=IME0022&apn_ptnrs=AG2&apn_uid=3450839616254456&o=APN10641&q=");
Emptied folder: C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\minidumps [4 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\zdenoz\appdata\local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.03.2014 at 14:55:08,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

psychoSVK · #4 Příspěvek od **psychoSVK** » 05 bře 2014 15:20

# AdwCleaner v3.020 - Bericht erstellt am 05/03/2014 um 15:16:53
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : zdenoz - ZDENOZ-PC
# Gestartet von : C:\Users\zdenoz\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\iMesh Applications
Ordner Gelöscht : C:\Users\zdenoz\AppData\Local\iMesh
Ordner Gelöscht : C:\Users\zdenoz\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\zdenoz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Ordner Gelöscht : C:\Users\zdenoz\Documents\iMesh
Ordner Gelöscht : C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\mediabarim
Ordner Gelöscht : C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Datei Gelöscht : C:\Users\zdenoz\Desktop\eBay.lnk
Datei Gelöscht : C:\Program Files\Mozilla Firefox\.autoreg
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml

***** [ Verknüpfungen ] *****

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15A0413E-9F45-4D45-9A75-2C20B15B5B51}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15A0413E-9F45-4D45-9A75-2C20B15B5B51}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15A0413E-9F45-4D45-9A75-2C20B15B5B51}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Schlüssel Gelöscht : HKCU\Software\Imesh
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\iMeshMediabarTb
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\mediabarim
Schlüssel Gelöscht : HKLM\Software\iMeshMediabarTb
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh 1 MediaBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh MediaBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16533

-\\ Mozilla Firefox v3.0.3 (de)

[ Datei : C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\prefs.js ]

-\\ Google Chrome v31.0.1650.57

[ Datei : C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [4577 octets] - [05/03/2014 14:58:29]
AdwCleaner[S0].txt - [4448 octets] - [05/03/2014 15:16:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4508 octets] ##########

#5 Příspěvek od **vyosek** » 06 bře 2014 00:14

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

psychoSVK · #6 Příspěvek od **psychoSVK** » 06 bře 2014 11:00

Zoek.exe v5.0.0.0 Updated 02-March-2014
Tool run by zdenoz on 06.03.2014 at 10:38:33,97.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\zdenoz\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

06.03.2014 10:39:38 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\SearchScopes\{7A61B193-B145-4AB5-B0D4-DA6E3050D861} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA6319C0-31B7-401E-A518-A07C3DB8F777} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA6319C0-31B7-401E-A518-A07C3DB8F777} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{CA6319C0-31B7-401E-A518-A07C3DB8F777} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\prefs.js:

Added to C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Program Files\Yahoo! deleted
C:\PROGRA~2\YAHOO deleted
C:\Users\zdenoz\Downloads\iLividSetup.exe deleted
C:\Users\zdenoz\Downloads\BearShareSetup-r263-n-bc.exe deleted
"C:\Program Files\Mozilla Firefox" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03.09.2009 17:18]

==== Firefox Extensions ======================

ProfilePath: C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

==== Firefox Plugins ======================

Profilepath: C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default
27F9E0201D27D1C6472285DE35898CA1 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.5 (861)
DD3733576798FBA50DF8D977D3595FCD - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.5 (861)
83D62147873E2694E0D0E24C19CCB17F - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.5 (861)
A0D862C01ACB11DE388908484D267965 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.5 (861)
4AF186D3DFE4FBE26BD1F4B0F8BD60B1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.5 (861)
FED0904155C01608D2574F9A7FD2E469 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.5 (861)
1E5E00A2E9095A3737C0BD05A56ED2E4 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.5 (861)
04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E3811F1A1C5063C941EC0E2766C3EA39 - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll - Java(TM) Platform SE 6 U2
01D39AC177934F0A5B3675FAA952393D - C:\Program Files\Java\jre1.6.0_02\bin\npjava12.dll - Java(TM) Platform SE 6 U2
794DCC4795CC04FEEC52543B71E04CDF - C:\Program Files\Java\jre1.6.0_02\bin\npjava11.dll - Java(TM) Platform SE 6 U2
1F7BF9B81A4FE5C468306BEEBD982765 - C:\Program Files\Java\jre1.6.0_02\bin\npoji610.dll - Java(TM) Platform SE 6 U2
DBECEFF44595A35267C8A388562A9D46 - C:\Program Files\Java\jre1.6.0_02\bin\npjava32.dll - Java(TM) Platform SE 6 U2
73BAAA464E8643768F808E77D819B117 - C:\Program Files\Java\jre1.6.0_02\bin\npjava14.dll - Java(TM) Platform SE 6 U2
65BD514522DA53C55CFB2AE4BE37593E - C:\Program Files\Java\jre1.6.0_02\bin\npjava13.dll - Java(TM) Platform SE 6 U2
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Picasa2\npPicasa3.dll - Picasa
7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
25D7EF6FBCE1D0723F394A498E334A9F - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll - DivX Player Netscape Plugin
0EA6140E578873053BFFD37C9EB748EC - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
99F97C9FE748C37528C338A423577FCB - C:\Users\zdenoz\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

==== Chrome Look ======================

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Page_URL"="http://www.club-vaio.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.club-vaio.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{1B0442D8-BED4-4AD6-AB72-DCA5038A195C} Google Url="http://www.google.com/search?q={searchT ... 1I7SNYK_de"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zdenoz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zdenoz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\zdenoz\AppData\Local\Mozilla\Firefox\Profiles\8qlkwq29.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=192 folders=27 31738652 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\zdenoz\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\zdenoz\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\zdenoz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files\Mozilla Firefox" not found

==== EOF on 06.03.2014 at 11:01:41,85 ======================

#7 Příspěvek od **vyosek** » 07 bře 2014 20:10

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

psychoSVK · #8 Příspěvek od **psychoSVK** » 07 bře 2014 23:58

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2014 01
Ran by zdenoz (administrator) on ZDENOZ-PC on 08-03-2014 00:01:34
Running from C:\Users\zdenoz\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Sony NSCE) C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4669440 2007-08-25] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [118784 2007-06-10] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [311296 2007-09-19] (Sony Corporation)
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [36864 2007-11-22] (Sony NSCE)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-08-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvSvc] - C:\Windows\system32\nvsvc.dll [86016 2007-11-16] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8497696 2007-11-16] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [81920 2007-11-16] (NVIDIA Corporation)
HKLM\...\Run: [FILSHtray] - C:\Program Files\FILSHtray\FILSHtray.exe [596992 2011-12-16] (FILSH Media GmbH)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\.DEFAULT\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-02-26] (Google Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [253952 2007-09-20] (Sony Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\MountPoints2: {cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} - F:\wubi.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1B0442D8-BED4-4AD6-AB72-DCA5038A195C} URL = http://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8 8.8.4.4 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\zdenoz\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-09-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-06]
CHR Extension: (Disk Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-06]
CHR Extension: (YouTube) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-05]
CHR Extension: (Hľadať v Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-05]
CHR Extension: (Peňaženka Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (Gmail) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-05]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [116040 2008-07-22] (Apple Inc.)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [204800 2007-09-20] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-08-14] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292128 2007-09-28] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
S3 SE1008mdm; C:\Windows\System32\DRIVERS\SE1008mdm.sys [58536 2009-02-18] (Sony Ericsson)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-06] (Texas Instruments)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-03-08 00:01 - 2014-03-08 00:02 - 00014975 _____ () C:\Users\zdenoz\Desktop\FRST.txt
2014-03-08 00:01 - 2014-03-08 00:01 - 00000000 ____D () C:\FRST
2014-03-08 00:00 - 2014-03-07 23:58 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:45 - 2014-03-07 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:44 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Desktop\FRST.exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:51 - 2014-03-06 10:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:39 - 2014-03-06 11:01 - 00012493 _____ () C:\zoek-results.log
2014-03-06 10:38 - 2014-03-06 10:49 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-05 14:58 - 2014-03-05 15:17 - 00000000 ____D () C:\AdwCleaner
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:48 - 2014-03-05 14:48 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 14:47 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe
2014-03-05 14:37 - 2014-03-08 00:00 - 00000830 _____ () C:\Windows\setupact.log
2014-03-05 14:37 - 2014-03-05 14:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-26 23:35 - 2014-02-26 23:36 - 00000000 ____D () C:\rsit
2014-02-26 23:35 - 2014-02-26 23:36 - 00000000 ____D () C:\Program Files\trend micro
2014-02-26 23:32 - 2014-02-26 23:32 - 00339991 _____ () C:\Users\zdenoz\Desktop\RSIT-1.06.exe
2014-02-26 03:02 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-26 03:02 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-26 03:02 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-26 03:02 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-26 03:02 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-26 03:02 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-26 03:02 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-26 03:02 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-26 03:02 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-26 03:02 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-26 03:02 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-26 03:02 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-25 14:12 - 2014-03-07 23:53 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf322b449304f0.job
2014-02-25 14:08 - 2014-02-25 14:08 - 00000000 ____D () C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2014-02-25 14:07 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-25 14:07 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-25 14:07 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-25 14:07 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-02-25 14:07 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-25 14:07 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-25 14:06 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-25 14:06 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-02-25 14:06 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-25 14:06 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-25 14:06 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-25 13:46 - 2014-02-25 13:38 - 00000426 _____ () C:\AVScanner.ini
2014-02-25 13:40 - 2014-02-25 13:40 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-25 13:40 - 2014-02-25 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-25 13:33 - 2014-02-25 13:33 - 00000000 ____D () C:\ProgramData\2961

==================== One Month Modified Files and Folders =======

2014-03-08 00:02 - 2014-03-08 00:01 - 00014975 _____ () C:\Users\zdenoz\Desktop\FRST.txt
2014-03-08 00:01 - 2014-03-08 00:01 - 00000000 ____D () C:\FRST
2014-03-08 00:00 - 2014-03-05 14:37 - 00000830 _____ () C:\Windows\setupact.log
2014-03-07 23:58 - 2014-03-08 00:00 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:53 - 2014-02-25 14:12 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf322b449304f0.job
2014-03-07 23:49 - 2012-09-05 21:26 - 00002000 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-07 23:49 - 2010-09-20 21:43 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 23:46 - 2014-03-07 23:45 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:44 - 2008-06-24 18:30 - 00180830 _____ () C:\Users\zdenoz\AppData\Roaming\nvModes.001
2014-03-07 23:43 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Desktop\FRST.exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-07 23:43 - 2008-06-24 18:15 - 01732164 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 23:41 - 2012-09-05 21:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 11:01 - 2014-03-06 10:39 - 00012493 _____ () C:\zoek-results.log
2014-03-06 11:01 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 11:01 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 11:01 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:59 - 2006-11-02 14:01 - 00032562 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-06 10:59 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-06 10:49 - 2014-03-06 10:38 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:37 - 2014-03-06 10:38 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-06 10:34 - 2012-09-05 21:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-06 10:34 - 2012-09-05 21:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-05 15:17 - 2014-03-05 14:58 - 00000000 ____D () C:\AdwCleaner
2014-03-05 15:12 - 2006-11-02 11:33 - 01679994 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:48 - 2014-03-05 14:48 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 14:43 - 2014-03-05 14:47 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:43 - 2014-03-05 14:42 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:39 - 2014-03-05 14:42 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe
2014-03-05 14:37 - 2014-03-05 14:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 14:36 - 2008-07-01 00:29 - 00000000 ____D () C:\Users\zdenoz\AppData\Roaming\Skype
2014-02-26 23:56 - 2008-08-05 13:45 - 00000000 ____D () C:\Windows\Minidump
2014-02-26 23:56 - 2007-11-22 01:14 - 00000000 ____D () C:\Windows\Panther
2014-02-26 23:36 - 2014-02-26 23:35 - 00000000 ____D () C:\rsit
2014-02-26 23:36 - 2014-02-26 23:35 - 00000000 ____D () C:\Program Files\trend micro
2014-02-26 23:32 - 2014-02-26 23:32 - 00339991 _____ () C:\Users\zdenoz\Desktop\RSIT-1.06.exe
2014-02-26 23:25 - 2006-11-02 13:47 - 00404552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-26 23:21 - 2007-11-22 09:44 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-02-26 03:15 - 2013-08-04 15:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-25 14:20 - 2007-11-22 09:26 - 00000000 ____D () C:\Program Files\Google
2014-02-25 14:09 - 2008-10-13 19:27 - 00003211 _____ () C:\Windows\system32\sdkinst.log
2014-02-25 14:08 - 2014-02-25 14:08 - 00000000 ____D () C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2014-02-25 14:04 - 2007-12-10 03:44 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-25 13:57 - 2008-10-13 18:32 - 00000000 ____D () C:\Users\zdenoz\AppData\Local\Yahoo
2014-02-25 13:54 - 2007-11-22 11:08 - 00000000 ____D () C:\Big Fish Games
2014-02-25 13:52 - 2008-06-26 21:19 - 00000049 __RSH () C:\Users\Public\Documents\HBEPGUID.TXT
2014-02-25 13:44 - 2008-06-24 18:30 - 00000000 ____D () C:\Users\zdenoz\AppData\Local\Google
2014-02-25 13:44 - 2007-11-22 11:13 - 00000000 ____D () C:\ProgramData\Google
2014-02-25 13:40 - 2014-02-25 13:40 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-25 13:40 - 2014-02-25 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-25 13:38 - 2014-02-25 13:46 - 00000426 _____ () C:\AVScanner.ini
2014-02-25 13:36 - 2012-09-12 17:30 - 00000000 ____D () C:\Users\zdenoz\Documents\DriverGenius
2014-02-25 13:33 - 2014-02-25 13:33 - 00000000 ____D () C:\ProgramData\2961

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira AntiVir PersonalEdition (Disabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\zdenoz\Desktop" je 34239 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor
C:\Windows\PixArt\PAC207\Monitor.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector
C:\Program Files\Picasa2\PicasaMediaDetector.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng
"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#9 Příspěvek od **vyosek** » 09 bře 2014 06:37

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [36864 2007-11-22] (Sony NSCE)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\MountPoints2: {cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} - F:\wubi.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1B0442D8-BED4-4AD6-AB72-DCA5038A195C} URL = http://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

2014-03-08 00:00 - 2014-03-07 23:58 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:45 - 2014-03-07 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:51 - 2014-03-06 10:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:39 - 2014-03-06 11:01 - 00012493 _____ () C:\zoek-results.log
2014-03-06 10:38 - 2014-03-06 10:49 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:47 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng" /f

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

psychoSVK · #10 Příspěvek od **psychoSVK** » 09 bře 2014 11:18

Neviem, ci sa mal PC restartovat po scane sam od seba no nerestartoval sa tak som ho restartoval rucne.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-03-2014 01
Ran by zdenoz at 2014-03-09 11:22:45 Run:1
Running from C:\Users\zdenoz\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [36864 2007-11-22] (Sony NSCE)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\MountPoints2: {cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} - F:\wubi.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1B0442D8-BED4-4AD6-AB72-DCA5038A195C} URL = http://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

2014-03-08 00:00 - 2014-03-07 23:58 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:45 - 2014-03-07 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:51 - 2014-03-06 10:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:39 - 2014-03-06 11:01 - 00012493 _____ () C:\zoek-results.log
2014-03-06 10:38 - 2014-03-06 10:49 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:47 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MarketingTools => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => Value deleted successfully.
HKU\S-1-5-21-383229388-739048588-2892599554-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B0442D8-BED4-4AD6-AB72-DCA5038A195C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1B0442D8-BED4-4AD6-AB72-DCA5038A195C} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
blbdrive => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
UIUSys => Service deleted successfully.
C:\Users\zdenoz\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload => Moved successfully.
C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload => Moved successfully.
C:\Users\zdenoz\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\zdenoz\Downloads\FRST (1).exe => Moved successfully.
C:\Users\zdenoz\Downloads\FRST.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\zdenoz\Desktop\zoek.exe => Moved successfully.
C:\Users\zdenoz\Downloads\zoek.exe => Moved successfully.
C:\Users\zdenoz\Desktop\JRT.txt => Moved successfully.
C:\Users\zdenoz\Desktop\JRT.exe => Moved successfully.
C:\Users\zdenoz\Downloads\JRT.exe => Moved successfully.
C:\Users\zdenoz\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\zdenoz\Downloads\adwcleaner.exe => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Der Vorgang wurde erfolgreich beendet.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f =========

Der Vorgang wurde erfolgreich beendet.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector" /f =========

Der Vorgang wurde erfolgreich beendet.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Der Vorgang wurde erfolgreich beendet.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng" /f =========

Der Vorgang wurde erfolgreich beendet.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#11 Příspěvek od **vyosek** » 09 bře 2014 20:10

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

psychoSVK · #12 Příspěvek od **psychoSVK** » 11 bře 2014 19:36

Ďakujem za pomoc

#13 Příspěvek od **vyosek** » 11 bře 2014 19:37

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Extrémne spomalený notebook

Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook

Re: Extrémne spomalený notebook