Vir? Vyskakující reklamy

Zpráva

vacice22 · #1 Příspěvek od **vacice22** » 24 čer 2014 15:24

Dobrý den,

již pár dní mám problém s tím, že mi v internetovém prohlížeči (Chrome) vyskakují neustále nežádoucí reklamy zejména nějaké muacampo. Mohli byste mi prosím poradit, co s tím mám dělat? Nevím si rady.

Děkuji za jakoukoli radu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by jutuxus at 2014-06-24 15:50:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 20 GB (41%) free of 50 GB
Total RAM: 895 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:51:41, on 24.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\maucampo\bin\maucampo.BrowserAdapter.exe
C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskmgr.exe
C:\Users\jutuxus\Downloads\RSIT.exe
C:\Program Files\trend micro\jutuxus.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Center Agent] C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Remote Control.lnk = C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27BBB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{055F21D9-5F58-447F-92EF-A58A4C706FC4}: NameServer = 62.129.50.20,85.135.32.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{055F21D9-5F58-447F-92EF-A58A4C706FC4}: NameServer = 62.129.50.20,85.135.32.100
O17 - HKLM\System\CS2\Services\Tcpip\..\{055F21D9-5F58-447F-92EF-A58A4C706FC4}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CardBusService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: Update maucampo - Unknown owner - C:\Program Files\maucampo\updatemaucampo.exe
O23 - Service: Util maucampo - Unknown owner - C:\Program Files\maucampo\bin\utilmaucampo.exe

--
End of file - 7751 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001Core.job - C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001UA.job - C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-06-17 436600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-06-17 3890208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Center Agent"=C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [2008-11-07 1520128]
"Google Update"=C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-03 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk]
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE [2007-08-14 618496]

C:\Users\jutuxus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Remote Control.lnk - C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave1"=serwvdrv.dll
"wave2"=wdmaud.drv
"wave3"=serwvdrv.dll
"wave4"=serwvdrv.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-17 07:04:53 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-06-17 06:40:20 ----D---- C:\Users\jutuxus\AppData\Roaming\AVAST Software
2014-06-17 06:36:49 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-06-17 06:36:48 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-06-17 06:36:47 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-06-17 06:36:46 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-06-17 06:36:45 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-06-17 06:36:44 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-06-17 06:36:44 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-06-17 06:36:43 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-06-17 06:36:36 ----A---- C:\Windows\system32\aswBoot.exe
2014-06-17 06:36:21 ----A---- C:\Windows\avastSS.scr
2014-06-17 06:33:14 ----D---- C:\Program Files\AVAST Software
2014-06-17 06:30:58 ----D---- C:\ProgramData\AVAST Software
2014-06-14 17:24:59 ----D---- C:\Program Files\Mozilla Thunderbird
2014-06-04 19:35:11 ----D---- C:\Windows\pss

======List of files/folders modified in the last 1 month======

2014-06-24 15:50:40 ----D---- C:\Program Files\trend micro
2014-06-24 15:50:10 ----D---- C:\Windows\temp
2014-06-24 15:04:29 ----A---- C:\Windows\win.ini
2014-06-22 12:14:01 ----D---- C:\Windows
2014-06-17 17:59:26 ----HD---- C:\Program Files\InstallShield Installation Information
2014-06-17 17:59:25 ----RD---- C:\Program Files
2014-06-17 14:11:32 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-06-17 14:11:24 ----D---- C:\Windows\inf
2014-06-17 07:05:00 ----D---- C:\Windows\system32\Tasks
2014-06-17 07:04:59 ----D---- C:\Windows\Tasks
2014-06-17 07:04:53 ----D---- C:\Windows\System32
2014-06-17 06:54:25 ----D---- C:\Windows\Prefetch
2014-06-17 06:50:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-17 06:50:35 ----D---- C:\Windows\system32\drivers
2014-06-17 06:36:38 ----D---- C:\Windows\winsxs
2014-06-17 06:30:58 ----D---- C:\ProgramData
2014-06-14 18:56:06 ----D---- C:\Windows\system32\drivers\etc
2014-06-14 17:37:44 ----D---- C:\Users\jutuxus\AppData\Roaming\uTorrent
2014-06-04 20:04:41 ----SHD---- C:\Windows\Installer
2014-06-04 20:04:37 ----D---- C:\Config.Msi
2014-06-03 08:31:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-29 07:04:28 ----D---- C:\Windows\system32\catroot2
2014-05-28 17:14:18 ----D---- C:\Program Files\maucampo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-06-17 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-06-17 180632]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 {ef8714df-a44b-464c-9034-549a70dc4cd7}w;{ef8714df-a44b-464c-9034-549a70dc4cd7}w; C:\Windows\system32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}w.sys [2014-04-24 52920]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-06-17 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-06-17 777488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-06-17 411680]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-27 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-06-17 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-06-17 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-06-17 68312]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-14 29184]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-20 2385920]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2009-12-20 1260672]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 AF15BDA;AF9015 BDA Filter; C:\Windows\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2007-08-16 220672]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\jutuxus\AppData\Local\Temp\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 76544]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-12-20 565248]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-06-17 50344]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2009-12-20 24576]
R2 Update maucampo;Update maucampo; C:\Program Files\maucampo\updatemaucampo.exe [2014-06-24 317720]
R2 Util maucampo;Util maucampo; C:\Program Files\maucampo\bin\utilmaucampo.exe [2014-06-24 317720]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
S2 CardBusService;CardBusService; C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe [2007-04-24 188416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17 262320]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-14 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-26 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 24 čer 2014 15:27

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

vacice22 · #3 Příspěvek od **vacice22** » 24 čer 2014 19:42

log z JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by jutuxus on Łt 24.06.2014 at 20:28:35,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"

~~~ Files

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{00634F63-799D-4A4C-937A-987DA59B4433}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{035F1C72-71B8-487E-8839-B36AECA038DF}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{04B7653C-A079-4189-A48A-2D16D7350311}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{098A8ABA-ACDF-48AC-8052-5DDAD2B81D65}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{1463569D-BCBE-4F17-BD01-4349D338679E}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{17D37306-4D25-48DC-984B-DA05FAA35D7C}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{191A9215-382B-4701-9862-DCDB07E8B95A}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{191D3796-5F3F-4876-99B5-02DDD093F31D}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{25213000-E733-449A-A56D-879C8C241F5C}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{311072AA-B3F2-407C-9A0C-F945370E37EA}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{3470C5BA-8F98-486B-920B-7DD5E1021B62}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{3954F155-EE75-41EB-81C5-E9CA8FC8139E}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{3A0D8B98-5D79-4391-B7E4-9B8B296A86FE}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{417D01C0-65E7-4B93-8A9F-0E3C18C16FFA}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{49656A15-C6BF-409C-94AA-601229A70A03}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{49E4F84A-CDD2-4559-8FE1-2D7BE68ABA81}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{4DCCA284-8F33-4BA4-83A0-386FD571700F}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{57CBEAB2-5A90-4CC9-905B-5F9C095B16B1}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{5BAB0F36-5B16-40D9-B9EC-964F4F1B5DA2}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{6007BD48-7DB5-4DD5-8AC6-70547FBF924F}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{64951C78-FC51-469C-8E1B-5BF9882B0068}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{656A8300-10AF-49C2-9BB5-E5201C61483E}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{69D6A41D-19DC-4030-BA93-1205513BC2FF}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{73E1E86B-4A5F-45FF-887E-EC0D6A12DA54}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{7CD6D84A-7646-4165-A318-846D46AEF698}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{80197BDF-42B6-4C84-AA7C-842DA28105F7}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{86B21472-236F-449A-87F9-CE01A6A423DF}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{88E3F56B-ED52-46FD-AFE3-D77FFBEC6B6E}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{8C8C1EB3-A43B-4044-B2F4-F834841154F0}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{8DD66C2B-AB70-4DDA-8E3B-5A83C39C93E1}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{97ECB1B1-84E2-4F21-9F09-F4FE17D81398}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{99024003-6CEF-437F-9211-F24696E38C3A}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{990C5AF7-4C9D-4C34-A200-53741ADA3538}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{9A02FE59-E8A1-4266-9429-1D03E7AC7CA0}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{9E3A88FB-D001-44A7-9CFA-4789094A8338}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{A62C86C1-6349-40A4-98B4-A737F6894B52}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{A8A23776-5E21-4103-8E00-26A413FE1111}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{A91468D2-7BAC-42D7-BBE3-4F56ABC77577}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{AD44291F-E034-4D7F-9EE8-6A4ABF19EB33}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{B33BEE41-205B-44EE-98D5-ABC0B0288290}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{B9DDE5F3-2DBC-49CC-992A-F29DCB6A8E2B}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{C1AE90B6-8389-47DF-ABDD-170A3EF1C45B}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{CA9BFC52-BA2B-42A3-B6EC-3298E566E67A}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{CBFC1718-8A53-43E2-A701-B8E7578C27E7}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{CD374745-048A-4142-A967-8D65E03EC720}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{CE88CD81-46DC-4530-AEBF-E7C8AB362E51}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{D2D3CD87-7421-4A61-81EB-3E53297FD87C}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{D7655AA9-120A-4E29-8D98-BEAE85867CD0}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{D7F8625C-3976-4654-8ACF-E1A69FECBA0E}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{E033B5BF-C506-457C-9D1D-AB7F1D7FFC85}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{E08375F4-9E60-4468-96A3-3B0CBE3BBBC4}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{EADC19DF-CFA0-42FB-8C50-ECD571048EDB}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{F0FA4E9A-7132-46F5-9574-557760C45FBB}
Successfully deleted: [Empty Folder] C:\Users\jutuxus\appdata\local\{F791600B-D696-4B56-9F3F-C15A4680499A}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 24.06.2014 at 20:38:17,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#4 Příspěvek od **vyosek** » 24 čer 2014 19:54

Jeste poprosim o AdwCleaner

vacice22 · #5 Příspěvek od **vacice22** » 24 čer 2014 20:03

vkládám log AdwCleaner dle bodu 2. Je to již v pořádku? Obdivuji, že se v těch řádcích orientujete.

# AdwCleaner v3.213 - Report created 24/06/2014 at 20:53:12
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : jutuxus - JUTUXUS-PC
# Running from : C:\Users\jutuxus\Desktop\adwcleaner_3.213.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update maucampo
[#] Service Deleted : Util maucampo

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files\maucampo

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\maucampo
Key Deleted : HKLM\Software\maucampo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\maucampo

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16611

-\\ Mozilla Firefox v

[ File : C:\Users\jutuxus\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\jutuxus\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [10205 octets] - [10/12/2013 11:35:47]
AdwCleaner[R1].txt - [1710 octets] - [24/06/2014 20:50:39]
AdwCleaner[S0].txt - [10271 octets] - [10/12/2013 11:38:18]
AdwCleaner[S1].txt - [1669 octets] - [24/06/2014 20:53:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1729 octets] ##########

#6 Příspěvek od **vyosek** » 24 čer 2014 20:11

Uz to vypada lepe

Je to veci cviku, praxe a skoleni

Poprosim nyni o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100 a docistime to

vacice22 · #7 Příspěvek od **vacice22** » 24 čer 2014 20:48

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-06-2014
Ran by jutuxus (administrator) on JUTUXUS-PC on 24-06-2014 21:41:26
Running from C:\Users\jutuxus\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
() C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
(Google Inc.) C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\jutuxus\Desktop\FRSTLauncher (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-24] (AVAST Software)
HKU\S-1-5-21-3904506014-4066717387-449558178-1001\...\Run: [Center Agent] => C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [1520128 2008-11-07] ()
HKU\S-1-5-21-3904506014-4066717387-449558178-1001\...\Run: [Google Update] => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-03] (Google Inc.)
Startup: C:\Users\jutuxus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Remote Control.lnk
ShortcutTarget: Remote Control.lnk -> C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x60BEE1864089CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
URLSearchHook: HKCU - Default Value = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
DPF: {D27BBB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{055F21D9-5F58-447F-92EF-A58A4C706FC4}: [NameServer]62.129.50.20,85.135.32.100

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\jutuxus\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\jutuxus\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR HomePage:
CHR Extension: (avast! Online Security) - C:\Users\jutuxus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-17]
CHR Extension: (Peněženka Google) - C:\Users\jutuxus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-17]
CHR HKLM\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files\fbphotozoom\fbphotozoom16.crx [2014-06-17]
CHR StartMenuInternet: Google Chrome - C:\Users\jutuxus\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-17] (AVAST Software)
S2 CardBusService; C:\Program Files\Common Files\AVerMedia\Service\CardBusService.exe [188416 2007-04-24] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2009-12-20] (Syntek America Inc.)

==================== Drivers (Whitelisted) ====================

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [483200 2009-06-03] (ITETech )
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-17] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-17] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-17] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-06-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-17] ()
R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-14] (Atheros Communications, Inc.)
S3 AVerFx2hbtv; C:\Windows\System32\drivers\AVerFx2hbtv.sys [220672 2007-08-16] (AVerMedia TECHNOLOGIES, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-27] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1260672 2009-12-20] (Syntek)
R1 {ef8714df-a44b-464c-9034-549a70dc4cd7}w; C:\Windows\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}w.sys [52920 2014-04-24] (StdLib)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\jutuxus\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-24 21:41 - 2014-06-24 21:42 - 00011760 _____ () C:\Users\jutuxus\Desktop\FRST.txt
2014-06-24 21:41 - 2014-06-24 21:41 - 00000000 ____D () C:\FRST
2014-06-24 21:40 - 2014-06-24 21:40 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Desktop\FRSTLauncher (2).exe
2014-06-24 21:38 - 2014-06-24 21:38 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 454235.crdownload
2014-06-24 21:37 - 2014-06-24 21:38 - 01073152 _____ (Farbar) C:\Users\jutuxus\Desktop\FRST.exe
2014-06-24 21:32 - 2014-06-24 21:32 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 640031.crdownload
2014-06-24 20:57 - 2014-06-24 20:57 - 00001809 _____ () C:\Users\jutuxus\Desktop\AdwCleaner[S1].txt
2014-06-24 20:55 - 2014-06-24 20:55 - 00000706 _____ () C:\Windows\PFRO.log
2014-06-24 20:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-24 20:49 - 2014-06-24 20:49 - 01342659 _____ () C:\Users\jutuxus\Desktop\adwcleaner_3.213.exe
2014-06-24 20:38 - 2014-06-24 20:38 - 00006861 _____ () C:\Users\jutuxus\Desktop\JRT.txt
2014-06-24 20:28 - 2014-06-24 20:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-24 20:24 - 2014-06-24 20:25 - 01016261 _____ (Thisisu) C:\Users\jutuxus\Desktop\JRT.exe
2014-06-24 15:44 - 2014-06-24 15:45 - 01107968 _____ () C:\Users\jutuxus\Downloads\RSIT.exe
2014-06-22 12:14 - 2014-06-24 20:56 - 00000224 _____ () C:\Windows\setupact.log
2014-06-22 12:14 - 2014-06-22 12:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-17 14:08 - 2014-06-17 14:08 - 00000991 _____ () C:\Users\jutuxus\Desktop\CCleaner.lnk
2014-06-17 07:04 - 2014-06-24 21:27 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 07:04 - 2014-06-17 07:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-17 06:40 - 2014-06-17 06:40 - 00000000 ____D () C:\Users\jutuxus\AppData\Roaming\AVAST Software
2014-06-17 06:39 - 2014-06-17 06:39 - 00002127 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-17 06:39 - 2014-06-17 06:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-17 06:36 - 2014-06-17 06:38 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-17 06:36 - 2014-06-17 06:38 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-17 06:36 - 2014-06-17 06:38 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402979914171
2014-06-17 06:36 - 2014-06-17 06:36 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402979914171
2014-06-17 06:36 - 2014-06-17 06:36 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-17 06:36 - 2014-06-17 06:36 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-17 06:36 - 2014-06-17 06:36 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-17 06:33 - 2014-06-17 06:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-17 06:30 - 2014-06-17 06:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-14 18:56 - 2013-12-10 18:07 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20140614-185606.backup
2014-06-14 17:24 - 2014-06-17 06:18 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-04 19:35 - 2014-06-04 19:35 - 00000000 ____D () C:\Windows\pss
2014-06-03 15:00 - 2014-06-03 16:23 - 1470083696 _____ () C:\Users\jutuxus\Desktop\Do.hlubiny.2005.AC3.DVDRip.XviD.CZ.avi

==================== One Month Modified Files and Folders =======

2014-06-24 21:42 - 2014-06-24 21:41 - 00011760 _____ () C:\Users\jutuxus\Desktop\FRST.txt
2014-06-24 21:41 - 2014-06-24 21:41 - 00000000 ____D () C:\FRST
2014-06-24 21:40 - 2014-06-24 21:40 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Desktop\FRSTLauncher (2).exe
2014-06-24 21:38 - 2014-06-24 21:38 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 454235.crdownload
2014-06-24 21:38 - 2014-06-24 21:37 - 01073152 _____ (Farbar) C:\Users\jutuxus\Desktop\FRST.exe
2014-06-24 21:32 - 2014-06-24 21:32 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 640031.crdownload
2014-06-24 21:27 - 2014-06-17 07:04 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-24 21:05 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 21:05 - 2009-07-14 06:34 - 00013760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-24 21:01 - 2009-12-17 20:47 - 01080032 _____ () C:\Windows\WindowsUpdate.log
2014-06-24 20:57 - 2014-06-24 20:57 - 00001809 _____ () C:\Users\jutuxus\Desktop\AdwCleaner[S1].txt
2014-06-24 20:56 - 2014-06-22 12:14 - 00000224 _____ () C:\Windows\setupact.log
2014-06-24 20:56 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-24 20:55 - 2014-06-24 20:55 - 00000706 _____ () C:\Windows\PFRO.log
2014-06-24 20:53 - 2013-12-10 11:35 - 00000000 ____D () C:\AdwCleaner
2014-06-24 20:53 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini
2014-06-24 20:49 - 2014-06-24 20:49 - 01342659 _____ () C:\Users\jutuxus\Desktop\adwcleaner_3.213.exe
2014-06-24 20:47 - 2012-12-03 15:36 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001UA.job
2014-06-24 20:38 - 2014-06-24 20:38 - 00006861 _____ () C:\Users\jutuxus\Desktop\JRT.txt
2014-06-24 20:28 - 2014-06-24 20:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-24 20:25 - 2014-06-24 20:24 - 01016261 _____ (Thisisu) C:\Users\jutuxus\Desktop\JRT.exe
2014-06-24 20:01 - 2009-12-17 20:58 - 01582256 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 15:50 - 2013-12-10 10:38 - 00000000 ____D () C:\Program Files\trend micro
2014-06-24 15:45 - 2014-06-24 15:44 - 01107968 _____ () C:\Users\jutuxus\Downloads\RSIT.exe
2014-06-22 12:14 - 2014-06-22 12:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-17 17:59 - 2011-09-25 10:19 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-17 17:59 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 14:11 - 2013-12-10 16:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-17 14:08 - 2014-06-17 14:08 - 00000991 _____ () C:\Users\jutuxus\Desktop\CCleaner.lnk
2014-06-17 13:47 - 2012-12-03 15:36 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001Core.job
2014-06-17 07:04 - 2014-06-17 07:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-17 07:04 - 2011-11-23 09:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-17 06:50 - 2012-11-15 09:52 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-17 06:40 - 2014-06-17 06:40 - 00000000 ____D () C:\Users\jutuxus\AppData\Roaming\AVAST Software
2014-06-17 06:39 - 2014-06-17 06:39 - 00002127 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-17 06:39 - 2014-06-17 06:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-17 06:38 - 2014-06-17 06:36 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-17 06:38 - 2014-06-17 06:36 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-17 06:38 - 2014-06-17 06:36 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402979914171
2014-06-17 06:36 - 2014-06-17 06:36 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402979914171
2014-06-17 06:36 - 2014-06-17 06:36 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-17 06:36 - 2014-06-17 06:36 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-17 06:36 - 2014-06-17 06:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-17 06:36 - 2014-06-17 06:36 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-17 06:33 - 2014-06-17 06:33 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-17 06:32 - 2014-06-17 06:30 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-17 06:18 - 2014-06-14 17:24 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-14 17:37 - 2010-06-24 19:44 - 00000000 ____D () C:\Users\jutuxus\AppData\Roaming\uTorrent
2014-06-04 20:04 - 2014-03-23 12:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2014-06-04 20:04 - 2014-03-23 12:27 - 00001992 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2014-06-04 19:35 - 2014-06-04 19:35 - 00000000 ____D () C:\Windows\pss
2014-06-03 16:23 - 2014-06-03 15:00 - 1470083696 _____ () C:\Users\jutuxus\Desktop\Do.hlubiny.2005.AC3.DVDRip.XviD.CZ.avi

Some content of TEMP:
====================
C:\Users\jutuxus\AppData\Local\temp\KMP_3.9.0.124.exe
C:\Users\jutuxus\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001Core.job => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001UA.job => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\jutuxus\Desktop" je 1429 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk
C:\PROGRA~1\COMMON~1\AVERME~1\AVERQU~1\AVERQU~1.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 24 čer 2014 20:55

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Tez odinstalujte Microsoft Security Client. Mate tam jako antivir Avast, coz je dostacujici. Navic dva antiviry v PC spolu koliduji

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3904506014-4066717387-449558178-1001\...\Run: [Google Update] => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-03] (Google Inc.)
Startup: C:\Users\jutuxus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Remote Control.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x60BEE1864089CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
URLSearchHook: HKCU - Default Value = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

FF Plugin: @microsoft.com/GENUINE - disabled No File

CHR HKLM\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files\fbphotozoom\fbphotozoom16.crx [2014-06-17]

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 catchme; \??\C:\Users\jutuxus\AppData\Local\Temp\catchme.sys [X]


C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Microsoft Security Client
C:\Program Files\fbphotozoom
2014-06-24 21:38 - 2014-06-24 21:38 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 454235.crdownload
2014-06-24 21:37 - 2014-06-24 21:38 - 01073152 _____ (Farbar) C:\Users\jutuxus\Desktop\FRST.exe
2014-06-24 21:32 - 2014-06-24 21:32 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 640031.crdownload
2014-06-24 20:57 - 2014-06-24 20:57 - 00001809 _____ () C:\Users\jutuxus\Desktop\AdwCleaner[S1].txt
2014-06-24 20:55 - 2014-06-24 20:55 - 00000706 _____ () C:\Windows\PFRO.log
2014-06-24 20:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-24 20:49 - 2014-06-24 20:49 - 01342659 _____ () C:\Users\jutuxus\Desktop\adwcleaner_3.213.exe
2014-06-24 20:38 - 2014-06-24 20:38 - 00006861 _____ () C:\Users\jutuxus\Desktop\JRT.txt
2014-06-24 20:28 - 2014-06-24 20:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-24 20:24 - 2014-06-24 20:25 - 01016261 _____ (Thisisu) C:\Users\jutuxus\Desktop\JRT.exe
2014-06-24 15:44 - 2014-06-24 15:45 - 01107968 _____ () C:\Users\jutuxus\Downloads\RSIT.exe
2014-06-22 12:14 - 2014-06-24 20:56 - 00000224 _____ () C:\Windows\setupact.log
2014-06-22 12:14 - 2014-06-22 12:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-14 18:56 - 2013-12-10 18:07 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20140614-185606.backup
2014-06-17 14:11 - 2013-12-10 16:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 15:50 - 2013-12-10 10:38 - 00000000 ____D () C:\Program Files\trend micro
2014-06-24 15:45 - 2014-06-24 15:44 - 01107968 _____ () C:\Users\jutuxus\Downloads\RSIT.exe
C:\Users\jutuxus\AppData\Local\temp\KMP_3.9.0.124.exe
C:\Users\jutuxus\AppData\Local\temp\Quarantine.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001Core.job => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001UA.job => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

vacice22 · #9 Příspěvek od **vacice22** » 24 čer 2014 21:36

Snad už je to v pořádku.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:22-06-2014
Ran by jutuxus at 2014-06-24 22:29:08 Run:1
Running from C:\Users\jutuxus\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-3904506014-4066717387-449558178-1001\...\Run: [Google Update] => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-03] (Google Inc.)
Startup: C:\Users\jutuxus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Remote Control.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x60BEE1864089CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = cs
URLSearchHook: HKCU - Default Value = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

FF Plugin: @microsoft.com/GENUINE - disabled No File

CHR HKLM\...\Chrome\Extension: [mpieaakhacmfleokhjcjnpcnmnmpfkid] - C:\Program Files\fbphotozoom\fbphotozoom16.crx [2014-06-17]

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 catchme; \??\C:\Users\jutuxus\AppData\Local\Temp\catchme.sys [X]

C:\Program Files\Spybot - Search & Destroy
C:\Program Files\Microsoft Security Client
C:\Program Files\fbphotozoom
2014-06-24 21:38 - 2014-06-24 21:38 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 454235.crdownload
2014-06-24 21:37 - 2014-06-24 21:38 - 01073152 _____ (Farbar) C:\Users\jutuxus\Desktop\FRST.exe
2014-06-24 21:32 - 2014-06-24 21:32 - 00112640 _____ (forum.viry.cz) C:\Users\jutuxus\Downloads\Nepotvrzeno 640031.crdownload
2014-06-24 20:57 - 2014-06-24 20:57 - 00001809 _____ () C:\Users\jutuxus\Desktop\AdwCleaner[S1].txt
2014-06-24 20:55 - 2014-06-24 20:55 - 00000706 _____ () C:\Windows\PFRO.log
2014-06-24 20:52 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-24 20:49 - 2014-06-24 20:49 - 01342659 _____ () C:\Users\jutuxus\Desktop\adwcleaner_3.213.exe
2014-06-24 20:38 - 2014-06-24 20:38 - 00006861 _____ () C:\Users\jutuxus\Desktop\JRT.txt
2014-06-24 20:28 - 2014-06-24 20:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-24 20:24 - 2014-06-24 20:25 - 01016261 _____ (Thisisu) C:\Users\jutuxus\Desktop\JRT.exe
2014-06-24 15:44 - 2014-06-24 15:45 - 01107968 _____ () C:\Users\jutuxus\Downloads\RSIT.exe
2014-06-22 12:14 - 2014-06-24 20:56 - 00000224 _____ () C:\Windows\setupact.log
2014-06-22 12:14 - 2014-06-22 12:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-14 18:56 - 2013-12-10 18:07 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.20140614-185606.backup
2014-06-17 14:11 - 2013-12-10 16:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-24 15:50 - 2013-12-10 10:38 - 00000000 ____D () C:\Program Files\trend micro
2014-06-24 15:45 - 2014-06-24 15:44 - 01107968 _____ () C:\Users\jutuxus\Downloads\RSIT.exe
C:\Users\jutuxus\AppData\Local\temp\KMP_3.9.0.124.exe
C:\Users\jutuxus\AppData\Local\temp\Quarantine.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001Core.job => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001UA.job => C:\Users\jutuxus\AppData\Local\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f

Hosts:
Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSC => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-21-3904506014-4066717387-449558178-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
C:\Users\jutuxus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Remote Control.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}'=> Key not found.
'HKCR\CLSID\{53707962-6F74-2D53-2644-206D7942484F}'=> Key not found.
'HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File'=> Key not found.
FF Plugin: @microsoft.com/GENUINE - disabled No File not found.
'HKLM\SOFTWARE\Google\Chrome\Extensions\mpieaakhacmfleokhjcjnpcnmnmpfkid' => Key deleted successfully.
"C:\Program Files\fbphotozoom\fbphotozoom16.crx" => File/Directory not found.
MsMpSvc => Service not found.
NisSrv => Service not found.
SBSDWSCService => Service not found.
MpFilter => Service not found.
catchme => Service deleted successfully.
C:\Program Files\Spybot - Search & Destroy => Moved successfully.
"C:\Program Files\Microsoft Security Client" => File/Directory not found.
"C:\Program Files\fbphotozoom" => File/Directory not found.
"C:\Users\jutuxus\Downloads\Nepotvrzeno 454235.crdownload" => File/Directory not found.
C:\Users\jutuxus\Desktop\FRST.exe => Moved successfully.
"C:\Users\jutuxus\Downloads\Nepotvrzeno 640031.crdownload" => File/Directory not found.
C:\Users\jutuxus\Desktop\AdwCleaner[S1].txt => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\system32\sqlite3.dll => Moved successfully.
C:\Users\jutuxus\Desktop\adwcleaner_3.213.exe => Moved successfully.
C:\Users\jutuxus\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\jutuxus\Desktop\JRT.exe => Moved successfully.
"C:\Users\jutuxus\Downloads\RSIT.exe" => File/Directory not found.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Windows\system32\Drivers\etc\hosts.20140614-185606.backup => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"C:\Users\jutuxus\Downloads\RSIT.exe" => File/Directory not found.
C:\Users\jutuxus\AppData\Local\temp\KMP_3.9.0.124.exe => Moved successfully.
C:\Users\jutuxus\AppData\Local\temp\Quarantine.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3904506014-4066717387-449558178-1001UA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 25 čer 2014 06:11

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Vir? Vyskakující reklamy

Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy

Re: Vir? Vyskakující reklamy