Youtube Accelerator

Zpráva

pavel123 · #1 Příspěvek od **pavel123** » 31 črc 2014 13:27

Zdravím,
při instalaci staženého free DocReaderu se mi do notebooku dostal YouTube Accelerator. Zkoušel jsem ho odinstalovat přes Ccleaner, když to nešlo, dočetl jsem se, že to je virus.
Posílám log z RSIT.
Za pomoc předem díky
Pavel

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2014-07-31 14:26:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 72 GB (72%) free of 100 GB
Total RAM: 1789 MB (55% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\13201465-79e6-421b-811d-09b73abe8b71.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-1.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-11.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-2.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-4.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-5.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-6.job
C:\WINDOWS\tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-7.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-1.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-11.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-2.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-4.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-5.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-6.job
C:\WINDOWS\tasks\45c67576-c940-4803-aab0-8cf308ac14d5-7.job
C:\WINDOWS\tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-1.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-11.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-2.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-4.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-5.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-6.job
C:\WINDOWS\tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-7.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-1.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-11.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-2.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-3.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-4.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-5.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-6.job
C:\WINDOWS\tasks\efb6ae7e-c6df-4843-855f-613c894b6860-7.job
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job
C:\WINDOWS\tasks\ShopperPro.job
C:\WINDOWS\tasks\ShopperProJSUpd.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
Internet Speed Checker - C:\Program Files\Internet Speed Checker\Internet Speed Checker-bho.dll [2014-07-31 568168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191108}]
SavePass - C:\Program Files\SavePass\SavePass-bho.dll [2014-07-31 533352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}]
Ge-Force - C:\Program Files\Ge-Force\Ge-Force-bho.dll [2014-07-31 568168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}]
Sense - C:\Program Files\Sense\Sense-bho.dll [2014-07-31 568168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-08-30 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-12 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4}]
focusbase - C:\Program Files\focusbase\focusbasebho.dll [2014-07-31 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\Documents and Settings\All Users\Data aplikací\ShopperPro\ShopperPro.dll [2014-07-22 418664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-08 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-12 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"AESTFltr"=C:\WINDOWS\system32\AESTFltr.exe [2009-02-18 737280]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-02-03 287288]
"HPCam_Menu"=c:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"MobileBroadband"=C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-07-14 279552]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-26 5074384]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-05-18 2363392]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-01 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\90163839.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\90163839.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======File associations======

.scr - open - C:\WINDOWS\NOTEPAD.EXE "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2014-07-31 14:26:26 ----D---- C:\rsit
2014-07-31 14:26:26 ----D---- C:\Program Files\trend micro
2014-07-31 13:54:11 ----D---- C:\Program Files\Internet Speed Checker
2014-07-31 13:53:24 ----D---- C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
2014-07-31 13:49:31 ----D---- C:\Documents and Settings\Owner\Data aplikací\Media Freeware
2014-07-31 13:48:15 ----D---- C:\Program Files\focusbase
2014-07-31 13:46:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\ShopperPro
2014-07-31 13:46:30 ----D---- C:\Program Files\ShopperPro
2014-07-31 13:46:20 ----D---- C:\Program Files\Sense
2014-07-31 13:46:20 ----D---- C:\Program Files\Ge-Force
2014-07-31 13:46:04 ----D---- C:\Program Files\YouTube Accelerator
2014-07-31 13:44:46 ----D---- C:\Program Files\globalUpdate
2014-07-31 13:44:41 ----D---- C:\Program Files\SavePass
2014-07-30 13:43:43 ----D---- C:\Program Files\Spirit Setings
2014-07-30 08:20:38 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 months======

2014-07-31 14:26:26 ----RD---- C:\Program Files
2014-07-31 14:23:03 ----D---- C:\WINDOWS\Temp
2014-07-31 14:06:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-07-31 14:05:43 ----AD---- C:\Documents and Settings\All Users\Data aplikací\Temp
2014-07-31 13:55:45 ----SD---- C:\WINDOWS\Tasks
2014-07-31 13:54:20 ----SHD---- C:\WINDOWS\Installer
2014-07-31 13:48:57 ----D---- C:\WINDOWS\Prefetch
2014-07-31 13:46:10 ----D---- C:\WINDOWS\system32
2014-07-30 13:12:45 ----D---- C:\WINDOWS\system32\CatRoot2
2014-07-30 12:57:56 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-07-30 07:10:53 ----D---- C:\WINDOWS
2014-07-29 16:15:28 ----D---- C:\WINDOWS\system32\drivers
2014-07-29 16:15:24 ----HD---- C:\WINDOWS\inf
2014-07-29 16:12:34 ----D---- C:\Program Files\DIFX
2014-07-29 16:12:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2014-07-28 09:48:20 ----D---- C:\Program Files\AutoCAD R14
2014-07-16 09:57:20 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei) #2.txt
2014-07-08 23:18:03 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei).txt
2014-07-08 20:14:39 ----A---- C:\WINDOWS\ModemLog_Vodafone Mobile Broadband Modem (Huawei) #3.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-10-08 159832]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-10-08 62512]
R1 tcpipBM;Bytemobile Kernel Network Provider; \??\C:\WINDOWS\system32\drivers\tcpipBM.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 ASIXIo;ASIXIo; \??\C:\WINDOWS\system32\Drivers\asixio.sys []
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-10-08 149568]
R3 AESTAud;AE Audio Service; C:\WINDOWS\system32\drivers\AESTAud.sys [2009-02-18 113536]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-10-29 1204128]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-02 3597824]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2009-07-29 1735040]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2009-01-14 534568]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-01-14 991656]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2009-01-14 156816]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2009-01-14 47272]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-10-08 40376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2011-07-12 73344]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-03-26 1765168]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2009-03-30 1550891]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 vodafone_K3805-z_dc_enum;vodafone_K3805-z_dc_enum; C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 80000]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2009-03-27 296960]
S1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2012-01-26 483200]
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2009-01-14 37160]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GemCCID;GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [2009-08-10 89600]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2011-07-12 192768]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\WINDOWS\system32\DRIVERS\OlyCamComm.sys [2009-09-10 21648]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\WINDOWS\system32\DRIVERS\silabenm.sys [2013-10-24 47176]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\WINDOWS\system32\DRIVERS\silabser.sys [2013-10-24 63104]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2012-05-22 5632]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-07-17 123008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-04-01 602112]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-12-11 346720]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-26 1329304]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-05-18 73728]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 STacSV;Audio Service; c:\program files\idt\wdm\STacSV.exe [2009-03-30 254042]
R2 Update focusbase;Update focusbase; C:\Program Files\focusbase\updatefocusbase.exe [2014-07-31 323360]
R2 VmbService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-07-14 9216]
R2 xmengine service;CryptoPlus XME Engine Service; C:\WINDOWS\system32\xmesrv.exe [2007-01-18 28672]
R2 YouTubeAcceleratorService;YouTubeAcceleratorService; C:\PROGRA~1\YOUTUB~1\YouTubeAcceleratorService.exe [2014-07-31 1510248]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-02-03 209464]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-10-21 228656]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-02 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-31 68608]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-08 194104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [2014-07-31 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-07 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 gupdate1ca2ff55364e1b6;Služba Google Update (gupdate1ca2ff55364e1b6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-07 133104]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-09-12 182696]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 31 črc 2014 13:58

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

pavel123 · #3 Příspěvek od **pavel123** » 31 črc 2014 14:31

Díky, posílám. Trošku se to protáhlo, protože log z JRT se asi nikam neuložil, takže při restartu po ADW se ztratil. Takže jsem JRT spustil znovu a posílám log z toho druhého spuštění až po ADW.

ADW:

# AdwCleaner v3.302 - Report created 31/07/2014 at 15:14:23
# Updated 30/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - SASA
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : Update focusbase
[#] Service Deleted : Util focusbase
[#] Service Deleted : {2b929fe1-284b-4766-afb9-19b0915b99b0}Gt

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data

aplikací\ShopperPro
Folder Deleted : C:\Documents and Settings\All Users\Nabídka

Start\Programy\YouTube Accelerator
[!] Folder Deleted : C:\Program Files\focusbase
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Sense
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\YouTube Accelerator
Folder Deleted : C:\Program Files\Ge-Force
Folder Deleted : C:\Program Files\Internet Speed Checker
Folder Deleted : C:\Program Files\SavePass
[!] Folder Deleted : C:\Program Files\focusbase
Folder Deleted : C:\Documents and Settings\All Users\Dokumenty\ShopperPro
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\globalUpdate
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\Sense
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\Ge-Force
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\Internet Speed Checker
Folder Deleted : C:\DOCUME~1\Owner\LOCALS~1\Temp\focusbase
Folder Deleted : C:\Documents and Settings\Owner\Data

aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\{746505DC-0E21

-4667-97F8-72EA6BCF5EEF}
File Deleted :

C:\WINDOWS\system32\drivers\{2b929fe1-284b-4766-afb9-19b0915b99b0}Gt.sys
File Deleted : C:\Documents and Settings\Owner\Plocha\YouTube

Accelerator.lnk
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\Google\Chrome\User Data\Default\Local

Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\Google\Chrome\User Data\Default\Local

Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted :

HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate

Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate

Update;version=4
Key Deleted :

HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted :

HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted :

HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted :

HKLM\SOFTWARE\Classes\CLSID\{8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted :

HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted :

HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted :

HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted :

HKLM\SOFTWARE\Classes\TypeLib\{95a526ce-38f4-4b1c-927d-a695eda1bbba}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{8fda85d4-b14a-49f5-9de6-f91c4ec5aaf4}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84

-AFC6-E0FA87E47B8C}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8fda85d4-b14a-49f5

-9de6-f91c4ec5aaf4}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4

D84-AFC6-E0FA87E47B8C}
Key Deleted :

HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8fda85d4-b14a-4

9f5-9de6-f91c4ec5aaf4}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC1

2-43BF-A6E4-F9751942B298}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505

A-4D84-AFC6-E0FA87E47B8C}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC

7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low

Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\Sense
Key Deleted : HKCU\Software\Ge-Force
Key Deleted : HKCU\Software\Internet Speed Checker
Key Deleted : HKCU\Software\SavePass
Key Deleted : HKCU\Software\focusbase
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\Goobzo
Key Deleted : HKLM\Software\Sense
Key Deleted : HKLM\Software\Ge-Force
Key Deleted : HKLM\Software\Internet Speed Checker
Key Deleted : HKLM\Software\SavePass
Key Deleted : HKLM\Software\focusbase
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Speed

Checker
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavePass
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\focusbase
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\Ge-Force
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\SavePass
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App

Management\ARPCache\focusbase

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Documents and Settings\admin\Data

aplikací\Mozilla\Firefox\Profiles\4mlb4m13.default\prefs.js ]

[ File : C:\Documents and Settings\Owner\Data

aplikací\Mozilla\Firefox\Profiles\qplye22f.default\prefs.js ]

-\\ Google Chrome v34.0.1847.131

[ File : C:\Documents and Settings\admin\Local Settings\Data

aplikací\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Documents and Settings\Owner\Local Settings\Data

aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R1].txt - [13284 octets] - [31/07/2014 15:08:57]
AdwCleaner[S1].txt - [11052 octets] - [31/07/2014 15:14:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [11113 octets]

##########

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on źt 31.07.2014 at 15:22:25,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Documents and Settings\Owner\Data aplikacˇ\mozilla\firefox\profiles\qplye22f.default\minidumps [4 files]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 31.07.2014 at 15:28:43,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

pavel123 · #4 Příspěvek od **pavel123** » 31 črc 2014 20:28

Vypadá to, že YouTube Accelerator je pryč

Mám ještě něco udělat? Poklidit pomocí Ccleaneru?

#5 Příspěvek od **vyosek** » 01 srp 2014 08:10

Jeste to poradne procistime, na CCleaner taky dojde

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

pavel123 · #6 Příspěvek od **pavel123** » 01 srp 2014 08:28

Posílám:

Zoek.exe v5.0.0.0 Updated 31-07-2014
Tool run by Owner on p 01.08.2014 at 9:14:25,35.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Owner\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1.8.2014 9:15:27 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\YouTubeAcceleratorService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\YouTubeAcceleratorService deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files\ComPlus Applications deleted
C:\Program Files\SiteLookup deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-1.job deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-11.job deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-2.job deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-4.job deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-5.job deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-6.job deleted
C:\WINDOWS\Tasks\16682748-5657-4bf4-885c-fa13b25ef5c5-7.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-1.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-11.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-2.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-4.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-5.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-6.job deleted
C:\WINDOWS\Tasks\45c67576-c940-4803-aab0-8cf308ac14d5-7.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-1.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-11.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-2.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-4.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-5.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-6.job deleted
C:\WINDOWS\Tasks\e025df07-a424-4e29-adcb-3f14a57a8bb4-7.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-1.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-11.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-2.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-3.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-4.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-5.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-6.job deleted
C:\WINDOWS\Tasks\efb6ae7e-c6df-4843-855f-613c894b6860-7.job deleted
C:\WINDOWS\tasks\ShopperPro.job deleted
C:\WINDOWS\tasks\ShopperProJSUpd.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"ff-bmboc@bytemobile.com"="C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon" [21.03.2012 10:23]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\Documents and Settings\All Users\Data aplikacˇ\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[30.08.2011 10:27]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Google Updater deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\admin\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Owner\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=34 folders=2 69471 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Owner\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on p 01.08.2014 at 9:25:56,43 ======================

#7 Příspěvek od **vyosek** » 01 srp 2014 10:53

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

pavel123 · #8 Příspěvek od **pavel123** » 01 srp 2014 11:53

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-07-2014 02
Ran by Owner (administrator) on SASA on 01-08-2014 12:49:40
Running from C:\Documents and Settings\Owner\Plocha
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Monet+, a.s.) C:\WINDOWS\system32\xmesrv.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Autodesk, Inc.) C:\Program Files\AutoCAD R14\acad.exe
(Autodesk, Inc.) C:\Program Files\AutoCAD R14\acad.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-583907252-1450960922-1417001333-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-05-18] (Hewlett-Packard Company)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 208.67.222.222

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=12.0.1.666 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.666 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.666 - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.666 - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.666 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ge-Force - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com [2014-07-31]
FF Extension: SavePass - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\RNEOMVW50611856@ZKVKQ22976610.com [2014-07-31]
FF Extension: Internet Speed Checker - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\sepherdwilbur@aol.com [2014-07-31]
FF Extension: Sense - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\warnerroberts@hotmail.com [2014-07-31]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-03-08]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-08-30]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon [2012-03-21]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-04]

Chrome:
=======
CHR HomePage:
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-16]
CHR Extension: (Disk Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-16]
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-16]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-16]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-08-30]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-16]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-08-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-07-02] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1329304 2012-11-26] (ESET)
S4 gupdate1ca2ff55364e1b6; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-09-07] (Google Inc.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-09-12] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [254042 2009-03-30] (IDT, Inc.)
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-07-14] (Vodafone) [File not signed]
R2 xmengine service; C:\WINDOWS\system32\xmesrv.exe [28672 2007-01-18] (Monet+, a.s.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113536 2009-02-18] (Andrea Electronics Corporation)
S3 AF15BDA; C:\WINDOWS\System32\DRIVERS\AF15BDA.sys [483200 2012-01-26] (ITETech )
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 ASIXIo; C:\WINDOWS\system32\Drivers\asixio.sys [3078 2011-05-12] (ASIX s.r.o) [File not signed]
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [33112 2013-04-10] () [File not signed]
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1735040 2009-07-29] (Broadcom Corporation)
R0 BMLoad; C:\WINDOWS\System32\drivers\BMLoad.sys [13184 2010-03-11] (Bytemobile, Inc.) [File not signed]
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2009-01-14] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2009-01-14] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2009-01-14] (Broadcom Corporation.)
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2009-01-14] (Broadcom Corporation.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2009-01-14] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [159832 2012-10-08] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [121216 2012-10-08] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [149568 2012-10-08] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [40376 2012-10-08] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [62512 2012-10-08] (ESET)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
S3 GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [89600 2009-08-10] (Gemalto)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 OlyCamComm; C:\WINDOWS\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S3 silabenm; C:\WINDOWS\System32\DRIVERS\silabenm.sys [47176 2013-10-24] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\DRIVERS\silabser.sys [63104 2013-10-24] (Silicon Laboratories)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1765168 2009-03-26] ()
S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2012-05-22] () [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1550891 2009-03-30] (IDT, Inc.)
R1 tcpipBM; C:\WINDOWS\system32\drivers\tcpipBM.sys [24192 2010-03-11] (Bytemobile, Inc.) [File not signed]
R3 vodafone_K3805-z_dc_enum; C:\WINDOWS\System32\DRIVERS\vodafone_K3805-z_dc_enum.sys [80000 2010-09-01] (Vodafone)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [296960 2009-03-27] (Marvell)
U4 epfwtdir; system32\DRIVERS\epfwtdir.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 12:49 - 2014-08-01 12:50 - 00017626 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-08-01 12:47 - 2014-08-01 12:49 - 00000000 ____D () C:\FRST
2014-08-01 12:45 - 2014-08-01 12:45 - 01084928 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-08-01 09:23 - 2014-08-01 12:50 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-08-01 09:23 - 2014-08-01 09:14 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-01 09:15 - 2014-08-01 09:25 - 00007646 _____ () C:\zoek-results.log
2014-08-01 09:14 - 2014-08-01 09:21 - 00000000 ____D () C:\zoek_backup
2014-08-01 09:13 - 2014-08-01 09:13 - 01287168 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-07-31 15:08 - 2014-07-31 15:20 - 00000000 ____D () C:\AdwCleaner
2014-07-31 14:59 - 2014-07-31 15:00 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-07-31 14:59 - 2014-07-31 14:59 - 01016261 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-07-31 14:50 - 2014-07-31 14:50 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\rsit
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\Program Files\trend micro
2014-07-31 14:23 - 2014-07-31 14:23 - 00781909 _____ () C:\Documents and Settings\Owner\Plocha\RSIT.exe
2014-07-31 13:55 - 2014-08-01 09:25 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job
2014-07-31 13:55 - 2014-07-31 13:55 - 00000286 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job
2014-07-31 13:53 - 2014-07-31 14:02 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
2014-07-31 13:49 - 2014-07-31 13:49 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Freeware
2014-07-31 13:48 - 2014-07-31 15:14 - 00000000 ____D () C:\Program Files\focusbase
2014-07-31 13:45 - 2014-08-01 09:25 - 00001260 _____ () C:\WINDOWS\Tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job
2014-07-31 13:45 - 2014-07-31 13:45 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
2014-07-31 13:45 - 2014-07-31 13:45 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\CrashRpt
2014-07-31 13:44 - 2014-08-01 09:25 - 00000584 _____ () C:\WINDOWS\Tasks\13201465-79e6-421b-811d-09b73abe8b71.job
2014-07-30 14:54 - 2014-07-30 14:54 - 00000001 _____ () C:\Documents and Settings\Owner\Dokumenty\.spirit-settings.cfg
2014-07-30 13:43 - 2014-07-30 13:43 - 00001604 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00001598 _____ () C:\Documents and Settings\All Users\Plocha\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00000000 ____D () C:\Program Files\Spirit Setings
2014-07-30 08:20 - 2014-07-30 08:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-29 16:15 - 2014-07-29 16:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2014-07-29 16:12 - 2013-10-24 22:39 - 00063104 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\silabser.sys
2014-07-29 16:12 - 2013-10-24 22:39 - 00047176 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\silabenm.sys
2014-07-29 16:11 - 2014-07-30 13:43 - 00031670 _____ () C:\WINDOWS\DPINST.LOG
2014-07-08 20:14 - 2014-07-29 16:15 - 00000900 _____ () C:\WINDOWS\setupact.log
2014-07-08 20:14 - 2014-07-08 20:14 - 00000000 _____ () C:\WINDOWS\setuperr.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 12:50 - 2014-08-01 12:49 - 00017626 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-08-01 12:50 - 2014-08-01 09:23 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-08-01 12:49 - 2014-08-01 12:47 - 00000000 ____D () C:\FRST
2014-08-01 12:49 - 2009-07-29 14:57 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha
2014-08-01 12:48 - 2009-07-29 14:57 - 00000000 ___HD () C:\Documents and Settings\Owner\Local Settings\Data aplikací
2014-08-01 12:45 - 2014-08-01 12:45 - 01084928 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-08-01 10:12 - 2009-11-09 14:44 - 00000000 ____D () C:\Program Files\AutoCAD R14
2014-08-01 10:10 - 2009-07-29 14:52 - 01666130 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-01 09:25 - 2014-08-01 09:15 - 00007646 _____ () C:\zoek-results.log
2014-08-01 09:25 - 2014-07-31 13:55 - 00000278 _____ () C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job
2014-08-01 09:25 - 2014-07-31 13:45 - 00001260 _____ () C:\WINDOWS\Tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job
2014-08-01 09:25 - 2014-07-31 13:44 - 00000584 _____ () C:\WINDOWS\Tasks\13201465-79e6-421b-811d-09b73abe8b71.job
2014-08-01 09:24 - 2009-07-29 15:38 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-01 09:24 - 2009-07-29 15:38 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-08-01 09:24 - 2009-07-29 14:55 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-01 09:24 - 2009-07-02 18:44 - 00173776 _____ () C:\WINDOWS\system32\ativvaxx.cap
2014-08-01 09:23 - 2009-07-29 14:57 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-08-01 09:23 - 2009-07-29 14:55 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-01 09:21 - 2014-08-01 09:14 - 00000000 ____D () C:\zoek_backup
2014-08-01 09:14 - 2014-08-01 09:23 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-01 09:13 - 2014-08-01 09:13 - 01287168 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-07-31 15:41 - 2014-05-12 16:13 - 00000000 ____D () C:\JRT
2014-07-31 15:20 - 2014-07-31 15:08 - 00000000 ____D () C:\AdwCleaner
2014-07-31 15:16 - 2009-07-30 14:33 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Temp
2014-07-31 15:15 - 2008-04-14 14:00 - 00000675 _____ () C:\WINDOWS\win.ini
2014-07-31 15:14 - 2014-07-31 13:48 - 00000000 ____D () C:\Program Files\focusbase
2014-07-31 15:14 - 2009-07-29 15:34 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-07-31 15:00 - 2014-07-31 14:59 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-07-31 14:59 - 2014-07-31 14:59 - 01016261 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-07-31 14:50 - 2014-07-31 14:50 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2014-07-31 14:50 - 2009-07-29 14:55 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\rsit
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\Program Files\trend micro
2014-07-31 14:23 - 2014-07-31 14:23 - 00781909 _____ () C:\Documents and Settings\Owner\Plocha\RSIT.exe
2014-07-31 14:02 - 2014-07-31 13:53 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
2014-07-31 13:56 - 2013-09-11 18:37 - 01829954 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-583907252-1450960922-1417001333-1003-0.dat
2014-07-31 13:56 - 2013-09-10 22:47 - 00334322 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2014-07-31 13:55 - 2014-07-31 13:55 - 00000286 _____ () C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job
2014-07-31 13:54 - 2009-07-29 15:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-07-31 13:54 - 2009-07-29 14:57 - 00000000 ___RD () C:\Documents and Settings\Owner\Dokumenty
2014-07-31 13:53 - 2009-07-29 14:57 - 00000000 __RHD () C:\Documents and Settings\Owner\Data aplikací
2014-07-31 13:49 - 2014-07-31 13:49 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Freeware
2014-07-31 13:46 - 2009-07-29 15:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-07-31 13:45 - 2014-07-31 13:45 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
2014-07-31 13:45 - 2014-07-31 13:45 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\CrashRpt
2014-07-31 13:44 - 2011-08-30 10:26 - 00001871 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-07-31 13:30 - 2014-05-12 18:13 - 00000924 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2014-07-31 07:54 - 2013-06-19 06:42 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-07-30 14:54 - 2014-07-30 14:54 - 00000001 _____ () C:\Documents and Settings\Owner\Dokumenty\.spirit-settings.cfg
2014-07-30 14:52 - 2014-06-02 15:23 - 00017675 _____ () C:\WINDOWS\setupapi.log
2014-07-30 13:43 - 2014-07-30 13:43 - 00001604 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00001598 _____ () C:\Documents and Settings\All Users\Plocha\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00000000 ____D () C:\Program Files\Spirit Setings
2014-07-30 13:43 - 2014-07-29 16:11 - 00031670 _____ () C:\WINDOWS\DPINST.LOG
2014-07-30 13:43 - 2009-07-29 15:35 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-07-30 13:06 - 2009-08-04 14:05 - 00000178 ___SH () C:\Documents and Settings\admin\ntuser.ini
2014-07-30 12:57 - 2012-05-03 12:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 08:21 - 2014-07-30 08:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 07:07 - 2008-04-14 14:00 - 00013736 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-29 17:30 - 2009-07-30 14:40 - 00114176 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-29 16:15 - 2014-07-29 16:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2014-07-29 16:15 - 2014-07-08 20:14 - 00000900 _____ () C:\WINDOWS\setupact.log
2014-07-29 16:12 - 2010-08-15 22:14 - 00000000 ____D () C:\Program Files\DIFX
2014-07-08 20:14 - 2014-07-08 20:14 - 00000000 _____ () C:\WINDOWS\setuperr.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:97.65 GB) (Free:70.37 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (NAVSTEVNICI_4) (CDROM) (Total:3.56 GB) (Free:0 GB) UDF
Drive f: () (Fixed) (Total:200.43 GB) (Free:21.87 GB) NTFS

Available physical RAM: 917.02 MB
Total physical RAM: 1788.79 MB
Percentage of memory in use: 48%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298 GB) (Disk ID: 7A3CFDCA)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\13201465-79e6-421b-811d-09b73abe8b71.job => C:\Program Files\SavePass\13201465-79e6-421b-811d-09b73abe8b71.exe
Task: C:\WINDOWS\Tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job => C:\Program Files\SavePass\c793b2c8-c642-4c97-86bf-21aacf8ee99d.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\Temp:56E2E879

==================== Security Center ==================

AV: ESET Smart Security 6.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Owner\Plocha" je 122 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000

==================== End Of Log ==============================

pavel123 · #9 Příspěvek od **pavel123** » 01 srp 2014 18:48

Zdravím,
omlouvám se za opožděnou budoucí reakci - k notebooku se dostanu až v neděli večer.
Příjemný víkend

Pavel

#10 Příspěvek od **vyosek** » 01 srp 2014 20:36

Pekny vikend i Vam, ja sem dam instrukce a ty pak vykonejte

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
2014-08-01 09:23 - 2014-08-01 09:14 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-01 09:15 - 2014-08-01 09:25 - 00007646 _____ () C:\zoek-results.log
2014-08-01 09:14 - 2014-08-01 09:21 - 00000000 ____D () C:\zoek_backup
2014-08-01 09:13 - 2014-08-01 09:13 - 01287168 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-07-31 15:08 - 2014-07-31 15:20 - 00000000 ____D () C:\AdwCleaner
2014-07-31 14:59 - 2014-07-31 15:00 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-07-31 14:59 - 2014-07-31 14:59 - 01016261 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\rsit
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\Program Files\trend micro
2014-07-31 14:23 - 2014-07-31 14:23 - 00781909 _____ () C:\Documents and Settings\Owner\Plocha\RSIT.exe
C:\Program Files\SavePass

Task: C:\WINDOWS\Tasks\13201465-79e6-421b-811d-09b73abe8b71.job => C:\Program Files\SavePass\13201465-79e6-421b-811d-09b73abe8b71.exe
Task: C:\WINDOWS\Tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job => C:\Program Files\SavePass\c793b2c8-c642-4c97-86bf-21aacf8ee99d.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

pavel123 · #11 Příspěvek od **pavel123** » 03 srp 2014 16:35

Zdravím,
díky

provedl jsem a posílám fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:31-07-2014 02
Ran by Owner at 2014-08-03 17:29:50 Run:1
Running from C:\Documents and Settings\Owner\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
2014-08-01 09:23 - 2014-08-01 09:14 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-01 09:15 - 2014-08-01 09:25 - 00007646 _____ () C:\zoek-results.log
2014-08-01 09:14 - 2014-08-01 09:21 - 00000000 ____D () C:\zoek_backup
2014-08-01 09:13 - 2014-08-01 09:13 - 01287168 _____ () C:\Documents and Settings\Owner\Plocha\zoek.exe
2014-07-31 15:08 - 2014-07-31 15:20 - 00000000 ____D () C:\AdwCleaner
2014-07-31 14:59 - 2014-07-31 15:00 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-07-31 14:59 - 2014-07-31 14:59 - 01016261 _____ (Thisisu) C:\Documents and Settings\Owner\Plocha\JRT.exe
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\rsit
2014-07-31 14:26 - 2014-07-31 14:26 - 00000000 ____D () C:\Program Files\trend micro
2014-07-31 14:23 - 2014-07-31 14:23 - 00781909 _____ () C:\Documents and Settings\Owner\Plocha\RSIT.exe
C:\Program Files\SavePass

Task: C:\WINDOWS\Tasks\13201465-79e6-421b-811d-09b73abe8b71.job => C:\Program Files\SavePass\13201465-79e6-421b-811d-09b73abe8b71.exe
Task: C:\WINDOWS\Tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job => C:\Program Files\SavePass\c793b2c8-c642-4c97-86bf-21aacf8ee99d.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

Hosts:
Reboot:
End
*****************

C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\Owner\Plocha\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe => Moved successfully.
C:\Documents and Settings\Owner\Plocha\JRT.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Documents and Settings\Owner\Plocha\RSIT.exe => Moved successfully.
"C:\Program Files\SavePass" => File/Directory not found.
C:\WINDOWS\Tasks\13201465-79e6-421b-811d-09b73abe8b71.job => Moved successfully.
C:\WINDOWS\Tasks\c793b2c8-c642-4c97-86bf-21aacf8ee99d.job => Moved successfully.
C:\WINDOWS\Tasks\Google Software Updater.job => Moved successfully.
C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => Moved successfully.
C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1450960922-1417001333-1003.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 03 srp 2014 16:40

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

pavel123 · #13 Příspěvek od **pavel123** » 03 srp 2014 17:40

Moc děkuju, opět jste mi pomohl, vše vypadá OK

zítra pošlu příspěvek na provoz fóra

Zdravím
Pavel

pavel123 · #14 Příspěvek od **pavel123** » 03 srp 2014 17:45

Vlastně mám ještě dotaz - tentokrát problém vznikl, když jsem instaloval DocReader stažený jako freware ze Slunečnice.
Rád bych ho měl naistalovaný, ale tenhle raději smažu

Mohl bych poprosit o radu, odkud ho raději stáhnout?
Díky
Pavel

#15 Příspěvek od **vyosek** » 03 srp 2014 18:58

Ono to chce jen cist to instalujete, takze i z te slunecnice by to melo jit, jen pri instalaci musite odmitnout ten doplnek pro YouTube - vice info o nechtenych reklamach zde http://www.viry.cz/pozor-na-to-co-vsech ... -pocitace/

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Youtube Accelerator

Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator

Re: Youtube Accelerator