Prosím o kontrolu logu, dekuji

Zpráva

Bubenacek · #1 Příspěvek od **Bubenacek** » 22 zář 2014 11:13

Dobrý den,

Moc prosím o kontrolu logu, počitač najíždí asi 10 min.

Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2014-09-22 12:02:14
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 16 GB (16%) free of 102 GB
Total RAM: 3999 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:03:19, on 22.9.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Users\HP\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Users\HP\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?p2=%5EB36%5E ... 07-29&psv=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll
R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing)
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: KMP Media Toolbar BHO - {4B4D5056-3700-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll" (file missing)
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O3 - Toolbar: KMP Media Toolbar - {4B4D5056-3700-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll" (file missing)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: Photags AutoDetect.lnk = C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc - C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update AtuZi - Unknown owner - C:\Program Files (x86)\AtuZi\updateAtuZi.exe
O23 - Service: Util AtuZi - Unknown owner - C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12709 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job - C:\Windows\TEMP\{5DB5A5E5-07AD-4FE3-B8EE-2838DFA2E6B6}.exe --uninstall=1

=========Mozilla firefox=========

ProfilePath - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"otis@digitalpersona.com"=C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
"avg@toolbar"=C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll [2014-08-22 1574208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-17 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7}]
KMP Media Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll [2014-08-22 12184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-26 3627032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}]
Ads Removal - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll [2014-06-11 464720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-26 3627032]
{4B4D5056-3700-A76A-76A7-7A786E7484D7} - KMP Media Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\KMPV7\Passport.dll [2014-08-22 12184]
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\9.7\iobitappsToolbarIE.dll [2014-08-22 1574208]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"UCam_Menu"=C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-26 2640408]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-29 1564368]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-04-17 1596224]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-08-22 1942424]
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2014-08-22 1608000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [2014-09-19 1416016]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]
"Yahoo! Search"=C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe [2014-09-12 535472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Photags AutoDetect.lnk - C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-22 12:02:15 ----D---- C:\Program Files (x86)\trend micro
2014-09-22 12:02:14 ----D---- C:\rsit
2014-09-11 21:09:51 ----RD---- C:\Program Files (x86)\Skype
2014-09-11 21:09:51 ----D---- C:\Program Files (x86)\Common Files\Skype
2014-08-27 13:35:41 ----D---- C:\Program Files (x86)\IObit Apps Toolbar
2014-08-27 13:35:41 ----D---- C:\Program Files (x86)\Application Updater
2014-08-27 08:04:11 ----D---- C:\Program Files (x86)\AVG Security Toolbar
2014-08-27 08:04:01 ----D---- C:\ProgramData\Avg_Update_0814tb

======List of files/folders modified in the last 1 month======

2014-09-22 12:03:20 ----D---- C:\Windows\Prefetch
2014-09-22 12:02:15 ----RD---- C:\Program Files (x86)
2014-09-22 12:01:42 ----D---- C:\Windows
2014-09-22 12:01:33 ----D---- C:\Windows\inf
2014-09-22 12:00:28 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2014-09-22 11:56:43 ----D---- C:\Users\HP\AppData\Roaming\Skype
2014-09-22 11:55:23 ----D---- C:\Users\HP\AppData\Roaming\Media Player Classic
2014-09-22 11:55:21 ----D---- C:\Windows\Temp
2014-09-22 11:05:45 ----A---- C:\Windows\win.ini
2014-09-22 10:58:55 ----D---- C:\Windows\SoftwareDistribution
2014-09-22 10:56:57 ----D---- C:\ProgramData\ProductData
2014-09-22 10:54:43 ----D---- C:\Windows\debug
2014-09-21 13:57:03 ----SHD---- C:\System Volume Information
2014-09-21 13:57:02 ----D---- C:\Windows\Logs
2014-09-20 19:07:30 ----D---- C:\Windows\System32
2014-09-20 15:32:46 ----D---- C:\Program Files (x86)\Full Tilt Poker
2014-09-11 21:10:37 ----SHD---- C:\Windows\Installer
2014-09-11 21:10:37 ----HD---- C:\Config.Msi
2014-09-11 21:09:51 ----D---- C:\Program Files (x86)\Common Files
2014-09-11 21:09:48 ----D---- C:\ProgramData\Skype
2014-09-11 15:23:30 ----D---- C:\Program Files (x86)\PokerStars
2014-09-10 14:46:48 ----D---- C:\Windows\SysWOW64
2014-09-10 14:46:46 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-27 13:35:41 ----D---- C:\Program Files (x86)\Common Files\Spigot
2014-08-27 08:13:08 ----D---- C:\Windows\Tasks
2014-08-27 08:04:01 ----HD---- C:\ProgramData
2014-08-26 00:15:38 ----D---- C:\Program Files (x86)\AVG Secure Search

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys []
R1 {a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64;{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64; C:\Windows\system32\drivers\{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64.sys []
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-05-28 36432]
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys []
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 EagleX64;EagleX64; C:\Windows\SysWOW64\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [2009-03-01 89600]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-08-22 166296]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2014-08-22 990072]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-17 322624]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-12-24 1868432]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-09-29 1564368]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-01-24 342336]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [2009-08-12 240640]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-11 1820184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
S2 SafetyNutManager;SafetyNut Manager; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [2014-05-28 3544272]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 Update AtuZi;Update AtuZi; C:\Program Files (x86)\AtuZi\updateAtuZi.exe [2014-09-22 325400]
S2 Util AtuZi;Util AtuZi; C:\Program Files (x86)\AtuZi\bin\utilAtuZi.exe [2014-09-22 325400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 22 zář 2014 11:46

Zdravim

Odinstalujte Advanced SystemCare a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Bubenacek · #3 Příspěvek od **Bubenacek** » 22 zář 2014 12:38

Log z 1. programu zde:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.9 (09.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by HP on po 22.09.2014 at 13:05:36,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util atuzi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\KMPAskPIPCount_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EF5BD3D9-638F-41A1-8D19-0BFCDCDB8AB7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\HP\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\HP\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\HP\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\ProgramData\AskPartnerNetwork"
Successfully deleted: [Folder] "C:\Program Files (x86)\askpartnernetwork"

~~~ FireFox

Successfully deleted: [File] C:\Users\HP\AppData\Roaming\mozilla\firefox\profiles\pn3y3w0e.default-1411033565785\invalidprefs.js

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 22.09.2014 at 13:20:18,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Log z 2. programu zde:
# AdwCleaner v3.310 - Report created 22/09/2014 at 13:29:11
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : HP - HP-PC
# Running from : C:\Users\HP\Desktop\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
[#] Service Deleted : SafetyNutManager
[#] Service Deleted : Update AtuZi
[#] Service Deleted : Util AtuZi
Service Deleted : {a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\Program Files (x86)\AtuZi
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Browser Tab Search by Ask
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\HP\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\HP\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\HP\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\HP\AppData\Local\Temp\apn
Folder Deleted : C:\Users\HP\AppData\Local\Temp\AtuZi
Folder Deleted : C:\Users\HP\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\HP\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Folder Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
File Deleted : C:\Windows\System32\drivers\{a398d4bf-ac93-41b8-983d-d3185c8c4cc1}w64.sys
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\user.js
File Deleted : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\user.js

***** [ Scheduled Tasks ] *****

Task Deleted : Yahoo! Search

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AtuZi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AtuZi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateAtuZi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateAtuZi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilAtuZi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilAtuZi_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update AtuZi
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9F5253B0-D113-4B64-B2D4-B765C749A3B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0EF6989F-E21A-49A9-A1C2-200C41FC429A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\AtuZi
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\SafetyNut
Key Deleted : HKLM\SOFTWARE\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\AtuZi
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AtuZi
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16448

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\prefs.js ]

[ File : C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [12512 octets] - [22/09/2014 13:26:35]
AdwCleaner[S0].txt - [11010 octets] - [22/09/2014 13:29:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11071 octets] ##########

#4 Příspěvek od **vyosek** » 22 zář 2014 12:42

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Bubenacek · #5 Příspěvek od **Bubenacek** » 22 zář 2014 13:11

Zoek.exe v5.0.0.0 Updated 21-09-2014
Tool run by HP on po 22.09.2014 at 13:51:15,95.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: F:\složka\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.9.2014 13:52:24 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EBACADB7-8581-42A5-940B-80C5893ABF9F} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully
HKEY_USERS\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4B4D5056-3700-A76A-76A7-7A786E7484D7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.9 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.9 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\prefs.js:

Added to C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_22.09.2014_1403_.backup

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_22.09.2014_1403_.backup

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924

user.js not found
---- FireFox user.js and prefs.js backups ----

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\PROGRA~3\Avg_Update_0814tb deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\HP\AppData\Local\cache deleted
C:\Users\HP\AppData\LocalLow\ADSRemoval deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Search Settings deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\extensions\adremoveext@adremoveext.net deleted
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\extensions\adremoveext@adremoveext.net deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\extensions\{9e891144-6b11-4b15-831d-1fc05f439ef4}.xpi" deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\etjpccgx.default-1367222440575\extensions\iobitapps@mybrowserbar.com" deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\extensions\{9e891144-6b11-4b15-831d-1fc05f439ef4}.xpi" deleted
"C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qq31sgjn.default-1383227635924\extensions\iobitapps@mybrowserbar.com" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt" [17.08.2012 16:19]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Chromium Look ======================

Comodo Web Inspector - HP\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Advanced SystemCare Surfing Protection - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Advanced SystemCare Surfing Protection - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd

==== Chromium Startpages ======================

C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Preferences
"homepage": "http://seznam.cz/",
"homepage": "http://seznam.cz/",
"urls_to_restore_on_startup": [ "http://www.search.ask.com/?o=APN10257&gct=hp" ]
"urls_to_restore_on_startup": [ "http://www.search.ask.com/?o=APN10257&gct=hp" ]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\HP\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\HP\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=256 folders=75 11871763 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HP\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\HP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\HP\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on po 22.09.2014 at 14:08:52,34 ======================

#6 Příspěvek od **vyosek** » 22 zář 2014 13:18

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Bubenacek · #7 Příspěvek od **Bubenacek** » 22 zář 2014 15:54

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by HP (administrator) on HP-PC on 22-09-2014 16:40:34
Running from C:\Users\HP\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Pandora.TV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
() C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
(PandoraTV) C:\Program Files (x86)\PANDORA.TV\PanService\KMPProcess.exe
(forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1814312 2009-08-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [456192 2009-08-12] (IDT, Inc.)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [32768 2004-11-02] (Cyberlink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Yahoo! Search] => C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: H - H:\RunGame.exe
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk
ShortcutTarget: Photags AutoDetect.lnk -> C:\Program Files (x86)\PhoTags Express\Photags AutoDetect.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DigitalPersona Personal Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 109.231.191.1 109.231.191.3

FireFox:
========
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2012-08-17]
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-17]
CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (No Name) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2013-12-05]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe [89600 2009-03-01] (Andrea Electronics Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DpHost; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [322624 2009-07-17] (DigitalPersona, Inc.) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1868432 2012-12-24] ()
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe [240640 2009-08-12] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
S3 EagleX64; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32496 2014-01-12] (Synaptics Incorporated)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 16:40 - 2014-09-22 16:41 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:40 - 2014-09-22 16:40 - 00000000 ____D () C:\FRST
2014-09-22 16:39 - 2014-09-22 16:38 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 16:39 - 2014-09-22 16:35 - 02105856 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-09-22 14:07 - 2014-09-22 13:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:52 - 2014-09-22 14:08 - 00016047 _____ () C:\zoek-results.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00000000 ____D () C:\zoek_backup
2014-09-22 13:51 - 2014-09-22 13:49 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2014-09-22 14:07 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:25 - 2014-09-22 13:29 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:02 - 2014-09-22 12:59 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 13:02 - 2014-09-22 12:59 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\rsit
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 14:08 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:01 - 2014-09-22 12:00 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-20 19:07 - 2014-09-20 19:11 - 00006929 _____ () C:\Windows\system32\Errors.log
2014-09-18 11:46 - 2014-09-18 11:46 - 00000000 ____D () C:\Users\HP\Desktop\Původní data aplikace Firefox
2014-09-18 04:56 - 2014-09-18 11:58 - 3895081898 ____R () C:\Users\HP\Desktop\Transformers Age of Extinction 2014 720p WEB-DL x264 AC3-JYK.mkv
2014-09-18 04:56 - 2014-09-18 04:56 - 00110236 _____ () C:\Users\HP\Desktop\Transformers-Age-of-Extinction(0000242290).srt
2014-09-16 18:12 - 2014-09-16 18:54 - 733364224 _____ () C:\Users\HP\Desktop\Ucho.avi
2014-09-15 21:35 - 2014-09-15 21:49 - 1700440064 ____R () C:\Users\HP\Desktop\Up In Smoke.avi
2014-09-15 19:51 - 2014-09-15 19:57 - 732669952 ____R () C:\Users\HP\Desktop\Tesis [DVDRIP][Spanish][www.pctorrent.com].avi
2014-09-15 19:51 - 2014-09-15 19:51 - 00076694 _____ () C:\Users\HP\Desktop\Tesis(0000074319).srt
2014-09-11 21:10 - 2014-09-11 21:10 - 00000000 ____D () C:\Users\HP\AppData\Local\Skype
2014-09-11 21:09 - 2014-09-11 21:10 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-11 21:09 - 2014-09-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-11 10:34 - 2014-09-11 11:15 - 741101364 _____ () C:\Users\HP\Desktop\Halloween 2.avi
2014-09-10 19:58 - 2014-09-10 20:56 - 1001390080 _____ () C:\Users\HP\Desktop\Vyvrženci z pekla.avi
2014-09-10 11:12 - 2014-09-10 11:12 - 00089975 _____ () C:\Users\HP\Desktop\Millerova křižovatka - titulky cz.srt
2014-09-10 11:11 - 2014-09-10 11:19 - 787722036 ____R () C:\Users\HP\Desktop\Millerova křižovatka.mp4
2014-09-08 19:43 - 2014-09-08 20:24 - 733292544 _____ () C:\Users\HP\Desktop\Temnota.avi
2014-09-06 19:01 - 2014-09-06 19:08 - 768616001 _____ () C:\Users\HP\Desktop\Lučenec 2014.rar
2014-09-04 01:16 - 2014-09-04 01:16 - 00425654 _____ () C:\Users\HP\Desktop\PSLogZip.zip
2014-09-03 20:40 - 2014-09-03 21:01 - 380600320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino---05x04.avi
2014-08-27 13:48 - 2014-08-27 14:10 - 390504448 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x24.avi
2014-08-27 12:53 - 2014-08-27 13:15 - 380028928 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x23.avi
2014-08-27 12:13 - 2014-08-27 12:34 - 379277312 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x22.avi
2014-08-26 22:56 - 2014-08-26 23:17 - 364863488 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x21.avi
2014-08-26 22:09 - 2014-08-26 22:28 - 343517184 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x20.avi
2014-08-26 21:23 - 2014-08-26 21:43 - 367022080 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x19.avi
2014-08-26 20:56 - 2014-08-26 21:16 - 367032320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x18.avi
2014-08-26 20:13 - 2014-08-26 20:21 - 362803200 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x17.avi
2014-08-26 18:19 - 2014-08-26 18:39 - 346804224 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x16.avi
2014-08-26 17:35 - 2014-08-26 17:54 - 350283776 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x15.avi
2014-08-26 14:46 - 2014-08-26 15:07 - 365613056 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x14.avi
2014-08-26 14:00 - 2014-08-26 14:20 - 351023104 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x13.avi
2014-08-26 13:31 - 2014-08-26 13:50 - 352923648 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x12.avi
2014-08-26 12:48 - 2014-08-26 13:07 - 348592128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x11.avi
2014-08-25 23:41 - 2014-08-26 00:02 - 367026176 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x10.avi
2014-08-25 23:06 - 2014-08-25 23:27 - 367024128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x09.avi
2014-08-25 22:12 - 2014-08-25 22:34 - 387928064 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x08.avi
2014-08-25 21:41 - 2014-08-25 22:02 - 387278848 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x07.avi
2014-08-25 21:04 - 2014-08-25 21:25 - 368130048 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x06.avi
2014-08-23 12:20 - 2014-08-23 12:42 - 387997696 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x05.avi
2014-08-23 11:00 - 2014-08-23 11:22 - 399902720 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x04---Super.avi
2014-08-23 10:30 - 2014-08-23 10:51 - 379582464 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x03---Super.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 16:41 - 2014-09-22 16:40 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:40 - 2014-09-22 16:40 - 00000000 ____D () C:\FRST
2014-09-22 16:38 - 2014-09-22 16:39 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 16:37 - 2012-08-17 18:05 - 00000000 ____D () C:\Users\HP\AppData\Roaming\uTorrent
2014-09-22 16:35 - 2014-09-22 16:39 - 02105856 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2014-09-22 16:34 - 2013-02-16 19:03 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-22 14:16 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 14:16 - 2009-07-14 06:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 14:13 - 2010-11-21 11:27 - 00634546 _____ () C:\Windows\system32\perfh005.dat
2014-09-22 14:13 - 2010-11-21 11:27 - 00123104 _____ () C:\Windows\system32\perfc005.dat
2014-09-22 14:13 - 2009-07-14 07:13 - 01478586 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 14:12 - 2012-08-17 16:33 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Skype
2014-09-22 14:08 - 2014-09-22 13:52 - 00016047 _____ () C:\zoek-results.log
2014-09-22 14:08 - 2014-09-22 12:01 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 14:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 14:07 - 2014-09-22 13:51 - 00000000 ____D () C:\zoek_backup
2014-09-22 14:07 - 2014-09-22 13:30 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:49 - 2014-09-22 13:51 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2012-08-17 16:26 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-09-22 13:29 - 2014-09-22 13:25 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:29 - 2012-08-17 16:07 - 01402073 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 12:59 - 2014-09-22 13:02 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 12:59 - 2014-09-22 13:02 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:03 - 2014-09-22 12:02 - 00000000 ____D () C:\rsit
2014-09-22 12:03 - 2014-09-22 12:02 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:00 - 2014-09-22 12:01 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-22 11:55 - 2012-08-18 16:06 - 00000000 ____D () C:\Users\HP\AppData\Roaming\Media Player Classic
2014-09-22 11:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-22 11:05 - 2009-07-14 04:34 - 00000710 _____ () C:\Windows\win.ini
2014-09-20 20:35 - 2012-11-17 14:29 - 00000000 ____D () C:\Users\HP\AppData\Local\PokerStars
2014-09-20 19:11 - 2014-09-20 19:07 - 00006929 _____ () C:\Windows\system32\Errors.log
2014-09-20 15:32 - 2014-07-05 02:22 - 00000000 ____D () C:\Program Files (x86)\Full Tilt Poker
2014-09-20 04:09 - 2014-07-05 02:23 - 00000000 ____D () C:\Users\HP\AppData\Local\AuxClient
2014-09-19 23:57 - 2013-03-13 17:58 - 00000000 ____D () C:\Users\HP\AppData\Local\FullTiltPoker
2014-09-18 11:58 - 2014-09-18 04:56 - 3895081898 ____R () C:\Users\HP\Desktop\Transformers Age of Extinction 2014 720p WEB-DL x264 AC3-JYK.mkv
2014-09-18 11:46 - 2014-09-18 11:46 - 00000000 ____D () C:\Users\HP\Desktop\Původní data aplikace Firefox
2014-09-18 05:02 - 2014-07-07 12:15 - 00000000 ____D () C:\Users\HP\Desktop\Filmyy
2014-09-18 04:56 - 2014-09-18 04:56 - 00110236 _____ () C:\Users\HP\Desktop\Transformers-Age-of-Extinction(0000242290).srt
2014-09-16 18:54 - 2014-09-16 18:12 - 733364224 _____ () C:\Users\HP\Desktop\Ucho.avi
2014-09-15 21:49 - 2014-09-15 21:35 - 1700440064 ____R () C:\Users\HP\Desktop\Up In Smoke.avi
2014-09-15 19:57 - 2014-09-15 19:51 - 732669952 ____R () C:\Users\HP\Desktop\Tesis [DVDRIP][Spanish][www.pctorrent.com].avi
2014-09-15 19:51 - 2014-09-15 19:51 - 00076694 _____ () C:\Users\HP\Desktop\Tesis(0000074319).srt
2014-09-11 21:10 - 2014-09-11 21:10 - 00000000 ____D () C:\Users\HP\AppData\Local\Skype
2014-09-11 21:10 - 2014-09-11 21:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-11 21:09 - 2014-09-11 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-11 21:09 - 2012-08-17 16:33 - 00000000 ____D () C:\ProgramData\Skype
2014-09-11 15:23 - 2012-11-17 14:29 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-09-11 11:15 - 2014-09-11 10:34 - 741101364 _____ () C:\Users\HP\Desktop\Halloween 2.avi
2014-09-10 20:56 - 2014-09-10 19:58 - 1001390080 _____ () C:\Users\HP\Desktop\Vyvrženci z pekla.avi
2014-09-10 14:46 - 2013-02-16 19:03 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 14:46 - 2012-08-17 22:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 14:46 - 2012-08-17 22:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 11:19 - 2014-09-10 11:11 - 787722036 ____R () C:\Users\HP\Desktop\Millerova křižovatka.mp4
2014-09-10 11:12 - 2014-09-10 11:12 - 00089975 _____ () C:\Users\HP\Desktop\Millerova křižovatka - titulky cz.srt
2014-09-08 20:24 - 2014-09-08 19:43 - 733292544 _____ () C:\Users\HP\Desktop\Temnota.avi
2014-09-06 19:08 - 2014-09-06 19:01 - 768616001 _____ () C:\Users\HP\Desktop\Lučenec 2014.rar
2014-09-04 01:16 - 2014-09-04 01:16 - 00425654 _____ () C:\Users\HP\Desktop\PSLogZip.zip
2014-09-03 21:01 - 2014-09-03 20:40 - 380600320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino---05x04.avi
2014-09-03 16:21 - 2012-08-17 16:07 - 00000000 ____D () C:\Users\HP
2014-09-01 18:31 - 2009-07-14 07:08 - 00032532 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-27 14:10 - 2014-08-27 13:48 - 390504448 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x24.avi
2014-08-27 13:15 - 2014-08-27 12:53 - 380028928 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x23.avi
2014-08-27 12:34 - 2014-08-27 12:13 - 379277312 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x22.avi
2014-08-26 23:17 - 2014-08-26 22:56 - 364863488 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x21.avi
2014-08-26 22:28 - 2014-08-26 22:09 - 343517184 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x20.avi
2014-08-26 21:43 - 2014-08-26 21:23 - 367022080 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x19.avi
2014-08-26 21:16 - 2014-08-26 20:56 - 367032320 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x18.avi
2014-08-26 20:21 - 2014-08-26 20:13 - 362803200 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x17.avi
2014-08-26 18:39 - 2014-08-26 18:19 - 346804224 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x16.avi
2014-08-26 17:54 - 2014-08-26 17:35 - 350283776 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x15.avi
2014-08-26 15:07 - 2014-08-26 14:46 - 365613056 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x14.avi
2014-08-26 14:20 - 2014-08-26 14:00 - 351023104 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x13.avi
2014-08-26 13:50 - 2014-08-26 13:31 - 352923648 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x12.avi
2014-08-26 13:07 - 2014-08-26 12:48 - 348592128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x11.avi
2014-08-26 00:02 - 2014-08-25 23:41 - 367026176 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x10.avi
2014-08-25 23:27 - 2014-08-25 23:06 - 367024128 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x09.avi
2014-08-25 22:34 - 2014-08-25 22:12 - 387928064 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x08.avi
2014-08-25 22:02 - 2014-08-25 21:41 - 387278848 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x07.avi
2014-08-25 21:25 - 2014-08-25 21:04 - 368130048 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x06.avi
2014-08-23 12:42 - 2014-08-23 12:20 - 387997696 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-CZ-02x05.avi
2014-08-23 11:22 - 2014-08-23 11:00 - 399902720 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x04---Super.avi
2014-08-23 10:51 - 2014-08-23 10:30 - 379582464 _____ () C:\Users\HP\Downloads\Las-Vegas-Kasino-Cz---02x03---Super.avi

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-22 14:42

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:100.01 GB) (Free:16.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:198.08 GB) (Free:27.79 GB) NTFS
Drive f: () (Removable) (Total:7.67 GB) (Free:4.76 GB) FAT32

Available physical RAM: 2871.63 MB
Total physical RAM: 3999.19 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4CF524D4)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=198.1 GB) - (Type=05)
Disk: 1 (Size: 7.7 GB) (Disk ID: BE72CFD7)
Partition 1: (Active) - (Size=7.7 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\HP\Desktop" je 26305 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent
C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup
C:\PROGRA~2\INSTAL~1\{E3A5A~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{E3A5A~1\reboot.ini -l0x0005 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 22 zář 2014 16:06

Odinstalujte vse od IOBit

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Yahoo! Search] => C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: H - H:\RunGame.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com [Not Found]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-17]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S3 EagleX64; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

C:\Program Files (x86)\PANDORA.TV
C:\Program Files (x86)\Guard-ICQ
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\IObit
C:\Users\HP\AppData\Local\Pay-By-Ads
2014-09-22 16:40 - 2014-09-22 16:41 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:39 - 2014-09-22 16:38 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 14:07 - 2014-09-22 13:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:52 - 2014-09-22 14:08 - 00016047 _____ () C:\zoek-results.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00000000 ____D () C:\zoek_backup
2014-09-22 13:51 - 2014-09-22 13:49 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2014-09-22 14:07 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:25 - 2014-09-22 13:29 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:02 - 2014-09-22 12:59 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 13:02 - 2014-09-22 12:59 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\rsit
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 14:08 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:01 - 2014-09-22 12:00 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-20 19:07 - 2014-09-20 19:11 - 00006929 _____ () C:\Windows\system32\Errors.log

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f

Task: {A408479E-82C5-48C3-9323-6700FC50FBF3} - System32\Tasks\Driver Booster SkipUAC (HP) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {BACA05B7-94DC-45C2-B598-353FCA87ED49} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Bubenacek · #9 Příspěvek od **Bubenacek** » 22 zář 2014 16:09

Já už vše od l0Bit odinstaloval..tedy pokud tam nemám náhodou ještě něco skrytého. to pak nevím, jak to najít.

Ted jdu na ten fixlist.

#10 Příspěvek od **vyosek** » 22 zář 2014 16:10

OK, fixlist to pomaze

Bubenacek · #11 Příspěvek od **Bubenacek** » 22 zář 2014 16:16

Fixlog zde
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-09-2014 01
Ran by HP at 2014-09-22 17:12:58 Run:1
Running from C:\Users\HP\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [Guard.Mail.ru.gui] => C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [uTorrent] => C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe [1416016 2014-09-19] (BitTorrent Inc.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\Run: [Yahoo! Search] => C:\Users\HP\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\...\MountPoints2: H - H:\RunGame.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com [Not Found]

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-01-12]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-04-17]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-09-29] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 PanService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S3 EagleX64; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

C:\Program Files (x86)\PANDORA.TV
C:\Program Files (x86)\Guard-ICQ
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\IObit
C:\Users\HP\AppData\Local\Pay-By-Ads
2014-09-22 16:40 - 2014-09-22 16:41 - 00012747 _____ () C:\Users\HP\Desktop\FRST.txt
2014-09-22 16:39 - 2014-09-22 16:38 - 00112640 _____ (forum.viry.cz) C:\Users\HP\Desktop\FRSTLauncher.exe
2014-09-22 14:07 - 2014-09-22 13:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-22 13:52 - 2014-09-22 14:08 - 00016047 _____ () C:\zoek-results.log
2014-09-22 13:51 - 2014-09-22 14:07 - 00000000 ____D () C:\zoek_backup
2014-09-22 13:51 - 2014-09-22 13:49 - 01290752 _____ () C:\Users\HP\Desktop\zoek.exe
2014-09-22 13:30 - 2014-09-22 14:07 - 00001326 _____ () C:\Windows\PFRO.log
2014-09-22 13:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-22 13:25 - 2014-09-22 13:29 - 00000000 ____D () C:\AdwCleaner
2014-09-22 13:20 - 2014-09-22 13:20 - 00013833 _____ () C:\Users\HP\Desktop\JRT.txt
2014-09-22 13:05 - 2014-09-22 13:05 - 00000000 ____D () C:\Windows\ERUNT
2014-09-22 13:02 - 2014-09-22 12:59 - 01373475 _____ () C:\Users\HP\Desktop\adwcleaner_3.310.exe
2014-09-22 13:02 - 2014-09-22 12:59 - 01027006 _____ (Thisisu) C:\Users\HP\Desktop\JRT.exe
2014-09-22 12:57 - 2014-09-22 12:57 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\rsit
2014-09-22 12:02 - 2014-09-22 12:03 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-09-22 12:01 - 2014-09-22 14:08 - 00000900 _____ () C:\Windows\setupact.log
2014-09-22 12:01 - 2014-09-22 12:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-22 12:01 - 2014-09-22 12:00 - 01107968 _____ () C:\Users\HP\Desktop\RSIT.exe
2014-09-20 19:07 - 2014-09-20 19:11 - 00006929 _____ () C:\Windows\system32\Errors.log

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f

Task: {A408479E-82C5-48C3-9323-6700FC50FBF3} - System32\Tasks\Driver Booster SkipUAC (HP) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {BACA05B7-94DC-45C2-B598-353FCA87ED49} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Guard.Mail.ru.gui => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 7 => value deleted successfully.
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => value deleted successfully.
"HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3430852545-1810248877-1481859449-1000" => Key not found.
"HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3430852545-1810248877-1481859449-1000" => Key not found.
"HKU\S-1-5-21-3430852545-1810248877-1481859449-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3430852545-1810248877-1481859449-1000" => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Photags AutoDetect.lnk => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2488}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
"HKCR\PROTOCOLS\Filter\text/xml" => Key deleted successfully.
"HKCR\CLSID\{807553E5-5146-11D5-A672-00B0D022E945}" => Key not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\pn3y3w0e.default-1411033565785\extensions\ascsurfingprotection@iobit.com not found.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd => Moved successfully.
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
Guard.Mail.ru => Service deleted successfully.
LiveUpdateSvc => Service deleted successfully.
PanService => Service deleted successfully.
EagleX64 => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Program Files (x86)\PANDORA.TV => Moved successfully.
C:\Program Files (x86)\Guard-ICQ => Moved successfully.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"C:\Program Files (x86)\IObit" => File/Directory not found.
"C:\Users\HP\AppData\Local\Pay-By-Ads" => File/Directory not found.
C:\Users\HP\Desktop\FRST.txt => Moved successfully.
C:\Users\HP\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\HP\Desktop\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\HP\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\HP\Desktop\adwcleaner_3.310.exe => Moved successfully.
C:\Users\HP\Desktop\JRT.exe => Moved successfully.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files (x86)\trend micro => Moved successfully.
C:\Windows\setupact.log => Moved successfully.
C:\Windows\setuperr.log => Moved successfully.
C:\Users\HP\Desktop\RSIT.exe => Moved successfully.
C:\Windows\system32\Errors.log => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstallShieldSetup" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A408479E-82C5-48C3-9323-6700FC50FBF3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A408479E-82C5-48C3-9323-6700FC50FBF3}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (HP) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (HP)" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BACA05B7-94DC-45C2-B598-353FCA87ED49}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BACA05B7-94DC-45C2-B598-353FCA87ED49}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (SYSTEM)" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 43.9 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#12 Příspěvek od **vyosek** » 22 zář 2014 16:19

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Napiste jak se chova PC

Bubenacek · #13 Příspěvek od **Bubenacek** » 22 zář 2014 16:33

Tak super, PC už najíždí tak, jak by měl

Snad jen, jestli tam nejsou náhodou nějaké viry apod. ?

Ale nejspíš je už vše v pořádku, PC se chová dobře

Pokud je to od Vás vše, nestačí mi nic jiného, než Vám moc poděkovat

Oprava : Snad jen jsem si všiml ještě jedné nejasnosti, chtěl jsem Vám udělat screen obrazovky ale nějak mi to nefuguje tak Vám to zkusím vysvětlit.
Když dám správce úloh tak v záložce Procesy mám vypsány různe procesy ale za některýmy je *32
Prostě například MDM.exe*32 nebo DpHost.exe*32 atd. Je toto normální ?

#14 Příspěvek od **vyosek** » 22 zář 2014 20:01

Na viry by melo byt cisto, to bylo cilem naseho snazeni

Ohledne tech *32, tak to je v poradku. Mate 64bit system a ta *32 znaci, ze proces bezi jako 32bitovy

VIRY.CZ

Prosím o kontrolu logu, dekuji

Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji

Re: Prosím o kontrolu logu, dekuji