http://www.delta-homes.com

Zpráva

Radovan4646 · #1 Příspěvek od **Radovan4646** » 31 srp 2013 12:11

Dobrý den, prosím o pomoc.
Po spuštění jakéhokoliv prohlížeče (Explorer, Mozilla, Chrome) se automaticky spustila stránka hxxp://www.delta-homes.com, z prohlížečů jsem tuto stránku odstranil, ale ve výpisu logu z RSITu stále je, log přikládám. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2013-08-31 13:04:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (51%) free of 76 GB
Total RAM: 2038 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:17, on 31.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Codebox\BitMeter\BitMeter2.exe
C:\Program Files\Eyes Relax\EyesRelax.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Software\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377459027
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1377459027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1377459027
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O4 - Global Startup: Eyes Relax.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe

--
End of file - 8871 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "personas@christopher.beard:1.6.1, {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20101113Wb1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=mcafee&p="

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\SiteAdvisor
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/SAFFPlugin]
"Description"=
"Path"=C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc;version=0.8.6i]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdjvu.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
McSiteAdvisor.xml

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-23 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2013-05-22 249872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-23 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2013-05-22 249872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-05-23 7514656]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-17 3671872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe
Eyes Relax.lnk - C:\Windows\Installer\{FAAD374A-B7B4-4B2C-9954-791E52812483}\EyeIcon.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-08-25 23:15:37 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2013-08-25 22:53:45 ----D---- C:\Program Files\Enigma Software Group
2013-08-25 22:53:10 ----D---- C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2013-08-25 22:53:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-08-25 21:30:07 ----D---- C:\Users\Uživatel\AppData\Roaming\WinZipper
2013-08-25 21:30:07 ----D---- C:\Program Files\WinZipper
2013-08-14 19:01:29 ----D---- C:\Windows\system32\MRT
2013-08-14 18:56:21 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 18:56:20 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 18:56:19 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 18:56:19 ----A---- C:\Windows\system32\iesetup.dll
2013-08-14 18:56:18 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 18:56:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 18:56:17 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 18:56:17 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-14 18:56:17 ----A---- C:\Windows\system32\iernonce.dll
2013-08-14 18:56:17 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-14 18:56:16 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 18:56:16 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 18:56:14 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 18:56:12 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 18:56:10 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 17:36:13 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 17:36:10 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 17:36:10 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 17:36:10 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 17:36:09 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 17:36:04 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 17:36:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-08-14 17:36:01 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 17:35:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-14 17:35:55 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 17:35:45 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 17:35:37 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

======List of files/folders modified in the last 1 month======

2013-08-31 13:04:17 ----D---- C:\Windows\Prefetch
2013-08-31 13:04:15 ----D---- C:\Windows\Temp
2013-08-31 13:04:15 ----D---- C:\Program Files\trend micro
2013-08-31 13:03:18 ----D---- C:\ProgramData\Bitmeter2
2013-08-31 12:24:35 ----D---- C:\Windows\system32\config
2013-08-31 09:18:51 ----D---- C:\Windows\System32
2013-08-31 09:18:51 ----D---- C:\Windows\inf
2013-08-31 09:18:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-31 09:16:43 ----D---- C:\Windows
2013-08-30 18:39:12 ----D---- C:\ProgramData\eSafe
2013-08-30 18:39:04 ----SHD---- C:\System Volume Information
2013-08-30 18:39:04 ----D---- C:\Windows\system32\catroot2
2013-08-26 13:41:55 ----D---- C:\Software
2013-08-26 12:44:39 ----RD---- C:\Program Files
2013-08-26 08:31:13 ----D---- C:\Windows\system32\drivers
2013-08-25 23:53:03 ----HD---- C:\ProgramData
2013-08-25 23:46:50 ----D---- C:\Windows\system32\Tasks
2013-08-25 23:46:49 ----D---- C:\Windows\Tasks
2013-08-25 23:39:24 ----SHD---- C:\Config.Msi
2013-08-25 23:36:36 ----D---- C:\Program Files\UZC Trial
2013-08-25 23:12:38 ----SHD---- C:\Windows\Installer
2013-08-25 22:53:05 ----D---- C:\Program Files\Common Files
2013-08-25 21:56:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-08-25 21:30:06 ----A---- C:\Windows\system32\msvcr100.dll
2013-08-25 21:30:06 ----A---- C:\Windows\system32\msvcp100.dll
2013-08-18 10:27:42 ----D---- C:\Windows\rescache
2013-08-17 10:54:09 ----D---- C:\Windows\system32\NDF
2013-08-16 17:42:37 ----RSD---- C:\Windows\assembly
2013-08-16 17:42:37 ----D---- C:\Windows\Microsoft.NET
2013-08-15 21:53:59 ----D---- C:\Windows\Panther
2013-08-15 21:53:57 ----D---- C:\Windows\debug
2013-08-15 21:26:47 ----D---- C:\Windows\winsxs
2013-08-15 21:23:49 ----D---- C:\Windows\system32\cs-CZ
2013-08-15 21:23:47 ----D---- C:\Program Files\Internet Explorer
2013-08-14 19:01:26 ----A---- C:\Windows\system32\MRT.exe
2013-08-14 19:01:09 ----D---- C:\ProgramData\Microsoft Help
2013-08-14 18:56:30 ----D---- C:\Windows\system32\catroot
2013-08-02 18:27:04 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-07-20 175176]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-18 12400]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 61680]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-07-20 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-07-20 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2007-12-11 27648]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-09-14 242240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-05-23 2361952]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-24 167936]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-02-12 717296]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 35328]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2008-10-24 35328]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2013-05-22 101552]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-08-22 303680]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-16 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-25 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-16 133104]
S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-07-12 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-25 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 31 srp 2013 13:14

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Spustte tradicne dvouklikem
Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Radovan4646 · #3 Příspěvek od **Radovan4646** » 31 srp 2013 13:43

Také zdravím.
Vkládám logy z jednotlivých programů.

Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 08/31/2013 02:21:52 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\

* Shortcut Cleaned: C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1373644517

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

* Shortcut Cleaned: C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1373644517

* Shortcut Cleaned: C:\Users\Uživatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1373644517

Searching C:\Users\Public\Desktop\

Searching C:\Users\Uživatel\Desktop

3 bad shortcuts found.

Program finished at: 08/31/2013 02:21:54 PM
Execution time: 0 hours(s), 0 minute(s), and 2 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Home Premium x86
Ran by U§ivatel on so 31.08.2013 at 14:24:02,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\webcakedesktop_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\icqtoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{bf67f764-95b6-4360-bb57-b2e5aa6c814b}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\askbardis"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\U§ivatel\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\U§ivatel\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\U§ivatel\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\U§ivatel\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\U§ivatel\AppData\Roaming\microsoft\windows\start menu\programs\free window registry repair"

~~~ FireFox

Successfully deleted: [File] C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\4dalkza1.default\user.js
Successfully deleted the following from C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\4dalkza1.default\prefs.js

user_pref("browser.search.defaultenginename", "qvo6");
user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.3&q=");
user_pref("browser.search.order.1", "qvo6");
user_pref("browser.search.selectedEngine", "qvo6");
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.seznam.cz/");
user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://search.yahoo.com/search?fr=mcafee&p=");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.simapp_id", "{41ED1834-CDF7-11DF-B0EB-90E6BAC0E3DB}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://search.sweetim.com/?src=10");
user_pref("sweetim.toolbar.version", "1.1.0.2");
Emptied folder: C:\Users\U§ivatel\AppData\Roaming\mozilla\firefox\profiles\4dalkza1.default\minidumps [19 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 31.08.2013 at 14:26:52,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.001 - Report created 31/08/2013 at 14:32:33
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Uživatel - MARTIN
# Running from : C:\Users\Uživatel\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : WsysSvc

***** [ Files / Folders ] *****

File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-4.xml
File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-5.xml
File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-6.xml
File Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-7.xml
File Found : C:\Windows\system32\Uninstall.exe
Folder Found : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Found C:\Program Files\WinZipper
Folder Found C:\ProgramData\ICQ\ICQToolbar
Folder Found C:\Users\Uživatel\AppData\Local\PackageAware
Folder Found C:\Users\Uživatel\AppData\Roaming\eIntaller
Folder Found C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\SweetIMToolbarData
Folder Found C:\Users\Uživatel\AppData\Roaming\WinZipper

***** [ Shortcuts ] *****

Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1377459027 )

***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_m ... 1377459027
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=a ... 1373644517
Key Found : HKCU\Software\ICQ\ICQToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Key Found : HKLM\Software\delta-homesSoftware
Key Found : HKLM\Software\ICQ\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Key Found : HKLM\Software\V9
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v21.0 (cs)

[ File : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\prefs.js ]

Line Found : user_pref("icqtoolbar.allowSendURL", false);
Line Found : user_pref("icqtoolbar.defSearchChange", true);
Line Found : user_pref("icqtoolbar.engineVerified", false);
Line Found : user_pref("icqtoolbar.geolastmodified", 1322260806);
Line Found : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Found : user_pref("icqtoolbar.history", "kolo%20filetype%3Apdf||kolo||Tommaso%20Lorenzetti||Xavier%20Simeon||Jordi%20Torres||Ratthapark%20Wilairot||Anthony%20West||Thomas%20Luthi||Kenny%20Noyes||Randy%20Krumm[...]
Line Found : user_pref("icqtoolbar.hpChange", true);
Line Found : user_pref("icqtoolbar.icqgeo", 42);
Line Found : user_pref("icqtoolbar.installTime", "1321382924");
Line Found : user_pref("icqtoolbar.installsource", "1");
Line Found : user_pref("icqtoolbar.newtab_state", "1");
Line Found : user_pref("icqtoolbar.numberOfSearches", 0);
Line Found : user_pref("icqtoolbar.previousFFVersion", "7.0.1");
Line Found : user_pref("icqtoolbar.skip_default_search", "no");
Line Found : user_pref("icqtoolbar.suggestions", false);
Line Found : user_pref("icqtoolbar.uniqueID", "129623727312962450131296251276713");
Line Found : user_pref("icqtoolbar.usageStatstTimestamp", 1322260809);
Line Found : user_pref("icqtoolbar.version", "1.3.6");
Line Found : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Found : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Found : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Found : user_pref("icqtoolbar.voucherWasShown", 0);
Line Found : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Found : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Found : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8662 octets] - [31/08/2013 14:29:59]
AdwCleaner[R1].txt - [8582 octets] - [31/08/2013 14:32:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [8642 octets] ##########

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Uživatel [Práva správce]
Mód : Kontrola -- Datum : 08/31/2013 14:37:33
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP UNIC] PKIComponent-KBExt-setup.exe -- C:\Users\Uživatel\AppData\Local\Temp\PKIComponent-KBExt-setup.exe [7] -> SMAZÁNO [TermProc]
[SUSP UNIC] PKIComponent-KBExt-setup.tmp -- C:\Users\Uživatel\AppData\Local\Temp\is-OFL07.tmp\PKIComponent-KBExt-setup.tmp [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> NALEZENO
[DNS] HKLM\[...]\CS001\[...]\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> NALEZENO
[DNS] HKLM\[...]\CS002\[...]\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD502HJ ATA Device +++++
--- User ---
[MBR] 63caaf9a4b741fc298b95df347923b8a
[BSP] 29a6ab78f37581a6873ff22f58a40f5e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 75899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 155648000 | Size: 400939 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08312013_143733.txt >>

#4 Příspěvek od **vyosek** » 31 srp 2013 13:46

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Spustte znovu RogueKiller

Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

Radovan4646 · #5 Příspěvek od **Radovan4646** » 31 srp 2013 14:10

Provedl jsem dle pokynů a přikládám logy.

# AdwCleaner v3.001 - Report created 31/08/2013 at 14:58:23
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Uživatel - MARTIN
# Running from : C:\Users\Uživatel\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : WsysSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Users\Uživatel\AppData\Local\PackageAware
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\SweetIMToolbarData
Folder Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
File Deleted : C:\Windows\system32\Uninstall.exe
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\icqplugin-7.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v21.0 (cs)

[ File : C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\prefs.js ]

Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.defSearchChange", true);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1322260806);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "kolo%20filetype%3Apdf||kolo||Tommaso%20Lorenzetti||Xavier%20Simeon||Jordi%20Torres||Ratthapark%20Wilairot||Anthony%20West||Thomas%20Luthi||Kenny%20Noyes||Randy%20Krumm[...]
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1321382924");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "7.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "129623727312962450131296251276713");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1322260809);
Line Deleted : user_pref("icqtoolbar.version", "1.3.6");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]

-\\ Google Chrome v29.0.1547.62

[ File : C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [8662 octets] - [31/08/2013 14:29:59]
AdwCleaner[R1].txt - [8722 octets] - [31/08/2013 14:32:33]
AdwCleaner[R2].txt - [8782 octets] - [31/08/2013 14:53:39]
AdwCleaner[R3].txt - [8842 octets] - [31/08/2013 14:57:53]
AdwCleaner[S0].txt - [8210 octets] - [31/08/2013 14:58:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8270 octets] ##########

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Uživatel [Práva správce]
Mód : Kontrola -- Datum : 08/31/2013 15:05:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[DNS] HKLM\[...]\CCSet\[...]\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> NALEZENO
[DNS] HKLM\[...]\CS001\[...]\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> NALEZENO
[DNS] HKLM\[...]\CS002\[...]\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF} : NameServer (8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HD502HJ ATA Device +++++
--- User ---
[MBR] 63caaf9a4b741fc298b95df347923b8a
[BSP] 29a6ab78f37581a6873ff22f58a40f5e : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 75899 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 155648000 | Size: 400939 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08312013_150544.txt >>

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Uživatel [Práva správce]
Mód : Oprava HOSTS -- Datum : 08/31/2013 15:06:59
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_08312013_150659.txt >>
RKreport[0]_S_08312013_150544.txt

#6 Příspěvek od **vyosek** » 31 srp 2013 14:56

Poprosim o spusteni nasledujiciho

Aplikace ke stažení:

Po stažení FRSTLauncher spustte, objevi se mozna varovani od antiviru, ignorujte a nechte FRSTL spustit

Následně dojde ke stažení FRST a inicializaci

Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
Dooznačíme položku Addition.txt - viz obrázek.
Klikneme na tlačítko Scan čímž spustíme skenování.
Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

Radovan4646 · #7 Příspěvek od **Radovan4646** » 31 srp 2013 15:10

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2013 03
Ran by Uživatel (administrator) on MARTIN on 31-08-2013 16:07:30
Running from C:\Users\Uživatel\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
( ) C:\Program Files\Codebox\BitMeter\BitMeter2.exe
(mech) C:\Program Files\Eyes Relax\EyesRelax.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7514656 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NSU_agent] - C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files\Codebox\BitMeter\BitMeter2.exe ( )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Eyes Relax.lnk
ShortcutTarget: Eyes Relax.lnk -> C:\Windows\Installer\{FAAD374A-B7B4-4B2C-9954-791E52812483}\EyeIcon.ico ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKCU - {149E1E15-8375-4D51-8A33-C900F41BEC67} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {577E1839-3F09-4C47-8026-3CC71D5B8F19} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {8256F8B1-9E71-49F1-81FC-E5205AAD3CEF} URL = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_5
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Hosts: 127.0.0.1 localhost
Tcpip\..\Interfaces\{752AA7AC-E14F-4CAB-AC29-3D722A2F21FF}: [NameServer]8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc;version=0.8.6i - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: personas - C:\Users\Uživatel\AppData\Roaming\Mozilla\Firefox\Profiles\4dalkza1.default\Extensions\personas@christopher.beard.xpi
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files\McAfee\SiteAdvisor
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR RestoreOnStartup: "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: (Google) - http://www.google.com/search?q={searchT ... utf-8&aq=t
CHR DefaultSuggestURL: (Google) - http://suggestqueries.google.com/comple ... earchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\U\u017Eivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0\McChPlg.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (DjVu Plugin Viewer) - C:\Program Files\Mozilla Firefox\plugins\npdjvu.dll (Caminova, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (VLC Multimedia Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (SiteAdvisor) - C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.2.1341_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_1
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\UIVATE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Uživatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [101552 2013-05-22] (McAfee, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-18] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-07-20] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-07-20] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-07-20] ()
R0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-09-14] (DT Soft Ltd)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2007-12-11] (Windows (R) Codename Longhorn DDK provider)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam60.sys [35328 2008-10-24] (Realtek Corporation)
S3 RTVLANPT; C:\Windows\System32\DRIVERS\RtVlan60.sys [19968 2007-12-03] (Windows (R) Codename Longhorn DDK provider)
R0 speedfan; C:\Windows\System32\speedfan.sys [5248 2006-09-24] (Windows (R) 2000 DDK provider)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2011-02-12] (Duplex Secure Ltd.)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-11-12] ()
S3 TEAM; C:\Windows\System32\DRIVERS\RtTeam60.sys [35328 2008-10-24] (Realtek Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-08-31 16:07 - 2013-08-31 16:07 - 00000000 ____D C:\FRST
2013-08-31 16:07 - 2013-08-31 12:09 - 01085067 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST.exe
2013-08-31 15:00 - 2013-08-31 15:00 - 00000056 _____ C:\Windows\setupact.log
2013-08-31 15:00 - 2013-08-31 15:00 - 00000000 _____ C:\Windows\setuperr.log
2013-08-31 14:52 - 2013-08-31 14:52 - 00994642 _____ C:\Users\Uživatel\Desktop\adwcleaner.exe
2013-08-31 14:51 - 2013-08-31 14:52 - 00994642 _____ C:\Users\Uživatel\Downloads\adwcleaner.exe
2013-08-31 14:36 - 2013-08-31 15:05 - 00000000 ____D C:\Users\Uživatel\Desktop\RK_Quarantine
2013-08-31 14:35 - 2013-08-31 14:35 - 00913408 _____ C:\Users\Uživatel\Desktop\RogueKiller.exe
2013-08-31 14:29 - 2013-08-31 14:58 - 00000000 ____D C:\AdwCleaner
2013-08-31 14:23 - 2013-08-31 14:23 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 14:21 - 2013-08-31 14:21 - 00003584 _____ C:\sc-cleaner.txt
2013-08-25 23:15 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2013-08-25 22:53 - 2013-08-25 23:12 - 00000000 ____D C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2013-08-25 22:53 - 2013-08-25 22:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-25 22:53 - 2013-08-25 22:53 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-08-14 19:01 - 2013-08-14 19:03 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 18:56 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 18:56 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 18:56 - 2013-07-26 05:13 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 18:56 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 18:56 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 18:56 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 18:56 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 18:56 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 18:56 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 17:36 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 17:36 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 17:36 - 2013-07-09 06:53 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 17:36 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 17:36 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 17:36 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 17:36 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 17:36 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 17:35 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 17:35 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 17:35 - 2013-07-06 07:05 - 01293760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 17:35 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 19:31 - 2013-08-09 19:33 - 00009339 _____ C:\Users\Uživatel\Documents\PS02.xlsx
2013-08-09 19:31 - 2013-08-09 19:31 - 00009131 _____ C:\Users\Uživatel\Documents\PS03.xlsx
2013-08-09 19:30 - 2013-08-09 19:33 - 00009091 _____ C:\Users\Uživatel\Documents\PS01.xlsx
2013-08-09 19:29 - 2013-08-09 19:29 - 00007894 _____ C:\Users\Uživatel\Documents\suma.xlsx
2013-08-02 18:27 - 2013-08-02 18:27 - 00002176 _____ C:\Users\Public\Desktop\Google Earth.lnk

==================== One Month Modified Files and Folders =======

2013-08-31 16:07 - 2013-08-31 16:07 - 00000000 ____D C:\Users\UIVATE~1\AppData\Local\qb3DA7B4.5B
2013-08-31 16:07 - 2013-08-31 16:07 - 00000000 ____D C:\FRST
2013-08-31 16:07 - 2010-02-16 20:48 - 00000000 ____D C:\ProgramData\Bitmeter2
2013-08-31 15:55 - 2012-04-04 18:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 15:22 - 2013-07-12 23:17 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-31 15:07 - 2009-07-14 06:34 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 15:07 - 2009-07-14 06:34 - 00018432 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 15:05 - 2013-08-31 14:36 - 00000000 ____D C:\Users\Uživatel\Desktop\RK_Quarantine
2013-08-31 15:05 - 2010-02-16 09:51 - 01611428 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 15:03 - 2010-02-15 23:47 - 01796208 _____ C:\Windows\WindowsUpdate.log
2013-08-31 15:00 - 2013-08-31 15:00 - 00000056 _____ C:\Windows\setupact.log
2013-08-31 15:00 - 2013-08-31 15:00 - 00000000 _____ C:\Windows\setuperr.log
2013-08-31 15:00 - 2013-07-12 23:17 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-31 15:00 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 14:58 - 2013-08-31 14:29 - 00000000 ____D C:\AdwCleaner
2013-08-31 14:58 - 2010-02-16 21:30 - 00000000 ____D C:\ProgramData\ICQ
2013-08-31 14:52 - 2013-08-31 14:52 - 00994642 _____ C:\Users\Uživatel\Desktop\adwcleaner.exe
2013-08-31 14:52 - 2013-08-31 14:51 - 00994642 _____ C:\Users\Uživatel\Downloads\adwcleaner.exe
2013-08-31 14:52 - 2013-07-12 21:29 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-08-31 14:35 - 2013-08-31 14:35 - 00913408 _____ C:\Users\Uživatel\Desktop\RogueKiller.exe
2013-08-31 14:23 - 2013-08-31 14:23 - 00000000 ____D C:\Windows\ERUNT
2013-08-31 14:21 - 2013-08-31 14:21 - 00003584 _____ C:\sc-cleaner.txt
2013-08-31 13:04 - 2013-07-12 19:03 - 00000000 ____D C:\Program Files\trend micro
2013-08-31 12:09 - 2013-08-31 16:07 - 01085067 _____ (Farbar) C:\Users\Uživatel\Desktop\FRST.exe
2013-08-26 13:41 - 2010-02-16 19:47 - 00000000 ____D C:\Software
2013-08-25 23:36 - 2011-02-25 22:04 - 00000000 ____D C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultimate ZIP Cracker Trial
2013-08-25 23:36 - 2011-02-25 22:04 - 00000000 ____D C:\Program Files\UZC Trial
2013-08-25 23:12 - 2013-08-25 22:53 - 00000000 ____D C:\Windows\027B5748C40941FE949B7B81A8304EF4.TMP
2013-08-25 22:53 - 2013-08-25 22:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-25 22:53 - 2013-08-25 22:53 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2013-08-25 21:56 - 2012-04-04 18:33 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-25 21:56 - 2011-05-22 16:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-25 21:42 - 2010-10-21 19:24 - 00001098 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-25 21:35 - 2010-02-15 23:53 - 00001419 _____ C:\Users\Uživatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-25 21:30 - 2011-01-07 16:39 - 00773800 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2013-08-25 21:30 - 2011-01-07 16:39 - 00421032 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2013-08-18 10:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2013-08-17 10:54 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2013-08-16 17:42 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-15 21:53 - 2010-02-15 23:44 - 00000000 ____D C:\Windows\Panther
2013-08-14 19:03 - 2013-08-14 19:01 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 19:01 - 2010-02-16 21:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 19:01 - 2010-02-16 20:30 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-09 19:33 - 2013-08-09 19:31 - 00009339 _____ C:\Users\Uživatel\Documents\PS02.xlsx
2013-08-09 19:33 - 2013-08-09 19:30 - 00009091 _____ C:\Users\Uživatel\Documents\PS01.xlsx
2013-08-09 19:31 - 2013-08-09 19:31 - 00009131 _____ C:\Users\Uživatel\Documents\PS03.xlsx
2013-08-09 19:29 - 2013-08-09 19:29 - 00007894 _____ C:\Users\Uživatel\Documents\suma.xlsx
2013-08-02 18:27 - 2013-08-02 18:27 - 00002176 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-08-02 18:27 - 2010-02-16 19:51 - 00000000 ____D C:\Program Files\Google

Files to move or delete:
====================
C:\Users\UIVATE~1\AppData\Local\Temp\PKIComponent-KBExt-setup.exe
C:\Users\UIVATE~1\AppData\Local\Temp\Quarantine.exe
C:\Users\UIVATE~1\AppData\Local\Temp\kbpki\efdb6599e5453117b3cc.dll
C:\Users\UIVATE~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Scheduled Tasks (whitelisted) ===========

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Supplementary Scan (All) ================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"vidc.uyvy"="msyuv.dll"
"vidc.yuy2"="msyuv.dll"
"vidc.yvyu"="msyuv.dll"
"vidc.iyuv"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"vidc.yvu9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"vidc.cvid"="iccvid.dll"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"msacm.voxacm160"="vct3216.acm"
"msacm.scg726"="scg726.acm"
"msacm.alf2cd"="alf2cd.acm"
"msacm.ac3acm"="AC3ACM.acm"
"vidc.dvsd"="mcdvd_32.dll"
"vidc.xvid"="xvidvfw.dll"
"vidc.mpg4"="mpg4c32.dll"
"vidc.mp42"="mpg4c32.dll"
"vidc.mp43"="mpg4c32.dll"
"vidc.DIVX"="DivX.dll"
"vidc.yv12"="DivX.dll"

==================== Drive and Memory info ===================

Drive c: (System) (Fixed) (Total:74.12 GB) (Free:37.44 GB) NTFS
Drive d: (Data) (Fixed) (Total:391.54 GB) (Free:210.28 GB) NTFS

Available physical RAM: 1184.34 MB
Total physical RAM: 2038.18 MB
Percentage of memory in use: 41%

LastRegBack: 2013-08-31 11:57

==================== End Of Log ==============================

#8 Příspěvek od **vyosek** » 31 srp 2013 15:42

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NSU_agent] - C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKCU - {149E1E15-8375-4D51-8A33-C900F41BEC67} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {577E1839-3F09-4C47-8026-3CC71D5B8F19} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {8256F8B1-9E71-49F1-81FC-E5205AAD3CEF} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_5
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File

FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&p=

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

2013-08-25 22:53 - 2013-08-25 22:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-31 14:21 - 2013-08-31 14:21 - 00003584 _____ C:\sc-cleaner.txt

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Radovan4646 · #9 Příspěvek od **Radovan4646** » 31 srp 2013 16:06

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-08-2013 04
Ran by Uživatel at 2013-08-31 17:01:25 Run:1
Running from C:\Users\Uživatel\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NSU_agent] - C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [PC Suite Tray] - C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1500160 2011-06-16] (Nokia)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19}
SearchScopes: HKCU - {149E1E15-8375-4D51-8A33-C900F41BEC67} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {577E1839-3F09-4C47-8026-3CC71D5B8F19} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {8256F8B1-9E71-49F1-81FC-E5205AAD3CEF} URL = http://tv.seznam.cz/hledej?w={searchTer ... ckSearch_5
Toolbar: HKCU -No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU -No Name - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - No File

FF Keyword.URL: hxxp://search.yahoo.com/search?fr=mcafee&p=

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

2013-08-25 22:53 - 2013-08-25 22:53 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-08-31 14:21 - 2013-08-31 14:21 - 00003584 _____ C:\sc-cleaner.txt

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NSU_agent => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} => Value not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{149E1E15-8375-4D51-8A33-C900F41BEC67} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{149E1E15-8375-4D51-8A33-C900F41BEC67} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{577E1839-3F09-4C47-8026-3CC71D5B8F19} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{577E1839-3F09-4C47-8026-3CC71D5B8F19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8256F8B1-9E71-49F1-81FC-E5205AAD3CEF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8256F8B1-9E71-49F1-81FC-E5205AAD3CEF} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Value deleted successfully.
HKCR\CLSID\{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} => Key not found.
Firefox Keyword.URL deleted successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\sc-cleaner.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#10 Příspěvek od **vyosek** » 31 srp 2013 16:28

Jak se chova PC

Radovan4646 · #11 Příspěvek od **Radovan4646** » 31 srp 2013 16:33

PC se chová standardně, žádné problémy se nevyskytují.

#12 Příspěvek od **vyosek** » 01 zář 2013 06:37

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Radovan4646 · #13 Příspěvek od **Radovan4646** » 01 zář 2013 06:54

Vše jsem provedl a PC je OK.
Moc děkuji za pomoc.

#14 Příspěvek od **vyosek** » 01 zář 2013 07:02

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

http://www.delta-homes.com

http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com

Re: http://www.delta-homes.com