VIRY.CZ

komu se chce řešit pomalé počítače i v tento čas, tak...

sestra mi dala počítač s tím že je tak pomalý že se na něm ani nespoustí žádný program.
scan MBAM jsem troufl udělat sám a vše jsem odstranil, dále mi pomohl ccleaner a vyřešení zacyklených aktualizací, počítač už se dá používat, ale myslím že tam něco ještě bude...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Merry at 2013-12-24 20:29:40
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 64 GB (57%) free of 112 GB
Total RAM: 1013 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:49, on 24.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16750)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\windows\Explorer.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
D:\RescueTime\RescueTime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\PROGRA~1\samsung\SAMSUN~2\SUPNOT~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Merry\Downloads\RSIT.exe
C:\Program Files\trend micro\Merry.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp.
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O3 - Toolbar: (no name) - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O3 - Toolbar: (no name) - !{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ColdTurkey_notify] D:\ColdTurkey\ct_notify.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\Alwil Software\Avast5\setup\emupdate\e4374e1c-b74a-45e8-8ea9-f78a67f059fa.exe /check
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: RescueTime.lnk = D:\RescueTime\RescueTime.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KCTRP - Unknown owner - D:\ColdTurkey\KCTRP_srv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 11077 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\WxDFastUpdaterTask{E7F944E4-74E0-4636-A7F3-93F04A6B74DF}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default

prefs.js - "browser.startup.homepage" - "http://igoogle.com/"
prefs.js - "extensions.enabledItems" - "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, engine@conduit.com:3.3.3.2, {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.9.0.3, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 13&UM=1&q="

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.13.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL

C:\Program Files\Mozilla Firefox\searchplugins\
iMeshWebSearch.xml
mall-cz.xml

C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\searchplugins\
conduit.xml
iMeshWebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-12-20 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D381FF29-7CFB-4D4E-B92A-C4EDDC696614}]
Windows 7 Starter Helper - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll [2009-12-09 137904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{28387537-e3f9-4ed7-860c-11e69af4a8a0}
!{2318C2B1-4965-11d4-9B18-009027A5CD4F}
!{30F9B915-B755-4826-820B-08FBA6BD249D}
!{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-12-20 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-11-18 8092192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-10 1578280]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-10-25 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-10-25 173592]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-10-25 150552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-12-20 3764024]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2013-09-11 450560]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-02-20 152392]
"ColdTurkey_notify"=D:\ColdTurkey\ct_notify.exe [2013-01-01 47104]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2013-12-20 3764024]
"20131121"=C:\Program Files\Alwil Software\Avast5\setup\emupdate\e4374e1c-b74a-45e8-8ea9-f78a67f059fa.exe [2013-11-26 180184]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29 1861968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APLangApp]
C:\Program Files\AnyPC Client\APLangApp.exe [2009-11-20 13312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NCdownloader.lnk]
C:\PROGRA~1\SOLIBO~1\NCDOWN~1\NCDOWN~1.EXE [2012-08-28 270848]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Merry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RescueTime.lnk - D:\RescueTime\RescueTime.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-10-25 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-12-24 20:29:41 ----D---- C:\Program Files\trend micro
2013-12-24 20:29:40 ----D---- C:\rsit
2013-12-20 21:51:22 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2013-12-20 20:46:18 ----D---- C:\Program Files\Mozilla Firefox
2013-12-20 20:03:11 ----A---- C:\windows\system32\drivers\aswstm.sys
2013-12-20 18:51:16 ----D---- C:\windows\pss
2013-12-13 10:51:31 ----A---- C:\windows\system32\wmp.dll
2013-12-13 10:51:27 ----A---- C:\windows\system32\wmploc.DLL
2013-12-13 10:48:55 ----A---- C:\windows\system32\jscript.dll
2013-12-13 10:48:52 ----A---- C:\windows\system32\jscript9.dll
2013-12-13 10:48:50 ----A---- C:\windows\system32\jsproxy.dll
2013-12-13 10:48:49 ----A---- C:\windows\system32\iesetup.dll
2013-12-13 10:48:48 ----A---- C:\windows\system32\ieui.dll
2013-12-13 10:48:45 ----A---- C:\windows\system32\msfeeds.dll
2013-12-13 10:48:45 ----A---- C:\windows\system32\ie4uinit.exe
2013-12-13 10:48:44 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-12-13 10:48:44 ----A---- C:\windows\system32\iernonce.dll
2013-12-13 10:48:43 ----A---- C:\windows\system32\iesysprep.dll
2013-12-13 10:48:42 ----A---- C:\windows\system32\urlmon.dll
2013-12-13 10:48:41 ----A---- C:\windows\system32\iertutil.dll
2013-12-13 10:48:36 ----A---- C:\windows\system32\wininet.dll
2013-12-13 10:48:33 ----A---- C:\windows\system32\ieframe.dll
2013-12-13 10:48:25 ----A---- C:\windows\system32\mshtml.dll
2013-12-11 09:07:40 ----A---- C:\windows\system32\msieftp.dll
2013-12-11 09:07:35 ----A---- C:\windows\system32\imagehlp.dll
2013-12-11 09:07:28 ----A---- C:\windows\system32\wscript.exe
2013-12-11 09:07:26 ----A---- C:\windows\system32\scrrun.dll
2013-12-11 09:07:25 ----A---- C:\windows\system32\cscript.exe
2013-12-11 09:07:10 ----A---- C:\windows\system32\WMPhoto.dll
2013-12-11 09:06:39 ----A---- C:\windows\system32\tzres.dll
2013-12-11 09:05:21 ----A---- C:\windows\system32\win32k.sys
2013-12-11 09:05:16 ----A---- C:\windows\system32\drivers\portcls.sys
2013-12-11 09:05:03 ----A---- C:\windows\system32\drivers\drmk.sys
2013-11-30 15:06:41 ----D---- C:\windows\Migration
2013-11-26 05:55:16 ----SHD---- C:\found.000

======List of files/folders modified in the last 1 month======

2013-12-24 20:30:02 ----D---- C:\windows\Temp
2013-12-24 20:29:59 ----D---- C:\windows\Prefetch
2013-12-24 20:29:41 ----RD---- C:\Program Files
2013-12-24 15:25:50 ----D---- C:\windows\system32\config
2013-12-24 15:12:34 ----SHD---- C:\System Volume Information
2013-12-20 22:34:26 ----D---- C:\windows\system32\drivers
2013-12-20 22:34:26 ----D---- C:\windows\Setup
2013-12-20 22:31:35 ----D---- C:\windows\Tasks
2013-12-20 22:16:51 ----D---- C:\Windows
2013-12-20 21:52:52 ----D---- C:\windows\system32\Tasks
2013-12-20 21:51:09 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-12-20 21:18:14 ----D---- C:\Program Files\Google
2013-12-20 21:18:13 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-20 21:14:55 ----SHD---- C:\windows\Installer
2013-12-20 21:13:35 ----D---- C:\ProgramData\Google
2013-12-20 20:38:31 ----D---- C:\ProgramData\DivX
2013-12-20 20:38:29 ----RSD---- C:\windows\Fonts
2013-12-20 20:38:18 ----D---- C:\Program Files\DivX
2013-12-20 20:37:40 ----D---- C:\Program Files\Common Files\DivX Shared
2013-12-20 20:37:05 ----D---- C:\Users\Merry\AppData\Roaming\DivX
2013-12-20 20:36:39 ----D---- C:\windows\System32
2013-12-20 20:08:55 ----D---- C:\windows\system32\MRT
2013-12-20 20:02:51 ----A---- C:\windows\system32\aswBoot.exe
2013-12-20 20:01:15 ----A---- C:\windows\system32\MRT.exe
2013-12-20 18:00:20 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-12-20 18:00:19 ----D---- C:\windows\inf
2013-12-14 22:42:35 ----D---- C:\windows\rescache
2013-12-13 11:11:02 ----D---- C:\windows\winsxs
2013-12-13 11:05:05 ----D---- C:\windows\system32\cs-CZ
2013-12-13 11:05:03 ----D---- C:\Program Files\Windows Media Player
2013-12-13 11:04:54 ----D---- C:\Program Files\Internet Explorer
2013-12-13 11:04:45 ----D---- C:\windows\system32\DriverStore
2013-12-13 11:00:32 ----A---- C:\windows\win.ini
2013-12-13 10:51:52 ----D---- C:\windows\system32\catroot
2013-12-13 10:51:51 ----D---- C:\windows\system32\catroot2
2013-12-10 22:25:06 ----A---- C:\windows\system32\FlashPlayerApp.exe
2013-12-09 06:21:42 ----D---- C:\windows\Logs
2013-12-01 17:42:53 ----D---- C:\windows\Microsoft.NET
2013-11-30 15:07:39 ----D---- C:\windows\system32\en-US
2013-11-30 15:06:41 ----SD---- C:\ProgramData\Microsoft
2013-11-30 15:01:34 ----RSD---- C:\windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2013-10-21 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2013-12-20 180248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; \??\C:\windows\system32\drivers\aswRdr2.sys [2013-10-21 79720]
R1 aswSnx;aswSnx; \??\C:\windows\system32\drivers\aswSnx.sys [2013-12-20 775952]
R1 aswSP;aswSP; \??\C:\windows\system32\drivers\aswSP.sys [2013-12-20 410528]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2009-05-28 10752]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2013-12-20 67824]
R3 aswStm;aswStm; \??\C:\windows\system32\drivers\aswStm.sys [2013-12-20 66752]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2011-12-13 2228224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-10-02 86056]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2009-08-29 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-08-29 18472]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-16 218688]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-10-25 4807168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-11-18 2807392]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\drivers\serscan.sys [2009-07-14 9216]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-10-10 229424]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys [2013-12-20 40776]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-12-20 50344]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 595232]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [2009-08-13 44312]
R2 Rezip;Rezip; C:\windows\SYSTEM32\Rezip.exe [2009-03-05 311296]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 553288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-23 135664]
S2 KCTRP;KCTRP; D:\ColdTurkey\KCTRP_srv.exe [2013-01-27 29696]
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-23 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

log z MBAM, vše nalezené jsem už odstranil

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.12.20.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16750
Merry :: SAMSUNGN210 [administrátor]

20.12.2013 21:52:27
mbam-log-2013-12-20 (21-52-27).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 237855
Uplynulý čas: 22 minut, 13 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\Datamngr (PUP.Optional.DataMngr.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\iVIDI Plugin (PUP.Optional.Ividi.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\SOFTWARE\OPTIMIZER PRO (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 1
HKCU\Software\Optimizer Pro|AdsBuyNowURL (PUP.Optional.OptimizerPro.A) -> Data: http://conversion.pcutilitiespro.revenu ... rpro/xsell -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 4
C:\Program Files\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3288691 (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3297861 (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 27
C:\Users\Merry\Downloads\Supernatural_S09E01_HDTV_480p_x264_AAC_E-Subs_[GWC].mkv.exe (PUP.Optional.ToolBarInstaller.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\Downloads\bsplayer266.1075.exe (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Windows\Tasks\OptimizerPro1UpdaterTask{68D30938-F007-4ECD-9FBA-6F12F2B28EA1}.job (PUP.Optional.Optimizerpro) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\English.ini (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProGuard.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProLauncher.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProSchedule.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\OptProUninstaller.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\sqlite3.dll (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Optimizer Pro\unins000.exe (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro on the Web.lnk (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Help.lnk (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro\Uninstall Optimizer Pro.lnk (PUP.Optional.OptimizerPro.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3288691\chromeid.txt (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3288691\ism.exe (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3288691\setup.ini.txt (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3297861\chromeid.txt (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Merry\AppData\Local\Temp\ct3297861\setup.ini.txt (PUP.Optional.Conduit.A) -> Přesun do karantény a smazání se zdařilo.

(konec)


přeju všem čtenářům tohoto vlákna hezké vánoční svátky

Zdravim

Muzete mi prosim dat log z MBAMu, at vim co nasel?

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

vyosek: log z MBAM je v tomto vlákně v mém druhém příspěvku

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Starter x86
Ran by Merry on st 25.12.2013 at 15:21:57,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitengine
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\bittorrentbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\conduit.engine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\driverscanner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitengine
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_atube-catcher_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_atube-catcher_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Failed to delete: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Failed to delete: [Folder] "C:\ProgramData\application data\premium"
Successfully deleted: [Folder] "C:\Users\Merry\appdata\locallow\bittorrentbar"
Successfully deleted: [Folder] "C:\Users\Merry\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Merry\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Merry\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Program Files\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduitengine"
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{0E331C5A-F6AF-4EB6-9C03-2A23976C251E}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{25FC9CD4-2039-4020-9156-141B6768BA09}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{3F18500F-AD07-4F11-9E07-D3409BAF345F}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{523127AA-9DFB-4046-A8EA-72637C06E923}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{552D2EA5-C69C-41D6-BED3-6FF4524C9141}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{86DD50C7-9838-4CDD-9824-1D148CC52E45}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{92E86B74-D45D-4CFA-82F7-4C30CB2463CD}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{C27BBA82-B003-4B9C-844A-BFE875418CEE}
Successfully deleted: [Empty Folder] C:\Users\Merry\appdata\local\{EC35B95B-8D45-4A88-9684-540FA06D95F7}



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\imeshwebsearch.xml"
Successfully deleted: [File] C:\Users\Merry\AppData\Roaming\mozilla\firefox\profiles\s6rn396n.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Merry\AppData\Roaming\mozilla\firefox\profiles\s6rn396n.default\searchplugins\imeshwebsearch.xml
Successfully deleted: [Folder] C:\Users\Merry\AppData\Roaming\mozilla\firefox\profiles\s6rn396n.default\conduitcommon
Successfully deleted the following from C:\Users\Merry\AppData\Roaming\mozilla\firefox\profiles\s6rn396n.default\prefs.js

user_pref("CT1750559.FF19Solved", "true");
user_pref("CT1750559.UserID", "UN17834348813064513");
user_pref("CT1750559.browser.search.defaultthis.engineName", "true");
user_pref("CT1750559.fullUserID", "UN17834348813064513.IN.20131023164126");
user_pref("CT1750559.installDate", "23/10/2013 16:41:57");
user_pref("CT1750559.installSessionId", "006e8942-7056-41eb-8416-5e4d7cf4cfea");
user_pref("CT1750559.installSp", "true");
user_pref("CT1750559.installerVersion", "1.8.0.14");
user_pref("CT1750559.keyword", "true");
user_pref("CT1750559.originalSearchAddressUrl", "hxxp://search.imesh.com/web?src=ffb&systemid=1&q=");
user_pref("CT1750559.originalSearchEngine", "Google");
user_pref("CT1750559.originalSearchEngineName", "iMesh Web Search");
user_pref("CT1750559.searchRevert", "false");
user_pref("CT1750559.searchUserMode", "1");
user_pref("CT1750559.toolbarInstallDate", "23-10-2013 16:41:28");
user_pref("CT1750559.versionFromInstaller", "10.21.1.7");
user_pref("CT1750559.xpeMode", "0");
user_pref("CT2790392..clientLogIsEnabled", false);
user_pref("CT2790392..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2790392..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2790392.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2790392.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2790392.BrowserCompStateIsOpen_129633547190125290", true);
user_pref("CT2790392.BrowserCompStateIsOpen_130059329278017115", true);
user_pref("CT2790392.BrowserCompStateIsOpen_1359634298000", true);
user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&S
user_pref("CT2790392.CTID", "CT2790392");
user_pref("CT2790392.ConfigurationLastCheckTime", "Mon Oct 21 2013 15:16:00 GMT+0200");
user_pref("CT2790392.CurrentServerDate", "21-10-2013");
user_pref("CT2790392.DialogsAlignMode", "LTR");
user_pref("CT2790392.DialogsGetterLastCheckTime", "Mon Oct 21 2013 11:52:43 GMT+0200");
user_pref("CT2790392.DownloadReferralCookieData", "");
user_pref("CT2790392.EMailNotifierPollDate", "Sat Mar 05 2011 19:32:54 GMT+0100");
user_pref("CT2790392.FeedLastCount129313977501788460", 162);
user_pref("CT2790392.FeedPollDate129313974171006416", "Sat Mar 05 2011 19:33:57 GMT+0100");
user_pref("CT2790392.FeedPollDate129313975698350231", "Sat Mar 05 2011 19:33:57 GMT+0100");
user_pref("CT2790392.FeedPollDate129313976370850190", "Sat Mar 05 2011 19:33:57 GMT+0100");
user_pref("CT2790392.FeedPollDate129313976648818968", "Sat Mar 05 2011 19:33:57 GMT+0100");
user_pref("CT2790392.FeedPollDate129313977444757117", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedPollDate129313980389131455", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedPollDate129313980655381977", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedPollDate129313980886163259", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedPollDate129313981234756535", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedPollDate129313983226631720", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedPollDate129313983607725691", "Sat Mar 05 2011 19:33:58 GMT+0100");
user_pref("CT2790392.FeedTTL129313974171006416", 10);
user_pref("CT2790392.FeedTTL129313977444757117", 15);
user_pref("CT2790392.FeedTTL129313980655381977", 5);
user_pref("CT2790392.FeedTTL129313981234756535", 5);
user_pref("CT2790392.FirstServerDate", "5-3-2011");
user_pref("CT2790392.FirstTime", true);
user_pref("CT2790392.FirstTimeFF3", true);
user_pref("CT2790392.FixPageNotFoundErrors", false);
user_pref("CT2790392.GroupingServerCheckInterval", 1440);
user_pref("CT2790392.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2790392.HasUserGlobalKeys", true);
user_pref("CT2790392.Initialize", true);
user_pref("CT2790392.InitializeCommonPrefs", true);
user_pref("CT2790392.InstallationAndCookieDataSentCount", 3);
user_pref("CT2790392.InstallationType", "UnknownIntegration");
user_pref("CT2790392.InstalledDate", "Sat Mar 05 2011 19:32:55 GMT+0100");
user_pref("CT2790392.IsGrouping", false);
user_pref("CT2790392.IsMulticommunity", false);
user_pref("CT2790392.IsOpenThankYouPage", true);
user_pref("CT2790392.IsOpenUninstallPage", false);
user_pref("CT2790392.LanguagePackLastCheckTime", "Mon Oct 21 2013 11:52:40 GMT+0200");
user_pref("CT2790392.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2790392.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2790392.LastLogin_3.12.0.7", "Fri Apr 27 2012 15:09:33 GMT+0200");
user_pref("CT2790392.LastLogin_3.12.2.3", "Thu May 31 2012 21:32:50 GMT+0200");
user_pref("CT2790392.LastLogin_3.13.0.6", "Tue Jul 17 2012 10:28:44 GMT+0200");
user_pref("CT2790392.LastLogin_3.14.1.0", "Mon Aug 27 2012 23:52:42 GMT+0200");
user_pref("CT2790392.LastLogin_3.15.1.0", "Mon Mar 04 2013 20:10:42 GMT+0100");
user_pref("CT2790392.LastLogin_3.18.0.7", "Thu Jul 18 2013 16:10:50 GMT+0200");
user_pref("CT2790392.LastLogin_3.19.0.3", "Mon Oct 21 2013 11:52:41 GMT+0200");
user_pref("CT2790392.LastLogin_3.2.5.2", "Sat Mar 05 2011 19:32:55 GMT+0100");
user_pref("CT2790392.LatestVersion", "3.20.0.4");
user_pref("CT2790392.Locale", "en");
user_pref("CT2790392.MCDetectTooltipHeight", "83");
user_pref("CT2790392.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2790392.MCDetectTooltipWidth", "295");
user_pref("CT2790392.MyStuffEnabledAtInstallation", true);
user_pref("CT2790392.SearchAPILastCheckTime", "Mon Oct 21 2013 15:16:04 GMT+0200");
user_pref("CT2790392.SearchFromAddressBarIsInit", true);
user_pref("CT2790392.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&q=");
user_pref("CT2790392.SearchInNewTabEnabled", true);
user_pref("CT2790392.SearchInNewTabIntervalMM", 1440);
user_pref("CT2790392.SearchInNewTabLastCheckTime", "Mon Oct 21 2013 11:52:36 GMT+0200");
user_pref("CT2790392.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2790392.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID");
user_pref("CT2790392.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2790392.ServiceMapLastCheckTime", "Mon Oct 21 2013 11:52:39 GMT+0200");
user_pref("CT2790392.SettingsLastCheckTime", "Mon Oct 21 2013 11:52:35 GMT+0200");
user_pref("CT2790392.SettingsLastUpdate", "1382343142");
user_pref("CT2790392.ThirdPartyComponentsInterval", 504);
user_pref("CT2790392.ThirdPartyComponentsLastCheck", "Sat Mar 05 2011 19:32:53 GMT+0100");
user_pref("CT2790392.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2790392.ToolbarShrinkedFromSetup", false);
user_pref("CT2790392.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2790392");
user_pref("CT2790392.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT2790392.UserID", "UN19320529358781002");
user_pref("CT2790392.ValidationData_Toolbar", 1);
user_pref("CT2790392.WeatherNetwork", "");
user_pref("CT2790392.WeatherPollDate", "Sat Mar 05 2011 19:33:56 GMT+0100");
user_pref("CT2790392.WeatherUnit", "C");
user_pref("CT2790392.alertChannelId", "1182482");
user_pref("CT2790392.backendstorage.cb", "31");
user_pref("CT2790392.backendstorage.cb_firstuse0100", "31");
user_pref("CT2790392.backendstorage.cbcountry_001", "435A");
user_pref("CT2790392.backendstorage.cbfirsttime", "4D6F6E204E6F7620303520323031322030383A31333A343020474D542B30313030");
user_pref("CT2790392.backendstorage.mam_couponbuddy_appstate", "6F6E");
user_pref("CT2790392.backendstorage.mam_gk_first_time", "31");
user_pref("CT2790392.backendstorage.mam_pricegong_appstate", "6F6E");
user_pref("CT2790392.backendstorage.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313335323039393636383135372C2C2C68747470
user_pref("CT2790392.countryCode", "CZ");
user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT2790392.homepageProtectorEnableByLogin", true);
user_pref("CT2790392.initDone", true);
user_pref("CT2790392.myStuffEnabled", true);
user_pref("CT2790392.myStuffPublihserMinWidth", 400);
user_pref("CT2790392.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2790392.myStuffServiceIntervalMM", 1440);
user_pref("CT2790392.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2790392.revertSettingsEnabled", true);
user_pref("CT2790392.searchProtectorDialogDelayInSec", 10);
user_pref("CT2790392.searchProtectorEnableByLogin", true);
user_pref("CT2790392.testingCtid", "");
user_pref("CT2790392.toolbarAppMetaDataLastCheckTime", "Mon Oct 21 2013 11:52:38 GMT+0200");
user_pref("CT2790392.toolbarContextMenuLastCheckTime", "Sat Mar 05 2011 19:33:30 GMT+0100");
user_pref("CT2790392.usagesFlag", 2);
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"14e81ba51af874da6a15091352f27f3d3\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"1361459328\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "L+tncv4eqt6Qm5T3dzChdA==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "SuMy8xgBA7+FodOxmk9aiQ==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"4bb1de6bebc9cc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"801a319dd78ccc1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"9f8d2729abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://newtab.conduit-hosting.com/newtab/?ctid=CT2790392", "\"280ca361d2020cc2f837faa50829c720\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634333631231730000\"");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634339976460000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"1298422515\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
user_pref("CommunityToolbar.EngineHiddenByUser", true);
user_pref("CommunityToolbar.EngineOwner", "");
user_pref("CommunityToolbar.EngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "bittorrentbar");
user_pref("CommunityToolbar.IsEngineShown", false);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.OriginalEngineOwner", "CT2790392");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{88c7f2aa-f93f-432c-8f0e-b7d85967a527}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bittorrentbar");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.imesh.com/web?src=ffb&systemid=1&q=");
user_pref("CommunityToolbar.ToolbarsList", "CT2790392");
user_pref("CommunityToolbar.ToolbarsList2", "CT2790392,ConduitEngine");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Jan 22 2012 22:48:24 GMT+0100");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Feb 13 2012 15:29:52 GMT+0100");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Feb 13 2012 15:29:45 GMT+0100");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "9d94e2b6-7aea-4ffe-8481-d450b38eca07");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Mar 05 2011 19:33:30 GMT+0100");
user_pref("CommunityToolbar.globalUserId", "418cb7c9-016c-4f4b-b18a-14477b6c316d");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.killedEngine", true);
user_pref("CommunityToolbar.undefined", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.imesh.com/web?src=ffb&systemid=1&q=");
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.search.defaultthis.engineName", "BS Player ControlBar Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&CUI=UN17834348813064513&UM=1&SearchSource=3&q={searchTerms}");
user_pref("browser.search.order.1", "iMesh Web Search");
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN17834348813064513&UM=1&q=");
user_pref("smartbar.addressBarOwnerCTID", "CT1750559");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&CUI=UN17834348813064513&UM=1&q=");
user_pref("smartbar.defaultSearchOwnerCTID", "CT1750559");
user_pref("smartbar.machineId", "QDED4/AP3JAAER25AAALCS8WKKWILLBU33/MQ+NFD+C1++TIJ2LGRTJKSMKMBSNUKVYGA9GMTKBAE7DFXTGT+G");
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\Merry\AppData\Roaming\mozilla\firefox\profiles\s6rn396n.default\minidumps [216 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 25.12.2013 at 15:31:48,59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.016 - Report created 25/12/2013 at 15:43:04
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Merry - SAMSUNGN210
# Running from : C:\Users\Merry\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Uniblue\DriverScanner
Folder Deleted : C:\Program Files\BrowseToSave
Folder Deleted : C:\Users\Merry\AppData\Local\iMesh
Folder Deleted : C:\Users\Merry\AppData\Local\PackageAware
Folder Deleted : C:\Users\Merry\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\Merry\AppData\Roaming\Uniblue\DriverScanner
Folder Deleted : C:\Users\Merry\Documents\iMesh
Folder Deleted : C:\Users\2\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\2\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\2\AppData\Roaming\NCdownloader
Folder Deleted : C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\Conduit
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_48c708f2
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Key Deleted : HKCU\Software\Imesh
Key Deleted : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16750


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\2\AppData\Roaming\Mozilla\Firefox\Profiles\06hv4yav.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

[ File : C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\prefs.js ]

Line Deleted : user_pref("CT2790392.CT2790392.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2790392&octid=CT2790392&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...]
Line Deleted : user_pref("CT2790392.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"14e81ba51af874da6a15091352f27f3d3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1182482/1178159/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2790392", "\"1361459328\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"4bb1de6bebc9cc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"801a319dd78ccc1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.19.0.3", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://newtab.conduit-hosting.com/newtab/?ctid=CT2790392", "\"280ca361d2020cc2f837faa50829c720\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2790392", "\"9971ee9815a5fc569766cf6ddcaaca8e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634333631231730000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2790392/CT2790392", "\"1298422515\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"5b6c7fc799d642c664ba7e131c771382\"");
Line Deleted : user_pref("extensions.enabledAddons", "DivXWebPlayer%40divx.com:2.0.2.039,%7Bea614400-e918-4741-9a97-7a972ff7c30b%7D:2.5.15");
Line Deleted : user_pref("extensions.enabledItems", "{ea614400-e918-4741-9a97-7a972ff7c30b}:2.4.3,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,engine@conduit.com:3.3.3.[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

[ File : C:\Users\2\AppData\Roaming\Mozilla\Firefox\Profiles\06hv4yav.default\prefs.js ]


-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Merry\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\2\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8709 octets] - [25/12/2013 15:34:29]
AdwCleaner[S0].txt - [7888 octets] - [25/12/2013 15:43:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7948 octets] ##########

Zdravim

Uz by se melo PC daleko lepe dychat

Nyni poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

potvrzuji, počítač už je výrazně rychlejší
log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-12-2013
Ran by Merry (administrator) on SAMSUNGN210 on 26-12-2013 20:06:34
Running from C:\Users\Merry\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\Windows\System32\Rezip.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPNotifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Merry\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8092192 2009-11-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [avast5] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-20] (AVAST Software)
HKLM\...\Run: [IJNetworkScanUtility] - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124512 2007-05-21] (CANON INC.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [ColdTurkey_notify] - D:\ColdTurkey\ct_notify.exe [47104 2013-01-01] ()
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2013-12-20] (AVAST Software)
HKLM\...\Run: [20131121] - C:\Program Files\Alwil Software\Avast5\Setup\emupdate\e4374e1c-b74a-45e8-8ea9-f78a67f059fa.exe [180184 2013-11-26] (AVAST Software)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKCU\...\Winlogon: [Shell] C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe [115888 2009-12-10] (Oceanis) <==== ATTENTION
HKU\2\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Startup: C:\Users\Merry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk
ShortcutTarget: RescueTime.lnk -> D:\RescueTime\RescueTime.exe (RescueTime, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... 1I7SMSN_cs
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll (Oceanis)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - No Name - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKLM - No Name - !{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: hxxp://igoogle.com/
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: No Name - C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\Extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF Extension: DivX Web Player - C:\Users\Merry\AppData\Roaming\Mozilla\Firefox\Profiles\s6rn396n.default\Extensions\DivXWebPlayer@divx.com.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.youtube.com/feed/subscriptions", "hxxp://tumblr.com/", "https://email.seznam.cz/", "hxxp://gmail.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Merry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2013-12-20] (AVAST Software)
S2 KCTRP; D:\ColdTurkey\KCTRP_srv.exe [29696 2013-01-27] ()
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] ()
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2013-12-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [79720 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-21] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [775952 2013-12-20] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [410528 2013-12-20] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [66752 2013-12-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2013-12-20] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-03-16] (DT Soft Ltd)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-26 20:06 - 2013-12-26 20:07 - 00015210 _____ C:\Users\Merry\Desktop\FRST.txt
2013-12-26 20:05 - 2013-12-26 20:05 - 00000000 ____D C:\FRST
2013-12-26 20:05 - 2013-12-26 20:04 - 00112640 _____ (forum.viry.cz) C:\Users\Merry\Desktop\FRSTLauncher.exe
2013-12-26 20:04 - 2013-12-26 20:04 - 00112640 _____ (forum.viry.cz) C:\Users\Merry\Downloads\FRSTLauncher.exe
2013-12-26 20:04 - 2013-12-26 20:02 - 01061649 _____ (Farbar) C:\Users\Merry\Desktop\FRST.exe
2013-12-26 20:02 - 2013-12-26 20:02 - 01061649 _____ (Farbar) C:\Users\Merry\Downloads\FRST.exe
2013-12-25 15:34 - 2013-12-25 15:43 - 00000000 ____D C:\AdwCleaner
2013-12-25 15:21 - 2013-12-25 15:21 - 00000000 ____D C:\windows\ERUNT
2013-12-25 15:19 - 2013-12-25 15:19 - 01233962 _____ C:\Users\Merry\Downloads\adwcleaner.exe
2013-12-25 15:18 - 2013-12-25 15:18 - 01034531 _____ (Thisisu) C:\Users\Merry\Downloads\JRT.exe
2013-12-24 20:29 - 2013-12-24 20:31 - 00000000 ____D C:\rsit
2013-12-24 20:29 - 2013-12-24 20:30 - 00000000 ____D C:\Program Files\trend micro
2013-12-24 20:26 - 2013-12-24 20:26 - 00781383 _____ C:\Users\Merry\Downloads\RSIT.exe
2013-12-21 21:19 - 2013-12-21 22:47 - 1468819456 _____ C:\Users\Merry\Downloads\FAR_FROM_HEAVEN.avi
2013-12-20 20:46 - 2013-12-20 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 20:03 - 2013-12-20 20:02 - 00066752 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2013-12-20 18:51 - 2013-12-20 18:51 - 00000000 ____D C:\windows\pss
2013-12-13 10:51 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2013-12-13 10:51 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-12-13 10:48 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-13 10:48 - 2013-10-25 05:45 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-13 10:48 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-13 10:48 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-13 10:48 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-13 10:48 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-13 10:48 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-11 09:07 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-12-11 09:07 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2013-12-11 09:07 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2013-12-11 09:07 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2013-12-11 09:07 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2013-12-11 09:07 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2013-12-11 09:07 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2013-12-11 09:06 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-12-11 09:05 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-12-11 09:05 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2013-12-11 09:05 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-12-09 06:21 - 2013-12-20 20:00 - 00059402 _____ C:\windows\IE11_main.log
2013-12-08 14:51 - 2013-12-08 15:15 - 00026624 ____H C:\Users\Merry\Desktop\~WRL2795.tmp
2013-12-01 19:34 - 2013-12-01 19:34 - 02923310 _____ C:\Users\Merry\Desktop\ANJ-internet - m.pptx
2013-12-01 19:24 - 2013-12-01 19:24 - 02931721 _____ C:\Users\Merry\Downloads\ANJ-internet (1).pptx
2013-12-01 19:14 - 2013-12-01 19:16 - 02931721 _____ C:\Users\Merry\Downloads\ANJ-internet.pptx
2013-12-01 02:04 - 2013-12-01 02:03 - 00140166 _____ C:\Users\Merry\Downloads\trz4E26.tmp
2013-11-26 05:55 - 2013-11-26 05:55 - 00000000 __SHD C:\found.000

==================== One Month Modified Files and Folders =======

2013-12-26 20:08 - 2010-12-23 00:12 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-26 20:07 - 2013-12-26 20:06 - 00015210 _____ C:\Users\Merry\Desktop\FRST.txt
2013-12-26 20:05 - 2013-12-26 20:05 - 00000000 ____D C:\FRST
2013-12-26 20:04 - 2013-12-26 20:05 - 00112640 _____ (forum.viry.cz) C:\Users\Merry\Desktop\FRSTLauncher.exe
2013-12-26 20:04 - 2013-12-26 20:04 - 00112640 _____ (forum.viry.cz) C:\Users\Merry\Downloads\FRSTLauncher.exe
2013-12-26 20:02 - 2013-12-26 20:04 - 01061649 _____ (Farbar) C:\Users\Merry\Desktop\FRST.exe
2013-12-26 20:02 - 2013-12-26 20:02 - 01061649 _____ (Farbar) C:\Users\Merry\Downloads\FRST.exe
2013-12-26 19:57 - 2010-12-23 00:12 - 00000940 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 19:57 - 2010-01-12 03:41 - 01807419 _____ C:\windows\WindowsUpdate.log
2013-12-26 19:56 - 2012-12-06 16:58 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-26 11:43 - 2012-10-20 08:05 - 00000376 ____H C:\windows\Tasks\WxDFastUpdaterTask{E7F944E4-74E0-4636-A7F3-93F04A6B74DF}.job
2013-12-26 11:32 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 11:32 - 2009-07-14 05:34 - 00010272 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 11:24 - 2011-11-25 11:29 - 00028132 _____ C:\windows\setupact.log
2013-12-26 11:24 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-25 15:43 - 2013-12-25 15:34 - 00000000 ____D C:\AdwCleaner
2013-12-25 15:43 - 2013-04-11 12:58 - 00000000 ____D C:\ProgramData\Uniblue
2013-12-25 15:43 - 2013-03-08 15:21 - 00000000 ____D C:\Users\Merry\AppData\Roaming\Uniblue
2013-12-25 15:21 - 2013-12-25 15:21 - 00000000 ____D C:\windows\ERUNT
2013-12-25 15:19 - 2013-12-25 15:19 - 01233962 _____ C:\Users\Merry\Downloads\adwcleaner.exe
2013-12-25 15:18 - 2013-12-25 15:18 - 01034531 _____ (Thisisu) C:\Users\Merry\Downloads\JRT.exe
2013-12-24 20:31 - 2013-12-24 20:29 - 00000000 ____D C:\rsit
2013-12-24 20:30 - 2013-12-24 20:29 - 00000000 ____D C:\Program Files\trend micro
2013-12-24 20:26 - 2013-12-24 20:26 - 00781383 _____ C:\Users\Merry\Downloads\RSIT.exe
2013-12-21 22:47 - 2013-12-21 21:19 - 1468819456 _____ C:\Users\Merry\Downloads\FAR_FROM_HEAVEN.avi
2013-12-20 22:34 - 2011-11-25 11:28 - 00204216 _____ C:\windows\PFRO.log
2013-12-20 21:51 - 2011-01-22 13:14 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-20 21:18 - 2013-01-14 17:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 21:18 - 2010-01-11 11:20 - 00000000 ____D C:\Program Files\Google
2013-12-20 21:18 - 2009-07-14 05:33 - 00501136 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-20 21:13 - 2010-12-22 03:06 - 00000000 ____D C:\Users\Merry\AppData\Local\Google
2013-12-20 21:13 - 2010-01-11 11:20 - 00000000 ____D C:\ProgramData\Google
2013-12-20 20:48 - 2010-12-24 20:31 - 00000000 ____D C:\Users\Merry\AppData\Local\Mozilla
2013-12-20 20:46 - 2013-12-20 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-20 20:42 - 2010-12-22 02:08 - 00141288 _____ C:\Users\Merry\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-20 20:38 - 2012-08-20 15:18 - 00000000 ____D C:\Program Files\DivX
2013-12-20 20:38 - 2012-08-20 15:16 - 00000000 ____D C:\ProgramData\DivX
2013-12-20 20:37 - 2013-03-08 15:27 - 00000000 ____D C:\Users\Merry\AppData\Roaming\DivX
2013-12-20 20:37 - 2012-08-20 15:19 - 00000000 ____D C:\Program Files\Common Files\DivX Shared
2013-12-20 20:08 - 2013-07-25 07:36 - 00000000 ____D C:\windows\system32\MRT
2013-12-20 20:03 - 2013-10-21 14:46 - 00002058 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-12-20 20:02 - 2013-12-20 20:03 - 00066752 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2013-12-20 20:02 - 2013-03-04 09:23 - 00180248 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-12-20 20:02 - 2011-03-08 15:38 - 00775952 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-12-20 20:02 - 2010-12-28 21:51 - 00410528 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2013-12-20 20:02 - 2010-12-28 21:51 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-12-20 20:02 - 2010-12-28 21:50 - 00270240 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2013-12-20 20:02 - 2010-12-28 21:50 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2013-12-20 20:01 - 2010-12-23 00:17 - 88123800 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-12-20 20:00 - 2013-12-09 06:21 - 00059402 _____ C:\windows\IE11_main.log
2013-12-20 18:51 - 2013-12-20 18:51 - 00000000 ____D C:\windows\pss
2013-12-20 18:00 - 2009-07-26 21:06 - 01584626 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-16 16:56 - 2013-10-02 09:14 - 00000000 ____D C:\Users\Merry\Desktop\VŠ
2013-12-14 22:42 - 2009-07-14 03:37 - 00000000 ____D C:\windows\rescache
2013-12-13 11:08 - 2009-07-14 05:53 - 00032604 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-13 11:00 - 2009-07-14 03:04 - 00000531 _____ C:\windows\win.ini
2013-12-10 22:25 - 2012-12-06 16:58 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-12-10 22:25 - 2011-05-15 08:28 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-08 15:15 - 2013-12-08 14:51 - 00026624 ____H C:\Users\Merry\Desktop\~WRL2795.tmp
2013-12-06 07:14 - 2012-07-01 20:13 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-01 19:34 - 2013-12-01 19:34 - 02923310 _____ C:\Users\Merry\Desktop\ANJ-internet - m.pptx
2013-12-01 19:24 - 2013-12-01 19:24 - 02931721 _____ C:\Users\Merry\Downloads\ANJ-internet (1).pptx
2013-12-01 19:16 - 2013-12-01 19:14 - 02931721 _____ C:\Users\Merry\Downloads\ANJ-internet.pptx
2013-12-01 17:42 - 2009-07-14 03:37 - 00000000 ____D C:\windows\Microsoft.NET
2013-12-01 02:03 - 2013-12-01 02:04 - 00140166 _____ C:\Users\Merry\Downloads\trz4E26.tmp
2013-11-26 15:35 - 2011-04-13 08:46 - 00000000 ____D C:\Users\Merry\Documents\Youcam
2013-11-26 05:55 - 2013-11-26 05:55 - 00000000 __SHD C:\found.000

Some content of TEMP:
====================
C:\Users\2\AppData\Local\Temp\DivXSetup.exe
C:\Users\2\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Merry\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\WxDFastUpdaterTask{E7F944E4-74E0-4636-A7F3-93F04A6B74DF}.job => C:\ProgramData\Premium\WxDFast\WxDFast.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Merry\Desktop" je 15937 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APLangApp
"C:\Program Files\AnyPC Client\APLangApp.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NCdownloader.lnk
C:\PROGRA~1\SOLIBO~1\NCDOWN~1\NCDOWN~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
  HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
  HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
  HKLM\...\Run: [ColdTurkey_notify] - D:\ColdTurkey\ct_notify.exe [47104 2013-01-01] ()
  HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
  HKU\2\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  Startup: C:\Users\Merry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
  URLSearchHook: HKLM - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
  URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
  SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_cs
  BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
  Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
  Toolbar: HKLM - No Name - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File
  Toolbar: HKLM - No Name - !{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
  Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
  
  FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
  FF Homepage: hxxp://igoogle.com/
  
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\WxDFastUpdaterTask{E7F944E4-74E0-4636-A7F3-93F04A6B74DF}.job => C:\ProgramData\Premium\WxDFast\WxDFast.exe
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

můžete mi prosím ve stručnosti vysvětlit o co se jedná? co bylo špatného na homepage ve FF a co se dělalo s těmi naplánovanými úlohami (především aktualizace)


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 25-12-2013
Ran by Merry at 2013-12-26 21:58:53 Run:1
Running from C:\Users\Merry\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM\...\Run: [ColdTurkey_notify] - D:\ColdTurkey\ct_notify.exe [47104 2013-01-01] ()
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKU\2\...\Run: [swg] - "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Startup: C:\Users\Merry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
URLSearchHook: HKLM - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... 1I7SMSN_cs
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - No Name - !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKLM - No Name - !{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF Homepage: hxxp://igoogle.com/

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\WxDFastUpdaterTask{E7F944E4-74E0-4636-A7F3-93F04A6B74DF}.job => C:\ProgramData\Premium\WxDFast\WxDFast.exe

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ColdTurkey_notify => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate => Value deleted successfully.
HKU\2\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
C:\Users\Merry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} => Key deleted successfully.
HKCR\CLSID\{53707962-6F74-2D53-2644-206D7942484F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\!{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{30F9B915-B755-4826-820B-08FBA6BD249D} => Value deleted successfully.
HKCR\CLSID\!{30F9B915-B755-4826-820B-08FBA6BD249D} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Value deleted successfully.
HKCR\CLSID\!{88c7f2aa-f93f-432c-8f0e-b7d85967a527} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
Firefox homepage deleted successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\WxDFastUpdaterTask{E7F944E4-74E0-4636-A7F3-93F04A6B74DF}.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

adresa googlu je http:\\google.com ne igoogle.com

Joby nejsou potreba - zbytecne tak stale nekde na pozadi bezi kontrola aktualizaci. Neni to nutne, jelikoz programy vzdy pri svem spusteni kontrolu svou aktualnost

Nastala nejaka zmena?

je to výrazně lepší, myslím že to můžeme úspěšně ukončit
ještě poprosím o shrnutí infekce, o jak silnou infekci pc se jednalo a o jaký druh infekce?
děkuji za odvirování

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Bylo tam hodne reklaminiho nezadouciho SW, chce to cist co se instaluje jako doprovod - vice zde http://www.viry.cz/pozor-na-to-co-vsech ... -pocitace/

A pokud nejsou problemy ci dotazy, je to z me strany vse

z mé strany je to taky vše, sestra Vám poslala drobné všimné přes PayPal s mým nickem v poznámce

Nemate zac, rad jsem pomohl Zase nekdy

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat