VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

zasekané neudržované PC

https://forum.viry.cz:443/viewtopic.php?t=135681

Stránka 1 z 2

zasekané neudržované PC

Napsal: 22 led 2014 12:52
od mAttt
Dobrý den....v PC je spousta problémů, od pomalého startu, přes pomalý chod, sekání, teď byl problém průzkumník přestal pracovat a podobně. Jsem laik...a dopředu vím, že se zhrozíte kolik špíny v PC mám... prosím tedy o pomoc...a o co nejlepší řešení situace.
zde přikládám LOG z FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-01-2014
Ran by mAt (administrator) on MAT-PC on 22-01-2014 12:46:09
Running from C:\Users\mAt\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
() C:\Windows\System32\dmwu.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(BitTorrent, Inc.) C:\Program Files\BitTorrent\BitTorrent.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Lavasoft.) C:\ProgramData\Search Protection\SearchProtection.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
() C:\Windows\System32\jmdp\stij.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\mAt\Desktop\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AMD AVT] - C:\Program Files\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [SearchProtection] - C:\ProgramData\Search Protection\_run.bat [168 2013-04-13] ()
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3451496 2011-02-23] (AVAST Software)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-04-06] (AMD)
HKCU\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
AppInit_DLLs: c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll => File Not Found
AppInit_DLLs: c:\progra~1\sshelp~1\sprote~1.dll => File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT3225826
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
URLSearchHook: HKLM - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
URLSearchHook: HKCU - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379248759
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1379248759
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/?q={searchTe ... 19dbd857be
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.qvo6.com/web/?utm_source= ... 1379248759
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://lavasoft.blekko.com/ws/?source=f ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3225826
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb128/?se ... 2f3kA&i=26
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - BitTorrentControl_v12 Toolbar - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\adawaretb\adawareDx.dll ()
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
Toolbar: HKCU - BitTorrentControl_v12 Toolbar - {B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14} - C:\Program Files\BitTorrentControl_v12\prxtbBit2.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\mAt\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2013-04-10]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-22]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-22]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]

Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Classic Isoball) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aklhapmhpooalphfffjnjinmhcgdeijd [2013-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Disk Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Select all Facebook friends) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-09-15]
CHR Extension: (Vyhled\u00E1v\u00E1n\u00ED Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (Rush Team) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdnoeebfjlplfkljdedokbcmebojbpb [2013-09-15]
CHR Extension: (Donna Karan) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2013-09-15]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnibmbcdeepaahjmddiihohjanlimlmj [2013-10-06]
CHR Extension: (Flow Game ) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhkenkiidlghkpkihaiojpjnngfocahn [2013-09-15]
CHR Extension: (Skype Click to Call) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-09-15]
CHR Extension: (BeGone) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-09-15]
CHR Extension: (Simple Adblock) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2013-09-15]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-22]
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2012-08-22]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [2013-09-16]

========================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184 2011-02-23] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-10-14] (Flexera Software, Inc.)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1560368 2014-01-08] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-06-05] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-06-05] ()
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-09-15] (Taiwan Shui Mu Chih Ching Technology Limited.)
S4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [x]
S2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [x]

==================== Drivers (Whitelisted) ====================

R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-03] (ATI Technologies Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-13] (GFI Software)
S2 aswFsBlk; No ImagePath
S1 aswFW; No ImagePath
S0 aswNdis2; No ImagePath
S1 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 12:46 - 2014-01-22 12:46 - 00021735 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-22 12:45 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-22 12:45 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-22 12:45 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-22 12:44 - 01221632 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:44 - 2014-01-22 12:44 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\FRSTLauncher (1).exe
2014-01-22 12:43 - 2014-01-22 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\Nepotvrzeno 263839.crdownload
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 09:03 - 2014-01-22 09:06 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-21 18:52 - 2014-01-21 18:52 - 00000000 ____D C:\Windows\system32\jmdp
2014-01-21 18:49 - 2014-01-22 09:18 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 18:05 - 2014-01-21 20:04 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 16:08 - 2014-01-21 16:14 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:39 - 2014-01-21 14:40 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-19 20:03 - 2014-01-19 20:05 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:00 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:57 - 2014-01-19 19:59 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:33 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:26 - 2014-01-20 05:56 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-19 18:09 - 2014-01-19 19:11 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-18 21:51 - 2014-01-18 23:43 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:06 - 2014-01-21 20:47 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-17 18:02 - 2014-01-17 18:05 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:02 - 2014-01-17 14:03 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:14 - 2014-01-15 19:55 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-14 12:14 - 2014-01-15 08:57 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe

==================== One Month Modified Files and Folders =======

2014-01-22 12:46 - 2014-01-22 12:46 - 00021735 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-22 12:45 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-22 12:45 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-22 12:45 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-22 12:44 - 01221632 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:44 - 2014-01-22 12:44 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\FRSTLauncher (1).exe
2014-01-22 12:44 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 12:44 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 12:43 - 2014-01-22 12:43 - 00112640 _____ (forum.viry.cz) C:\Users\mAt\Desktop\Nepotvrzeno 263839.crdownload
2014-01-22 12:43 - 2013-09-15 13:45 - 00000000 ____D C:\Program Files\WinZipper
2014-01-22 12:43 - 2012-08-22 21:34 - 01628321 _____ C:\Windows\WindowsUpdate.log
2014-01-22 12:41 - 2013-04-13 10:27 - 00000000 ____D C:\Program Files\Steam
2014-01-22 12:37 - 2013-09-15 14:07 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 12:37 - 2013-05-18 15:56 - 00000286 ____H C:\Windows\Tasks\Acrobat Update.job
2014-01-22 12:37 - 2012-08-22 22:18 - 00000000 ____D C:\Users\mAt\AppData\Roaming\BitTorrent
2014-01-22 12:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 12:37 - 2009-07-14 05:39 - 00080887 _____ C:\Windows\setupact.log
2014-01-22 12:24 - 2013-05-07 21:30 - 05958656 ___SH C:\Users\mAt\Desktop\Thumbs.db
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 12:13 - 2012-08-23 23:42 - 00007622 _____ C:\Users\mAt\AppData\Local\resmon.resmoncfg
2014-01-22 11:22 - 2013-09-15 14:07 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 09:18 - 2014-01-21 18:49 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-22 09:06 - 2014-01-22 09:03 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-22 08:50 - 2012-08-24 01:45 - 00000000 ____D C:\Users\mAt\AppData\Local\Adobe
2014-01-21 20:47 - 2014-01-18 21:06 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-21 20:04 - 2014-01-21 18:05 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 20:01 - 2012-10-24 20:28 - 00000000 ____D C:\Users\mAt\AppData\Local\CutePDF Writer
2014-01-21 18:52 - 2014-01-21 18:52 - 00000000 ____D C:\Windows\system32\jmdp
2014-01-21 16:14 - 2014-01-21 16:08 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:40 - 2014-01-21 14:39 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-21 12:42 - 2012-09-17 02:33 - 00000000 ____D C:\Windows\system32\ARFC
2014-01-21 12:41 - 2012-09-17 02:33 - 00000000 ____D C:\Windows\system32\WNLT
2014-01-20 08:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\TZI
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-20 05:56 - 2014-01-19 19:26 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-20 05:29 - 2012-08-22 21:53 - 00016777 _____ C:\Users\mAt\Documents\plot.log
2014-01-19 20:05 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:03 - 2014-01-19 20:00 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:59 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:57 - 2014-01-19 19:33 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:11 - 2014-01-19 18:09 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-19 10:15 - 2009-07-14 05:33 - 04151448 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 23:43 - 2014-01-18 21:51 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:55 - 2012-08-22 22:19 - 00148840 _____ C:\Users\mAt\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 21:43 - 2012-08-22 22:52 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2014-01-18 21:38 - 2012-08-22 22:52 - 00000000 ____D C:\ProgramData\Autodesk
2014-01-18 21:28 - 2010-11-20 22:01 - 01583754 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 21:24 - 2013-12-21 13:19 - 00000000 ____D C:\Users\mAt\Downloads\Insidious Chapter 2 (2013)
2014-01-18 18:30 - 2013-11-26 17:04 - 00000000 ____D C:\Users\mAt\Desktop\PP
2014-01-18 10:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\NK2
2014-01-17 18:05 - 2014-01-17 18:02 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:03 - 2014-01-17 14:02 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-16 13:49 - 2013-07-05 14:07 - 00000000 ____D C:\Users\mAt\Desktop\loga
2014-01-15 19:55 - 2014-01-14 12:14 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-15 08:57 - 2014-01-14 12:14 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:17 - 2013-06-07 20:48 - 00109568 ___SH C:\Users\mAt\Thumbs.db
2014-01-12 14:26 - 2013-05-13 09:34 - 00000000 ____D C:\Users\mAt\Desktop\sdilena slozka
2014-01-12 14:08 - 2013-11-02 13:46 - 00000000 ____D C:\Users\mAt\Desktop\PS5
2014-01-11 15:39 - 2010-11-20 22:48 - 00046618 _____ C:\Windows\PFRO.log
2014-01-11 10:57 - 2013-01-15 14:10 - 00000132 _____ C:\Users\mAt\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-08 20:30 - 2012-09-17 02:33 - 01560368 _____ C:\Windows\system32\dmwu.exe
2014-01-08 20:23 - 2012-09-17 02:33 - 00027136 _____ (IncrediMail, Ltd.) C:\Windows\system32\ImHttpComm.dll
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
2014-01-02 11:08 - 2013-11-26 17:54 - 00000000 ____D C:\Users\mAt\Desktop\interier

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 13:08

==================== End Of Log ============================

v příloze log Addition

Re: zasekané neudržované PC

Napsal: 22 led 2014 15:04
od vyosek
Zdravim :)

:arrow: Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna doamci verze :?:

Re: zasekané neudržované PC

Napsal: 22 led 2014 16:10
od mAttt
Dobrý den legalní je...dostal jsem jej od zaměstnavatele, když jsme přecházeli na WIN 7, po nákupu vícero kusů nám byly přiděleny verze navíc

Re: zasekané neudržované PC

Napsal: 22 led 2014 17:26
od vyosek
:arrow: Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Spustte tradicne dvouklikem
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: zasekané neudržované PC

Napsal: 22 led 2014 17:47
od mAttt
SC log....opoprve se mne neulozil... ale pote jiz ano

Shortcut Cleaner 1.2.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Ultimate Service Pack 1
Program started at: 01/22/2014 05:45:19 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\mAt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\mAt\Desktop


0 bad shortcuts found.

Program finished at: 01/22/2014 05:45:20 PM
Execution time: 0 hours(s), 0 minute(s), and 1 seconds(s)

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by mAt on st 22.01.2014 at 17:30:37,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1732373690-2763243939-2835114096-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\tarma installer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\adawarebp_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336d0c35-8a85-403a-b9d2-65c292c39087}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3225826
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\desk 365 runasstduser"
Successfully deleted: [File] "C:\Users\mAt\appdata\locallow\SkwConfig.bin"
Failed to delete: [File] "C:\Windows\system32\dmwu.exe"
Failed to delete: [File] "C:\Windows\system32\imhttpcomm.dll"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\ProgramData\search protection"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\desk 365"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\mAt\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\mAt\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\adawaretb"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\desk 365"
Successfully deleted: [Folder] "C:\Program Files\goforfiles"
Successfully deleted: [Folder] "C:\Program Files\web assistant"
Successfully deleted: [Folder] "C:\Windows\system32\arfc"
Successfully deleted: [Folder] "C:\Windows\system32\jmdp"
Successfully deleted: [Folder] "C:\Windows\system32\wnlt"



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 22.01.2014 at 17:33:32,08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner[S0] LOG

# AdwCleaner v3.017 - Report created 22/01/2014 at 17:36:39
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : mAt - MAT-PC
# Running from : C:\Users\mAt\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService
[#] Service Deleted : Web Assistant
Service Deleted : winzipersvc
[#] Service Deleted : WsysSvc

***** [ Files / Folders ] *****

Folder Deleted : C:\Conduit
Folder Deleted : C:\ProgramData\savenshare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Omiga Plus
Folder Deleted : C:\Program Files\ss helper
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\BitTorrentControl_v12
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\mAt\AppData\LocalLow\BitTorrentControl_v12
Folder Deleted : C:\Users\mAt\AppData\Roaming\337
Folder Deleted : C:\Users\mAt\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\mAt\AppData\Roaming\Omiga Plus
Folder Deleted : C:\Users\mAt\AppData\Roaming\WinZipper
File Deleted : C:\Windows\system32\dmwu.exe
File Deleted : C:\Windows\system32\ImhxxpComm.dll
File Deleted : C:\Program Files\Mozilla Firefox\user.js
File Deleted : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F5899F8-4F8B-431B-8753-78FCC38EAE63}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F5899F8-4F8B-431B-8753-78FCC38EAE63}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{014A4030-6161-4788-8FCF-718D9BA5AECE}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{014A4030-6161-4788-8FCF-718D9BA5AECE}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_360582d7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FARO LS_is1
Key Deleted : HKCU\Software\5e2d888bc6fea48
Key Deleted : HKLM\SOFTWARE\5e2d888bc6fea48
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E20AC1DB-792A-41CC-BC36-70C2EFE618C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80218C8E-7E3B-404D-953A-E0CD9483FB40}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11F9D507-3B95-4B5B-9A19-CE8A93CD6E48}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{B6AC5E3C-5CEB-4E72-B451-F0E1BA983C14}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\BitTorrentControl_v12
Key Deleted : HKCU\Software\AppDataLow\Software\adawaretb
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentControl_v12
Key Deleted : HKLM\Software\adawaretb
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\omigaplusSvc
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\BitTorrentControl_v12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentControl_v12 Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8432 octets] - [22/01/2014 17:34:19]
AdwCleaner[S0].txt - [8177 octets] - [22/01/2014 17:36:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8237 octets] ##########

Re: zasekané neudržované PC

Napsal: 22 led 2014 21:33
od vyosek
Poprosim o novy log z FRSTLaucheru

Re: zasekané neudržované PC

Napsal: 23 led 2014 03:05
od mAttt
log z frst
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-01-2014
Ran by mAt (administrator) on MAT-PC on 23-01-2014 03:04:09
Running from C:\Users\mAt\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(BitTorrent, Inc.) C:\Program Files\BitTorrent\BitTorrent.exe
(Lavasoft Limited) C:\Program Files\Ad-Aware Antivirus\AdAware.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(GFI Software) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(forum.viry.cz) C:\Users\mAt\Desktop\FRST-OlderVersion\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\PING.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [AMD AVT] - C:\Program Files\AMD AVT\bin\kdbsync.exe [10752 2012-02-21] ()
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-03] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [3451496 2011-02-23] (AVAST Software)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [hpqSRMon] - C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-04-06] (AMD)
HKCU\...\Run: [AdobeBridge] - [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\mAt\AppData\Roaming\Mozilla\Firefox\profiles\extensions\OneClickDownload@OneClickDownload.com [2013-04-10]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-04-18]

Chrome:
=======
CHR HomePage: hxxp://seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (QUAKE LIVE) - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
CHR Plugin: (Unity Player) - C:\Users\mAt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Classic Isoball) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aklhapmhpooalphfffjnjinmhcgdeijd [2013-10-06]
CHR Extension: (Google Docs) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Google Drive) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Select all Facebook friends) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbcjpjecmkjagmnhgfojblhjhnalbda [2013-09-15]
CHR Extension: (Google Search) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (Rush Team) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecdnoeebfjlplfkljdedokbcmebojbpb [2013-09-15]
CHR Extension: (Donna Karan) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2013-09-15]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnibmbcdeepaahjmddiihohjanlimlmj [2013-10-06]
CHR Extension: (Flow Game ) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhkenkiidlghkpkihaiojpjnngfocahn [2013-09-15]
CHR Extension: (Skype Click to Call) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-15]
CHR Extension: (Google Mail Checker) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2013-09-15]
CHR Extension: (BeGone) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndfpieflbjbdpgklkeolbmbdkfdiicfk [2013-09-15]
CHR Extension: (Simple Adblock) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfjefnfnmmnkcckbjjcganphignempo [2013-09-15]
CHR Extension: (Google Wallet) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\mAt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-09-16]

========================== Services (Whitelisted) =================

R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [42184 2011-02-23] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2012-10-14] (Flexera Software, Inc.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2013-06-05] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [189248 2013-06-05] ()
R2 SBAMSvc; C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3273088 2013-09-16] (Skype Technologies S.A.)
S4 avast! Firewall; "C:\Program Files\Alwil Software\Avast5\afwServ.exe" [x]

==================== Drivers (Whitelisted) ====================

R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-03] (ATI Technologies Inc.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-13] (GFI Software)
S2 aswFsBlk; No ImagePath
S1 aswFW; No ImagePath
S0 aswNdis2; No ImagePath
S1 aswRdr; No ImagePath
S1 aswSP; No ImagePath
S1 aswTdi; No ImagePath
S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-23 03:04 - 2014-01-23 03:04 - 00015486 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:37 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:30 - 2014-01-22 17:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 14:16 - 2014-01-22 14:16 - 07560104 _____ C:\Users\mAt\Desktop\da5_skripta_08.zip
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-22 12:45 - 2014-01-23 02:59 - 00000000 ____D C:\FRST
2014-01-22 12:44 - 2014-01-23 02:59 - 01222144 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 09:03 - 2014-01-22 17:29 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-21 18:49 - 2014-01-22 09:18 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 18:05 - 2014-01-21 20:04 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 16:08 - 2014-01-21 16:14 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:39 - 2014-01-21 14:40 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-19 20:03 - 2014-01-19 20:05 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:00 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:57 - 2014-01-19 19:59 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:33 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:26 - 2014-01-20 05:56 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-19 18:09 - 2014-01-19 19:11 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-18 21:51 - 2014-01-18 23:43 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:06 - 2014-01-21 20:47 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-17 18:02 - 2014-01-17 18:05 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:02 - 2014-01-17 14:03 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:14 - 2014-01-15 19:55 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-14 12:14 - 2014-01-15 08:57 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe

==================== One Month Modified Files and Folders =======

2014-01-23 03:04 - 2014-01-23 03:04 - 00015486 _____ C:\Users\mAt\Desktop\FRST.txt
2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 03:03 - 2014-01-23 02:59 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-23 03:03 - 2014-01-22 12:45 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
2014-01-23 03:03 - 2012-08-24 01:45 - 00000000 ____D C:\Users\mAt\AppData\Local\Adobe
2014-01-23 03:03 - 2012-08-22 22:18 - 00000000 ____D C:\Users\mAt\AppData\Roaming\BitTorrent
2014-01-23 03:00 - 2013-05-18 15:56 - 00000286 ____H C:\Windows\Tasks\Acrobat Update.job
2014-01-23 03:00 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-23 03:00 - 2009-07-14 05:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-23 02:59 - 2014-01-22 12:45 - 00000000 ____D C:\FRST
2014-01-23 02:59 - 2014-01-22 12:44 - 01222144 _____ (Farbar) C:\Users\mAt\Desktop\FRST.exe
2014-01-23 02:56 - 2012-08-22 21:34 - 01635774 _____ C:\Windows\WindowsUpdate.log
2014-01-23 02:53 - 2013-09-15 14:07 - 00000930 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-23 02:53 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-23 02:53 - 2009-07-14 05:39 - 00080999 _____ C:\Windows\setupact.log
2014-01-22 19:22 - 2013-09-15 14:07 - 00000934 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 17:45 - 2014-01-22 17:29 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:40 - 2013-04-13 10:27 - 00000000 ____D C:\Program Files\Steam
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:38 - 2010-11-20 22:48 - 00046946 _____ C:\Windows\PFRO.log
2014-01-22 17:37 - 2014-01-22 17:34 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:36 - 2012-08-22 22:00 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:30 - 2014-01-22 17:30 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:30 - 2014-01-22 12:47 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 17:29 - 2014-01-22 09:03 - 00000000 ____D C:\Users\mAt\Desktop\da
2014-01-22 17:29 - 2012-08-23 06:44 - 00001417 _____ C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 14:16 - 2014-01-22 14:16 - 07560104 _____ C:\Users\mAt\Desktop\da5_skripta_08.zip
2014-01-22 14:02 - 2013-05-07 21:30 - 05977088 ___SH C:\Users\mAt\Desktop\Thumbs.db
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:21 - 2014-01-22 12:21 - 00000334 _____ C:\Windows\system32\CountScans.XML
2014-01-22 12:13 - 2012-08-23 23:42 - 00007622 _____ C:\Users\mAt\AppData\Local\resmon.resmoncfg
2014-01-22 09:18 - 2014-01-21 18:49 - 322393332 _____ C:\Users\mAt\Desktop\anotace.psd
2014-01-21 20:47 - 2014-01-18 21:06 - 947005410 _____ C:\Users\mAt\Desktop\plakat.psd
2014-01-21 20:04 - 2014-01-21 18:05 - 344271824 _____ C:\Users\mAt\Desktop\cv.psd
2014-01-21 20:01 - 2012-10-24 20:28 - 00000000 ____D C:\Users\mAt\AppData\Local\CutePDF Writer
2014-01-21 16:14 - 2014-01-21 16:08 - 1641390802 _____ C:\Users\mAt\Desktop\banner.psb
2014-01-21 14:40 - 2014-01-21 14:39 - 17760614 _____ C:\Users\mAt\Desktop\pink, 2006, 30x24cm.tif
2014-01-20 08:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\TZI
2014-01-20 06:06 - 2014-01-20 06:06 - 00000000 ___HD C:\Users\mAt\Desktop\.picasaoriginals
2014-01-20 05:56 - 2014-01-19 19:26 - 00000000 ____D C:\Users\mAt\Desktop\atelier rotak5
2014-01-20 05:29 - 2012-08-22 21:53 - 00016777 _____ C:\Users\mAt\Documents\plot.log
2014-01-19 20:05 - 2014-01-19 20:03 - 00000000 ____D C:\Users\mAt\Desktop\stredni skola
2014-01-19 20:03 - 2014-01-19 20:00 - 00000000 ____D C:\Users\mAt\Desktop\skola
2014-01-19 19:59 - 2014-01-19 19:57 - 00000000 ____D C:\Users\mAt\Desktop\grafika klenovaklatovy
2014-01-19 19:57 - 2014-01-19 19:33 - 00000000 ____D C:\Users\mAt\Desktop\CVUT FA
2014-01-19 19:11 - 2014-01-19 18:09 - 1279048934 _____ C:\Users\mAt\Desktop\baner cloupa.psb
2014-01-19 10:15 - 2009-07-14 05:33 - 04151448 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 23:43 - 2014-01-18 21:51 - 1439305945 _____ C:\Users\mAt\Desktop\Untitled-1.psb
2014-01-18 21:55 - 2012-08-22 22:19 - 00148840 _____ C:\Users\mAt\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 21:43 - 2012-08-22 22:52 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2014-01-18 21:38 - 2012-08-22 22:52 - 00000000 ____D C:\ProgramData\Autodesk
2014-01-18 21:28 - 2010-11-20 22:01 - 01583754 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 21:24 - 2013-12-21 13:19 - 00000000 ____D C:\Users\mAt\Downloads\Insidious Chapter 2 (2013)
2014-01-18 18:30 - 2013-11-26 17:04 - 00000000 ____D C:\Users\mAt\Desktop\PP
2014-01-18 10:07 - 2013-11-02 13:43 - 00000000 ____D C:\Users\mAt\Desktop\NK2
2014-01-17 18:05 - 2014-01-17 18:02 - 00000000 ____D C:\Users\mAt\Downloads\The Secret Life of Walter Mitty[2013]DVDScr XviD-SaM[ETRG]
2014-01-17 14:03 - 2014-01-17 14:02 - 17787312 _____ C:\Users\mAt\Desktop\Unitled9a.tif
2014-01-16 13:49 - 2013-07-05 14:07 - 00000000 ____D C:\Users\mAt\Desktop\loga
2014-01-15 19:55 - 2014-01-14 12:14 - 09694420 _____ C:\Users\mAt\Desktop\Untitled-2.psd
2014-01-15 08:57 - 2014-01-14 12:14 - 08206178 _____ C:\Users\mAt\Desktop\Untitled-1.psd
2014-01-14 22:11 - 2014-01-14 22:11 - 00074391 _____ C:\Users\mAt\Desktop\The-Wolf-of-Wall-Street(0000230187).zip
2014-01-14 12:17 - 2013-06-07 20:48 - 00109568 ___SH C:\Users\mAt\Thumbs.db
2014-01-12 14:26 - 2013-05-13 09:34 - 00000000 ____D C:\Users\mAt\Desktop\sdilena slozka
2014-01-12 14:08 - 2013-11-02 13:46 - 00000000 ____D C:\Users\mAt\Desktop\PS5
2014-01-11 10:57 - 2013-01-15 14:10 - 00000132 _____ C:\Users\mAt\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-08 12:52 - 2014-01-08 12:52 - 00000000 ____D C:\Users\mAt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2014-01-02 17:28 - 2014-01-02 17:28 - 06614152 _____ (http://www.goforfiles.com/) C:\Users\mAt\Desktop\Vray-Exterior-Scenefree_downloader.exe
2014-01-02 11:08 - 2013-11-26 17:54 - 00000000 ____D C:\Users\mAt\Desktop\interier

Some content of TEMP:
====================
C:\Users\mAt\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 13:08

==================== End Of Log ============================

Re: zasekané neudržované PC

Napsal: 24 led 2014 16:46
od vyosek
:arrow: Odinstalujte Ad-Aware Antivirus a Ad-Aware Browsing Protection

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.

CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]

R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)

S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
C:\ProgramData\adawaretb
C:\Program Files\Ad-Aware Antivirus
C:\ProgramData\Ad-Aware Browsing Protection
C:\Users\mAt\AppData\Local\Temp\svchost.exe

Task: {F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} - System32\Tasks\Acrobat Update => C:\Users\mAt\AppData\Local\Temp\svchost.exe <==== ATTENTION
Task: C:\Windows\Tasks\Acrobat Update.job => C:\Users\mAt\AppData\Local\Temp\svchost.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: zasekané neudržované PC

Napsal: 24 led 2014 18:15
od mAttt
zde je ten frstlog
popravde nevim jestli jsem dokazal splnit vsechyn kroky...ADaware jsem odintaloval ale browser se mne nepodarilo najit... snad se to zdarilo jak melo...dopredu dekuji za ochotu a pomoc

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-01-2014
Ran by mAt at 2014-01-24 18:11:49 Run:3
Running from C:\Users\mAt\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM\...\Run: [Ad-Aware Antivirus] - "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM\...\Run: [AdobeCS6ServiceManager] - C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKCU\...\Run: [BitTorrent] - C:\Program Files\BitTorrent\BitTorrent.exe [2985328 2012-08-22] (BitTorrent, Inc.)
HKCU\...\Run: [AdobeBridge] - [x]

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM - DefaultScope value is missing.

CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-09-15]

R2 Ad-Aware Service; C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-18] (Lavasoft Limited)

S3 cpuz130; \??\C:\Users\mAt\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

2014-01-23 03:03 - 2014-01-23 03:03 - 00015327 _____ C:\Users\mAt\Desktop\LM.bat
2014-01-23 02:59 - 2014-01-23 03:03 - 00000000 ____D C:\Users\mAt\Desktop\FRST-OlderVersion
2014-01-22 17:39 - 2014-01-22 17:39 - 00008317 _____ C:\Users\mAt\Desktop\AdwCleaner[S0].txt
2014-01-22 17:39 - 2014-01-22 17:39 - 00000000 ____D C:\Users\mAt\AppData\Local\adawarebp
2014-01-22 17:34 - 2014-01-22 17:34 - 00000088 _____ C:\Users\mAt\Desktop\17646152614554672593.log
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT1.txt
2014-01-22 17:33 - 2014-01-22 17:33 - 00012523 _____ C:\Users\mAt\Desktop\JRT.txt
2014-01-22 17:29 - 2014-01-22 17:45 - 00001776 _____ C:\sc-cleaner.txt
2014-01-22 17:27 - 2014-01-22 17:27 - 01037068 _____ (Thisisu) C:\Users\mAt\Desktop\JRT.exe
2014-01-22 17:27 - 2014-01-22 17:27 - 00406264 _____ (Bleeping Computer, LLC) C:\Users\mAt\Desktop\sc-cleaner.exe
2014-01-22 13:09 - 2014-01-22 13:09 - 01236282 _____ C:\Users\mAt\Desktop\adwcleaner.exe
2014-01-22 12:48 - 2014-01-22 12:48 - 00006908 _____ C:\Users\mAt\Desktop\Addition.zip
2014-01-22 12:47 - 2014-01-22 17:30 - 00033317 _____ C:\Users\mAt\Desktop\FRST2.txt
2014-01-22 12:45 - 2014-01-23 03:03 - 00029696 _____ C:\Users\mAt\AppData\Local\MSGBOX.EXE
C:\ProgramData\adawaretb
C:\Program Files\Ad-Aware Antivirus
C:\ProgramData\Ad-Aware Browsing Protection
C:\Users\mAt\AppData\Local\Temp\svchost.exe

Task: {F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} - System32\Tasks\Acrobat Update => C:\Users\mAt\AppData\Local\Temp\svchost.exe <==== ATTENTION
Task: C:\Windows\Tasks\Acrobat Update.job => C:\Users\mAt\AppData\Local\Temp\svchost.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Browsing Protection => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Antivirus => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value not found.
Default URLSearchHook was restored successfully .
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik => Key not found.
"C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx" => File/Directory not found.
Ad-Aware Service => Service not found.
cpuz130 => Service not found.
SBRE => Service not found.
VGPU => Service not found.
"C:\Users\mAt\Desktop\LM.bat" => File/Directory not found.
"C:\Users\mAt\Desktop\FRST-OlderVersion" => File/Directory not found.
"C:\Users\mAt\Desktop\AdwCleaner[S0].txt" => File/Directory not found.
"C:\Users\mAt\AppData\Local\adawarebp" => File/Directory not found.
"C:\Users\mAt\Desktop\17646152614554672593.log" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT1.txt" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT.txt" => File/Directory not found.
"C:\sc-cleaner.txt" => File/Directory not found.
"C:\Users\mAt\Desktop\JRT.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\sc-cleaner.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\adwcleaner.exe" => File/Directory not found.
"C:\Users\mAt\Desktop\Addition.zip" => File/Directory not found.
"C:\Users\mAt\Desktop\FRST2.txt" => File/Directory not found.
"C:\Users\mAt\AppData\Local\MSGBOX.EXE" => File/Directory not found.
"C:\ProgramData\adawaretb" => File/Directory not found.
"C:\Program Files\Ad-Aware Antivirus" => File/Directory not found.
"C:\ProgramData\Ad-Aware Browsing Protection" => File/Directory not found.
"C:\Users\mAt\AppData\Local\Temp\svchost.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6233F82-3EA9-48D8-A6BF-55E8AF7FF626} => Key not found.
C:\Windows\System32\Tasks\Acrobat Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Acrobat Update => Key not found.
C:\Windows\Tasks\Acrobat Update.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Re: zasekané neudržované PC

Napsal: 25 led 2014 06:53
od vyosek
Jak se chova PC??

Re: zasekané neudržované PC

Napsal: 25 led 2014 10:49
od mAttt
PC se chova dober...je rychlejsi a i privetivejsi...uz mne nedela naschvaly.....:), moc Vam dekuji
chci se zeptat, kdyz jsem odinstaloval ADaaware, jaky antivir by ste doporucil...a popripade jak casto mam tento zpusob procisteni pc opakovat....

Re: zasekané neudržované PC

Napsal: 26 led 2014 14:31
od mAttt
Dobrý den, bohužel teď se objevily problémy s PC...padá a samo od sebe se vypíná, také jsem zjistil, že nejdou některé programy ani spustit. Chci se zeptat kde by mohl být problém a jak jej vyřešit

Re: zasekané neudržované PC

Napsal: 27 led 2014 06:47
od vyosek
Problemy stale pretrvavaji??

Vypina\pada pri nejake konkretni cinnosti nebo jen nahodne?

Re: zasekané neudržované PC

Napsal: 27 led 2014 11:10
od mAttt
problemy stale pretrvavaji. vzdy se objevi modra smrt a to zcela necekane....prehrivat se neprehriva...teploty CPU nepresahuji pri max zatezi 40 C, tak nevim kde to muze byt, dal jsem bod obnovy, ale stale se tak deje

Re: zasekané neudržované PC

Napsal: 27 led 2014 14:15
od vyosek
:arrow: Zabalte mi prosim obsah slozky c:\windows\minidump a nekam uploadnete

:arrow: Udelejte CDI dle kolegy
MiliNess píše:Stáhni CrystalDiskInfo, v nabídce Úpravy zvol Kopírovat a obsah schránky sem vlož pomocí Ctrl+V.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz