VIRY.CZ

Zdravím dostal sa mi do rúk starší notebook, v ktorom je kvantum bordelu a je extrémne spomalený.


Logfile of random's system information tool 1.08 (written by random/random)
Run by zdenoz at 2014-02-26 23:35:30
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (15%) free of 183 GB
Total RAM: 2046 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:36:04, on 26.02.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\FILSHtray\FILSHtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Sony\Network Utility\LANUtil.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\explorer.exe
C:\Users\zdenoz\Desktop\RSIT-1.06.exe
C:\Program Files\trend micro\zdenoz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10641A& ... =2-263&t=6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [FILSHtray] "C:\Program Files\FILSHtray\FILSHtray.exe"
O4 - HKCU\..\Run: [NSUFloatingUI] "C:\Program Files\Sony\Network Utility\LANUtil.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NSUService - Sony Corporation - C:\Program Files\Sony\Network Utility\NSUService.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\zdenoz\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12395 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cee96d70d04f1d.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf322b449304f0.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02 4296864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-08-25 4669440]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2007-06-10 118784]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2007-09-19 311296]
"MarketingTools"=C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [2007-11-22 36864]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"Skytel"=C:\Windows\Skytel.exe [2007-08-25 1826816]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-16 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-16 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-16 81920]
"FILSHtray"=C:\Program Files\FILSHtray\FILSHtray.exe [2011-12-16 596992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NSUFloatingUI"=C:\Program Files\Sony\Network Utility\LANUtil.exe [2007-09-20 253952]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-06-03 19603048]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-22 116040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-07-30 289064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
C:\Program Files\Picasa2\PicasaMediaDetector.exe [2008-02-26 443968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\Windows\system32\VESWinlogon.dll [2007-08-14 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe"="C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-02-26 23:35:31 ----D---- C:\Program Files\trend micro
2014-02-26 23:35:30 ----D---- C:\rsit
2014-02-26 23:10:19 ----D---- C:\Windows\Migration
2014-02-26 23:10:11 ----SHD---- C:\Config.Msi
2014-02-26 03:02:43 ----A---- C:\Windows\system32\vbscript.dll
2014-02-26 03:02:43 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-26 03:02:41 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-26 03:02:41 ----A---- C:\Windows\system32\ieui.dll
2014-02-26 03:02:40 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-26 03:02:40 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-26 03:02:39 ----A---- C:\Windows\system32\wininet.dll
2014-02-26 03:02:39 ----A---- C:\Windows\system32\jscript.dll
2014-02-26 03:02:37 ----A---- C:\Windows\system32\url.dll
2014-02-26 03:02:37 ----A---- C:\Windows\system32\jscript9.dll
2014-02-26 03:02:36 ----A---- C:\Windows\system32\iertutil.dll
2014-02-26 03:02:35 ----A---- C:\Windows\system32\urlmon.dll
2014-02-26 03:02:34 ----A---- C:\Windows\system32\ieframe.dll
2014-02-26 03:02:31 ----A---- C:\Windows\system32\mshtml.dll
2014-02-25 14:08:37 ----D---- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2014-02-25 14:07:04 ----A---- C:\Windows\system32\wscript.exe
2014-02-25 14:07:04 ----A---- C:\Windows\system32\cscript.exe
2014-02-25 14:07:03 ----A---- C:\Windows\system32\wshcon.dll
2014-02-25 14:07:03 ----A---- C:\Windows\system32\scrrun.dll
2014-02-25 14:07:00 ----A---- C:\Windows\system32\win32k.sys
2014-02-25 14:06:57 ----A---- C:\Windows\system32\msxml3.dll
2014-02-25 14:06:56 ----A---- C:\Windows\system32\SysFxUI.dll
2014-02-25 14:06:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-02-25 14:06:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-02-25 14:06:54 ----A---- C:\Windows\system32\imagehlp.dll
2014-02-25 13:46:04 ----A---- C:\AVScanner.ini
2014-02-25 13:40:45 ----D---- C:\Program Files\CCleaner
2014-02-25 13:33:41 ----D---- C:\ProgramData\2961
2014-01-16 01:40:14 ----A---- C:\SecurityScanner.dll

======List of files/folders modified in the last 3 months======

2014-02-26 23:35:46 ----D---- C:\Windows\Temp
2014-02-26 23:35:31 ----RD---- C:\Program Files
2014-02-26 23:34:35 ----D---- C:\Windows\System32
2014-02-26 23:34:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-26 23:31:03 ----D---- C:\Windows\Microsoft.NET
2014-02-26 23:31:02 ----RSD---- C:\Windows\assembly
2014-02-26 23:28:28 ----D---- C:\Users\zdenoz\AppData\Roaming\Skype
2014-02-26 23:25:26 ----D---- C:\ProgramData\TorchCrashHandler
2014-02-26 23:21:40 ----D---- C:\Windows
2014-02-26 23:21:25 ----D---- C:\Windows\system32\migration
2014-02-26 23:21:22 ----D---- C:\Program Files\Internet Explorer
2014-02-26 23:21:15 ----D---- C:\Windows\system32\drivers
2014-02-26 23:21:14 ----D---- C:\Windows\system32\RTCOM
2014-02-26 23:21:08 ----D---- C:\Windows\inf
2014-02-26 23:19:58 ----D---- C:\Windows\winsxs
2014-02-26 23:19:36 ----SHD---- C:\Windows\Installer
2014-02-26 23:16:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-26 23:11:20 ----D---- C:\Windows\system32\en-US
2014-02-26 23:10:19 ----SD---- C:\ProgramData\Microsoft
2014-02-26 03:11:30 ----D---- C:\Windows\system32\MRT
2014-02-26 03:04:51 ----D---- C:\Windows\system32\catroot
2014-02-26 03:03:49 ----D---- C:\Windows\system32\catroot2
2014-02-26 03:01:34 ----SHD---- C:\System Volume Information
2014-02-25 14:20:22 ----HD---- C:\ProgramData
2014-02-25 14:20:21 ----D---- C:\Program Files\Google
2014-02-25 14:12:43 ----D---- C:\Windows\Tasks
2014-02-25 14:05:51 ----D---- C:\Program Files\iMesh Applications
2014-02-25 14:04:13 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-02-25 14:00:11 ----SHD---- C:\Windows\system32\AI_RecycleBin
2014-02-25 13:58:54 ----D---- C:\Program Files\Mozilla Firefox
2014-02-25 13:57:48 ----D---- C:\ProgramData\YAHOO
2014-02-25 13:57:42 ----D---- C:\Program Files\Yahoo!
2014-02-25 13:56:49 ----D---- C:\Program Files\Common Files
2014-02-25 13:54:01 ----D---- C:\Big Fish Games
2014-02-25 13:52:13 ----D---- C:\Program Files\BearShare Applications
2014-02-25 13:44:30 ----D---- C:\ProgramData\Google
2014-02-25 13:40:54 ----D---- C:\Windows\system32\Tasks
2014-02-25 13:38:40 ----D---- C:\Windows\Prefetch
2014-02-04 19:09:42 ----A---- C:\Windows\system32\mrt.exe
2013-12-18 06:13:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-11-27 17:33:56 ----D---- C:\Program Files\Picasa2
2013-11-27 16:45:44 ----D---- C:\Windows\rescache
2013-11-27 15:19:09 ----D---- C:\Windows\system32\de-DE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-03-01 277784]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-10-26 43872]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2009-05-27 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-05-27 75096]
R1 DMICall;Sony DMI Call service; C:\Windows\system32\DRIVERS\DMICall.sys [2007-09-19 10216]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-11-08 21248]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-10-25 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-17 11032]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-25 8192]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-06-10 140800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2009-05-27 52056]
R3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-10-25 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-10-25 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-08-25 1841312]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-09-19 2222080]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-16 7626400]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys [2007-08-29 9344]
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys [2007-06-06 812544]
R3 usbaudio;USB-Audiotreiber (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-10-25 659968]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-10-25 246784]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-06-15 705024]
S3 drmkaud;Microsoft Kernel-DRM-Audioentschlüsselung; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA-Funktionstreiber für High Definition Audio-Dienst; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Proxy für Streaming Clock; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Proxy für Streaming Quality Manager; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-Konvertierung; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG-Adaptertreiber für Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver; C:\Windows\system32\DRIVERS\SE1008mdm.sys [2009-02-18 58536]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-26 128104]
S4 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Planer; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-25 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-25 151297]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-22 116040]
R2 Bonjour Service;Bonjour-Dienst; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NSUService;NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [2007-09-20 204800]
R2 TorchCrashHandler;Torch Crash Handler; C:\Users\zdenoz\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-06-20 1205088]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-08-14 182392]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2007-08-28 192512]
R2 VzFw;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [2007-08-28 131072]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-25 386560]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2008-07-30 532264]
R3 Vcsw;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [2007-06-28 274432]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-20 136176]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2006-04-14 28933976]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26 257928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-20 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MSCSPTISRV;MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [2006-12-14 45056]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PACSPTISVR;PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [2006-12-14 57344]
S3 SPTISRV;Sony SPTI Service; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [2006-12-14 69632]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2007-06-28 73728]
S3 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2007-06-20 2523136]
S3 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [2007-06-20 499712]
S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-10 745472]
S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-06-20 397312]
S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP); C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-06-20 1089536]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-28 292128]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-09-20 79136]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;Hilfsdienst von SQL Server für Active Directory; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLBrowser;SQL Server-Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2006-04-14 240416]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

JRT


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by zdenoz on 05.03.2014 at 14:50:01,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] torchcrashhandler
Successfully deleted: [Service] torchcrashhandler



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2002}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\torchcrashhandler"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\imeshbandmltbpi"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\mediabarim"
Successfully deleted: [Folder] "C:\Users\zdenoz\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Program Files\bearshare applications"
Successfully deleted: [Folder] "C:\Program Files\free offers from freeze.com"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\imeshwebsearch.xml"
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\search_results.xml"
Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\searchplugins\imeshwebsearch.xml
Successfully deleted: [File] C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\searchplugins\searchresults.xml
Failed to delete: [Folder] "C:\Program Files\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted the following from C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\prefs.js

user_pref("browser.search.defaultenginename", "Search Results");
user_pref("browser.search.order.1", "Search Results");
user_pref("browser.search.selectedEngine", "Search Results");
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10641A&gct=hp&d=2-263&t=6");
user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=263&systemid=2&apn_dtid=IME0022&apn_ptnrs=AG2&apn_uid=3450839616254456&o=APN10641&q=");
Emptied folder: C:\Users\zdenoz\AppData\Roaming\mozilla\firefox\profiles\8qlkwq29.default\minidumps [4 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\zdenoz\appdata\local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.03.2014 at 14:55:08,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.020 - Bericht erstellt am 05/03/2014 um 15:16:53
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : zdenoz - ZDENOZ-PC
# Gestartet von : C:\Users\zdenoz\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\iMesh Applications
Ordner Gelöscht : C:\Users\zdenoz\AppData\Local\iMesh
Ordner Gelöscht : C:\Users\zdenoz\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\zdenoz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Ordner Gelöscht : C:\Users\zdenoz\Documents\iMesh
Ordner Gelöscht : C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\mediabarim
Ordner Gelöscht : C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Datei Gelöscht : C:\Users\zdenoz\Desktop\eBay.lnk
Datei Gelöscht : C:\Program Files\Mozilla Firefox\.autoreg
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15A0413E-9F45-4D45-9A75-2C20B15B5B51}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15A0413E-9F45-4D45-9A75-2C20B15B5B51}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15A0413E-9F45-4D45-9A75-2C20B15B5B51}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Schlüssel Gelöscht : HKCU\Software\Imesh
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\iMeshMediabarTb
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\mediabarim
Schlüssel Gelöscht : HKLM\Software\iMeshMediabarTb
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh 1 MediaBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\iMesh MediaBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Imesh
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v3.0.3 (de)

[ Datei : C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ Datei : C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [4577 octets] - [05/03/2014 14:58:29]
AdwCleaner[S0].txt - [4448 octets] - [05/03/2014 15:16:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4508 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 02-March-2014
Tool run by zdenoz on 06.03.2014 at 10:38:33,97.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\zdenoz\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

06.03.2014 10:39:38 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\SearchScopes\{7A61B193-B145-4AB5-B0D4-DA6E3050D861} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA6319C0-31B7-401E-A518-A07C3DB8F777} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA6319C0-31B7-401E-A518-A07C3DB8F777} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{28387537-E3F9-4ED7-860C-11E69AF4A8A0} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{CA6319C0-31B7-401E-A518-A07C3DB8F777} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Approved Extensions\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\prefs.js:

Added to C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Program Files\Yahoo! deleted
C:\PROGRA~2\YAHOO deleted
C:\Users\zdenoz\Downloads\iLividSetup.exe deleted
C:\Users\zdenoz\Downloads\BearShareSetup-r263-n-bc.exe deleted
"C:\Program Files\Mozilla Firefox" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03.09.2009 17:18]

==== Firefox Extensions ======================

ProfilePath: C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

==== Firefox Plugins ======================

Profilepath: C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default
27F9E0201D27D1C6472285DE35898CA1 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.5 (861)
DD3733576798FBA50DF8D977D3595FCD - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.5 (861)
83D62147873E2694E0D0E24C19CCB17F - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.5 (861)
A0D862C01ACB11DE388908484D267965 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.5 (861)
4AF186D3DFE4FBE26BD1F4B0F8BD60B1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.5 (861)
FED0904155C01608D2574F9A7FD2E469 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.5 (861)
1E5E00A2E9095A3737C0BD05A56ED2E4 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.5 (861)
04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat
E3811F1A1C5063C941EC0E2766C3EA39 - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll - Java(TM) Platform SE 6 U2
01D39AC177934F0A5B3675FAA952393D - C:\Program Files\Java\jre1.6.0_02\bin\npjava12.dll - Java(TM) Platform SE 6 U2
794DCC4795CC04FEEC52543B71E04CDF - C:\Program Files\Java\jre1.6.0_02\bin\npjava11.dll - Java(TM) Platform SE 6 U2
1F7BF9B81A4FE5C468306BEEBD982765 - C:\Program Files\Java\jre1.6.0_02\bin\npoji610.dll - Java(TM) Platform SE 6 U2
DBECEFF44595A35267C8A388562A9D46 - C:\Program Files\Java\jre1.6.0_02\bin\npjava32.dll - Java(TM) Platform SE 6 U2
73BAAA464E8643768F808E77D819B117 - C:\Program Files\Java\jre1.6.0_02\bin\npjava14.dll - Java(TM) Platform SE 6 U2
65BD514522DA53C55CFB2AE4BE37593E - C:\Program Files\Java\jre1.6.0_02\bin\npjava13.dll - Java(TM) Platform SE 6 U2
CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Picasa2\npPicasa3.dll - Picasa
7550FC1ADE982582D5920BEA6430E3D4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
25D7EF6FBCE1D0723F394A498E334A9F - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll - DivX Player Netscape Plugin
0EA6140E578873053BFFD37C9EB748EC - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
99F97C9FE748C37528C338A423577FCB - C:\Users\zdenoz\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin


==== Chrome Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Page_URL"="http://www.club-vaio.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.club-vaio.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{1B0442D8-BED4-4AD6-AB72-DCA5038A195C} Google Url="http://www.google.com/search?q={searchT ... 1I7SNYK_de"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zdenoz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zdenoz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\zdenoz\AppData\Local\Mozilla\Firefox\Profiles\8qlkwq29.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=192 folders=27 31738652 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\zdenoz\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\zdenoz\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\zdenoz\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files\Mozilla Firefox" not found

==== EOF on 06.03.2014 at 11:01:41,85 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-03-2014 01
Ran by zdenoz (administrator) on ZDENOZ-PC on 08-03-2014 00:01:34
Running from C:\Users\zdenoz\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files\Sony\ISB Utility\ISBMgr.exe
(Sony NSCE) C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\LANUtil.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4669440 2007-08-25] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [118784 2007-06-10] (Alps Electric Co., Ltd.)
HKLM\...\Run: [ISBMgr.exe] - C:\Program Files\Sony\ISB Utility\ISBMgr.exe [311296 2007-09-19] (Sony Corporation)
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [36864 2007-11-22] (Sony NSCE)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-08-25] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvSvc] - C:\Windows\system32\nvsvc.dll [86016 2007-11-16] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8497696 2007-11-16] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [81920 2007-11-16] (NVIDIA Corporation)
HKLM\...\Run: [FILSHtray] - C:\Program Files\FILSHtray\FILSHtray.exe [596992 2011-12-16] (FILSH Media GmbH)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)
HKU\.DEFAULT\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-02-26] (Google Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [253952 2007-09-20] (Sony Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\MountPoints2: {cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} - F:\wubi.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1B0442D8-BED4-4AD6-AB72-DCA5038A195C} URL = http://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 8.8.8.8 8.8.4.4 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\zdenoz\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\zdenoz\AppData\Roaming\Mozilla\Firefox\Profiles\8qlkwq29.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-09-05]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-06]
CHR Extension: (Disk Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-06]
CHR Extension: (YouTube) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-05]
CHR Extension: (Hľadať v Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-05]
CHR Extension: (Peňaženka Google) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]
CHR Extension: (Gmail) - C:\Users\zdenoz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-05]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [116040 2008-07-22] (Apple Inc.)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [583048 2008-01-29] (Symantec Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45272 2005-10-14] (Microsoft Corporation)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [204800 2007-09-20] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-08-14] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-06-20] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-06-20] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292128 2007-09-28] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
S3 SE1008mdm; C:\Windows\System32\DRIVERS\SE1008mdm.sys [58536 2009-02-18] (Sony Ericsson)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-06] (Texas Instruments)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-08 00:01 - 2014-03-08 00:02 - 00014975 _____ () C:\Users\zdenoz\Desktop\FRST.txt
2014-03-08 00:01 - 2014-03-08 00:01 - 00000000 ____D () C:\FRST
2014-03-08 00:00 - 2014-03-07 23:58 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:45 - 2014-03-07 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:44 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Desktop\FRST.exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:51 - 2014-03-06 10:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:39 - 2014-03-06 11:01 - 00012493 _____ () C:\zoek-results.log
2014-03-06 10:38 - 2014-03-06 10:49 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-05 14:58 - 2014-03-05 15:17 - 00000000 ____D () C:\AdwCleaner
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:48 - 2014-03-05 14:48 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 14:47 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe
2014-03-05 14:37 - 2014-03-08 00:00 - 00000830 _____ () C:\Windows\setupact.log
2014-03-05 14:37 - 2014-03-05 14:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-26 23:35 - 2014-02-26 23:36 - 00000000 ____D () C:\rsit
2014-02-26 23:35 - 2014-02-26 23:36 - 00000000 ____D () C:\Program Files\trend micro
2014-02-26 23:32 - 2014-02-26 23:32 - 00339991 _____ () C:\Users\zdenoz\Desktop\RSIT-1.06.exe
2014-02-26 03:02 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-26 03:02 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-26 03:02 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-26 03:02 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-26 03:02 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-26 03:02 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-26 03:02 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-26 03:02 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-26 03:02 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-26 03:02 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-26 03:02 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-26 03:02 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-26 03:02 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-25 14:12 - 2014-03-07 23:53 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf322b449304f0.job
2014-02-25 14:08 - 2014-02-25 14:08 - 00000000 ____D () C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2014-02-25 14:07 - 2013-10-30 01:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-25 14:07 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-25 14:07 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-25 14:07 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-02-25 14:07 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-25 14:07 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-25 14:06 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-25 14:06 - 2013-10-30 03:12 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-02-25 14:06 - 2013-10-30 02:43 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-25 14:06 - 2013-10-30 01:43 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-25 14:06 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-25 13:46 - 2014-02-25 13:38 - 00000426 _____ () C:\AVScanner.ini
2014-02-25 13:40 - 2014-02-25 13:40 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-25 13:40 - 2014-02-25 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-25 13:33 - 2014-02-25 13:33 - 00000000 ____D () C:\ProgramData\2961

==================== One Month Modified Files and Folders =======

2014-03-08 00:02 - 2014-03-08 00:01 - 00014975 _____ () C:\Users\zdenoz\Desktop\FRST.txt
2014-03-08 00:01 - 2014-03-08 00:01 - 00000000 ____D () C:\FRST
2014-03-08 00:00 - 2014-03-05 14:37 - 00000830 _____ () C:\Windows\setupact.log
2014-03-07 23:58 - 2014-03-08 00:00 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:53 - 2014-02-25 14:12 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf322b449304f0.job
2014-03-07 23:49 - 2012-09-05 21:26 - 00002000 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-07 23:49 - 2010-09-20 21:43 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 23:46 - 2014-03-07 23:45 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:44 - 2008-06-24 18:30 - 00180830 _____ () C:\Users\zdenoz\AppData\Roaming\nvModes.001
2014-03-07 23:43 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Desktop\FRST.exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-07 23:43 - 2008-06-24 18:15 - 01732164 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 23:41 - 2012-09-05 21:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 11:01 - 2014-03-06 10:39 - 00012493 _____ () C:\zoek-results.log
2014-03-06 11:01 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 11:01 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 11:01 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:59 - 2006-11-02 14:01 - 00032562 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-06 10:59 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-06 10:49 - 2014-03-06 10:38 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:37 - 2014-03-06 10:38 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-06 10:34 - 2012-09-05 21:25 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-06 10:34 - 2012-09-05 21:25 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-05 15:17 - 2014-03-05 14:58 - 00000000 ____D () C:\AdwCleaner
2014-03-05 15:12 - 2006-11-02 11:33 - 01679994 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:48 - 2014-03-05 14:48 - 00000000 ____D () C:\Windows\ERUNT
2014-03-05 14:43 - 2014-03-05 14:47 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:43 - 2014-03-05 14:42 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:39 - 2014-03-05 14:42 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe
2014-03-05 14:37 - 2014-03-05 14:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 14:36 - 2008-07-01 00:29 - 00000000 ____D () C:\Users\zdenoz\AppData\Roaming\Skype
2014-02-26 23:56 - 2008-08-05 13:45 - 00000000 ____D () C:\Windows\Minidump
2014-02-26 23:56 - 2007-11-22 01:14 - 00000000 ____D () C:\Windows\Panther
2014-02-26 23:36 - 2014-02-26 23:35 - 00000000 ____D () C:\rsit
2014-02-26 23:36 - 2014-02-26 23:35 - 00000000 ____D () C:\Program Files\trend micro
2014-02-26 23:32 - 2014-02-26 23:32 - 00339991 _____ () C:\Users\zdenoz\Desktop\RSIT-1.06.exe
2014-02-26 23:25 - 2006-11-02 13:47 - 00404552 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-26 23:21 - 2007-11-22 09:44 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-02-26 03:15 - 2013-08-04 15:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-25 14:20 - 2007-11-22 09:26 - 00000000 ____D () C:\Program Files\Google
2014-02-25 14:09 - 2008-10-13 19:27 - 00003211 _____ () C:\Windows\system32\sdkinst.log
2014-02-25 14:08 - 2014-02-25 14:08 - 00000000 ____D () C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2014-02-25 14:04 - 2007-12-10 03:44 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-25 13:57 - 2008-10-13 18:32 - 00000000 ____D () C:\Users\zdenoz\AppData\Local\Yahoo
2014-02-25 13:54 - 2007-11-22 11:08 - 00000000 ____D () C:\Big Fish Games
2014-02-25 13:52 - 2008-06-26 21:19 - 00000049 __RSH () C:\Users\Public\Documents\HBEPGUID.TXT
2014-02-25 13:44 - 2008-06-24 18:30 - 00000000 ____D () C:\Users\zdenoz\AppData\Local\Google
2014-02-25 13:44 - 2007-11-22 11:13 - 00000000 ____D () C:\ProgramData\Google
2014-02-25 13:40 - 2014-02-25 13:40 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-25 13:40 - 2014-02-25 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-25 13:38 - 2014-02-25 13:46 - 00000426 _____ () C:\AVScanner.ini
2014-02-25 13:36 - 2012-09-12 17:30 - 00000000 ____D () C:\Users\zdenoz\Documents\DriverGenius
2014-02-25 13:33 - 2014-02-25 13:33 - 00000000 ____D () C:\ProgramData\2961

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira AntiVir PersonalEdition (Disabled - Up to date) {090F9C29-64CE-6C6F-379C-5901B49A85B7}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\zdenoz\Desktop" je 34239 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor
C:\Windows\PixArt\PAC207\Monitor.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector
C:\Program Files\Picasa2\PicasaMediaDetector.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng
"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe"="C:\\Program Files\\Yahoo!\\Yahoo! Music Jukebox\\YahooMusicEngine.exe:*:Enabled:Yahoo! Music Jukebox"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [36864 2007-11-22] (Sony NSCE)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
  HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
  HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
  HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
  HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
  HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\MountPoints2: {cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} - F:\wubi.exe
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.sony.com/de
  http://www.club-vaio.com/vbc
  HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.sony.com/de
  http://www.club-vaio.com/vbc
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKLM - {1B0442D8-BED4-4AD6-AB72-DCA5038A195C} URL = http://www.google.de/search?hl=de&q={searchTerms}&meta=
  SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  
  S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
  S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
  S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
  S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
  S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
  
  2014-03-08 00:00 - 2014-03-07 23:58 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
  2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
  2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
  2014-03-07 23:45 - 2014-03-07 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
  2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
  2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
  2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
  2014-03-06 10:51 - 2014-03-06 10:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-03-06 10:39 - 2014-03-06 11:01 - 00012493 _____ () C:\zoek-results.log
  2014-03-06 10:38 - 2014-03-06 10:49 - 00000000 ____D () C:\zoek_backup
  2014-03-06 10:38 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
  2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
  2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
  2014-03-05 14:47 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
  2014-03-05 14:42 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
  2014-03-05 14:42 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
  2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng" /f
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Neviem, ci sa mal PC restartovat po scane sam od seba no nerestartoval sa tak som ho restartoval rucne.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-03-2014 01
Ran by zdenoz at 2014-03-09 11:22:45 Run:1
Running from C:\Users\zdenoz\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [MarketingTools] - C:\Program Files\Sony\Marketing Tools\MarketingTools.exe [36864 2007-11-22] (Sony NSCE)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [132496 2007-07-12] (Sun Microsystems, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-383229388-739048588-2892599554-1003\...\MountPoints2: {cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} - F:\wubi.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://partnerpage.google.com/eu.sony.com/de
http://www.club-vaio.com/vbc
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1B0442D8-BED4-4AD6-AB72-DCA5038A195C} URL = http://www.google.de/search?hl=de&q={searchTerms}&meta=
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]

2014-03-08 00:00 - 2014-03-07 23:58 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Desktop\FRSTLauncher.exe
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload
2014-03-07 23:57 - 2014-03-07 23:57 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload
2014-03-07 23:45 - 2014-03-07 23:46 - 00112640 _____ (forum.viry.cz) C:\Users\zdenoz\Downloads\FRSTLauncher.exe
2014-03-07 23:44 - 2014-03-07 23:44 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST (1).exe
2014-03-07 23:43 - 2014-03-07 23:43 - 01145344 _____ (Farbar) C:\Users\zdenoz\Downloads\FRST.exe
2014-03-06 11:00 - 2014-03-06 11:00 - 00000326 _____ () C:\Windows\PFRO.log
2014-03-06 10:51 - 2014-03-06 10:38 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-06 10:39 - 2014-03-06 11:01 - 00012493 _____ () C:\zoek-results.log
2014-03-06 10:38 - 2014-03-06 10:49 - 00000000 ____D () C:\zoek_backup
2014-03-06 10:38 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Desktop\zoek.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 01284608 _____ () C:\Users\zdenoz\Downloads\zoek.exe
2014-03-05 14:55 - 2014-03-05 14:55 - 00006013 _____ () C:\Users\zdenoz\Desktop\JRT.txt
2014-03-05 14:47 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Desktop\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:43 - 01037734 _____ (Thisisu) C:\Users\zdenoz\Downloads\JRT.exe
2014-03-05 14:42 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Desktop\adwcleaner.exe
2014-03-05 14:39 - 2014-03-05 14:39 - 01244192 _____ () C:\Users\zdenoz\Downloads\adwcleaner.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MarketingTools => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\S-1-5-21-383229388-739048588-2892599554-1003\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => Value deleted successfully.
HKU\S-1-5-21-383229388-739048588-2892599554-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{cf7f5dd6-420f-11dd-b8aa-806e6f6e6963} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B0442D8-BED4-4AD6-AB72-DCA5038A195C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{1B0442D8-BED4-4AD6-AB72-DCA5038A195C} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
blbdrive => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
UIUSys => Service deleted successfully.
C:\Users\zdenoz\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\zdenoz\Downloads\Nepotvrdené 928410.crdownload => Moved successfully.
C:\Users\zdenoz\Downloads\Nepotvrdené 265287.crdownload => Moved successfully.
C:\Users\zdenoz\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\zdenoz\Downloads\FRST (1).exe => Moved successfully.
C:\Users\zdenoz\Downloads\FRST.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\zdenoz\Desktop\zoek.exe => Moved successfully.
C:\Users\zdenoz\Downloads\zoek.exe => Moved successfully.
C:\Users\zdenoz\Desktop\JRT.txt => Moved successfully.
C:\Users\zdenoz\Desktop\JRT.exe => Moved successfully.
C:\Users\zdenoz\Downloads\JRT.exe => Moved successfully.
C:\Users\zdenoz\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\zdenoz\Downloads\adwcleaner.exe => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng" /f =========

Der Vorgang wurde erfolgreich beendet.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Ďakujem za pomoc

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat