VIRY.CZ

ahoj, můžete mrknout prosím? hodinu se snažím se sem dostat a stáhnout frst

log zde:
zbytek příloha.
Aloha

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:15-07-2014 01
Ran by uzivatel (administrator) on PRIMA3-35720A06 on 16-07-2014 01:47:58
Running from C:\Documents and Settings\uzivatel\Dokumenty\Stažené soubory
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\WINDOWS\system32\Crypserv.exe
() C:\WINDOWS\system32\nethtsrv.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
() C:\Program Files\PCDApp\dgen.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\ApUI.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
() C:\Documents and Settings\uzivatel\Data aplikací\Seznam.cz\bin\szndesktop.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe
(Hewlett-Packard Company) C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
(Ralink Technology, Corp.) C:\Program Files\Ralink\Common\RaRegistry.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\WINDOWS\system32\netupdsrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio] => RunDll32 cmicnfg.cpl,CMICtrlWnd
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [172032 2005-07-23] (HP)
HKLM\...\Run: [HP Component Manager] => C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [241664 2003-12-22] (Hewlett-Packard Company)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [417792 2009-11-11] (Apple Inc.)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-10] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-10] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1150976 2009-01-19] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2009-01-09] (Brother Industries, Ltd.)
HKLM\...\Run: [RemoteControl] => C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [68640 2007-01-08] (Cyberlink Corp.)
HKLM\...\Run: [LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [52256 2007-01-08] ()
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-31] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1960408961-2049760794-725345543-1003\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1960408961-2049760794-725345543-1003\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1960408961-2049760794-725345543-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\uzivatel\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1960408961-2049760794-725345543-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\uzivatel\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => c:\Program Files\Supporter\Supporter.dll [4143104 2014-05-25] ()
Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\ApUI.exe (Ralink Technology, Corp.)
Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Ralink Wireless Utility.lnk
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files\Ralink\Common\ApUI.exe (Ralink Technology, Corp.)
Startup: C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\REALTEK 11n USB Wireless LAN Utility.lnk
ShortcutTarget: REALTEK 11n USB Wireless LAN Utility.lnk -> C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
Startup: C:\Documents and Settings\Prima 3\Nabídka Start\Programy\Po spuštění\Registration .LNK
ShortcutTarget: Registration .LNK -> C:\HOVADINY\s2\The Settlers II - 10th Anniversary\bin\RegistrationReminder.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchT ... f8&oe=utf8
SearchScopes: HKCU - {010B4726-B2DC-4626-A8D8-232489B77DC0} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {1385CEDE-3AE1-43A7-98D4-D158B7E9B775} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {1AA3312F-29ED-4BFE-8681-647638E8B637} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {3714833A-57F7-46E4-95F4-76613A2CF830} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {A38ED110-00A2-4077-8420-AB979987D097} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {AB9B5136-9D93-43B5-AC36-DAD8A96D27A2} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {D12BB11B-FF18-465B-8DE3-3496B488B5A0} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {D2AF55EF-29D4-4F0E-B7E9-899DD1DE4761} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {D76FD7B3-A307-4B5D-90D5-AB016D49B99E} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: AllSavoero -> {07D26FF6-9243-C978-8A56-A38C78CCB822} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AllSavoero\UnS2IPYepk.dll ()
BHO: ReguularDeAls -> {290BAF35-3677-DB1E-602C-5A657D7E81D0} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ReguularDeAls\C5JDcrso3b.dll ()
BHO: MiniimumPricuE -> {490E8BF3-71B1-4DCD-94C6-9757A58808E2} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MiniimumPricuE\Znin8T4c.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: RobooSaver -> {884001A7-056B-CCDB-2095-67ABEF214947} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver\V23Q7diE.dll ()
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: CostMin -> {C503F241-2B0D-467F-08AE-348672980903} -> C:\Program Files\CostMin\E.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Trust Media Viewer -> {fc95844e-32cd-4920-8866-a5aec2c80b02} -> C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha3125\ie\TrustMediaViewerV1alpha3125.dll ()
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} http://www.o2c.de/download/o2cplayer.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: google.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKCU: @kb-ext.cz/PKIComponent - C:\Documents and Settings\uzivatel\Data aplikací\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll (Komerční banka, a.s.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: RoboSaver - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\bp1fj@yaeyvsiiyi.com [2014-07-06]
FF Extension: CostMin - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\iuu_3tghj@vbmbr-ay.edu [2014-05-25]
FF Extension: RandomPrIcoe - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\scd7iy@iouiaa-sj.org [2014-06-08]
FF Extension: CoupExttEnsion - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\y-bvyeey@hauyiau.net [2014-06-15]
FF Extension: JoniCoupon - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\z0ei@xoxqcgnf.net [2014-06-01]
FF Extension: Seznam lištička - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: Google Translator for Firefox - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\translator@zoli.bod.xpi [2014-06-08]
FF Extension: Adblock Plus - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-17]
FF HKLM\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha3125.net] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha3125\ff
FF Extension: Trust Media Viewer - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha3125\ff [2014-06-28]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=16194
CHR NewTab: "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Extension: (Trust Media Viewer) - C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\flbjbecmonhglaegmpmlaleggbjgpdkc [2014-06-30]
CHR Extension: (Google Wallet) - C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-27]
CHR HKLM\...\Chrome\Extension: [flbjbecmonhglaegmpmlaleggbjgpdkc] - C:\Program Files\TrustMediaViewerV1\TrustMediaViewerV1alpha3125\ch\TrustMediaViewerV1alpha3125.crx [2014-06-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 40030ae4; c:\Program Files\Supporter\SupporterSvc.dll [179536 2014-05-25] () [File not signed]
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [66048 1998-10-13] () [File not signed]
R2 NetHttpService; C:\WINDOWS\system32\nethtsrv.exe [179200 2014-07-09] () [File not signed]
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97232 2014-05-09] () [File not signed]
R2 RalinkRegistryWriter; C:\Program Files\Ralink\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () [File not signed]
R2 ServiceUpdater; C:\WINDOWS\system32\netupdsrv.exe [159744 2014-07-09] () [File not signed]

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2012-02-09] (Cisco Systems, Inc.) [File not signed]
S3 BlueletAudio; C:\WINDOWS\System32\DRIVERS\blueletaudio.sys [20096 2004-10-19] (IVT Corporation) [File not signed]
R3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2004-10-15] (Brother Industries Ltd.)
S3 BT; C:\WINDOWS\System32\DRIVERS\btnetdrv.sys [10804 2004-09-21] (IVT Corporation) [File not signed]
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [22488 2004-12-01] (IVT Corporation) [File not signed]
S3 BTHidEnum; C:\WINDOWS\System32\DRIVERS\vbtenum.sys [11604 2004-09-21] () [File not signed]
R0 BTHidMgr; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [28207 2004-10-19] (IVT Corporation) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 cmuda; C:\WINDOWS\System32\drivers\cmuda.sys [1373120 2006-06-09] (C-Media Inc)
S3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R1 nethfdrv; C:\WINDOWS\system32\drivers\nethfdrv.sys [49152 2014-07-09] () [File not signed]
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24000 1998-10-13] () [File not signed]
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 rt2870; C:\WINDOWS\System32\DRIVERS\rt2870.sys [1209408 2011-09-06] (Ralink Technology, Corp.)
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-04] (Realtek Semiconductor Corporation)
S3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [894440 2010-06-15] (Realtek Semiconductor Corporation )
R2 Scutum50; C:\WINDOWS\System32\Drivers\Scutum50.sys [19072 2009-04-21] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 VComm; C:\WINDOWS\System32\DRIVERS\VComm.sys [61312 2004-10-19] (IVT Corporation) [File not signed]
S3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [82148 2004-11-05] (IVT Corporation) [File not signed]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-16 01:47 - 2014-07-16 01:48 - 00000000 ____D () C:\FRST
2014-07-16 01:45 - 2014-07-16 01:45 - 00015327 _____ () C:\Documents and Settings\uzivatel\Plocha\LM.bat
2014-07-16 01:43 - 2014-07-16 01:45 - 00029696 _____ () C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-16 01:31 - 2014-07-16 01:31 - 00000687 _____ () C:\awhCFB0.tmp
2014-07-16 01:25 - 2014-07-16 01:25 - 00000000 ____D () C:\Documents and Settings\uzivatel\Nabídka Start\Programy\CyberLink PowerDVD
2014-07-15 12:57 - 2014-07-15 12:57 - 00000801 _____ () C:\Documents and Settings\uzivatel\Plocha\Zástupce - SKLAD 8 - 9 2014.lnk
2014-07-15 11:49 - 2014-07-15 11:49 - 00000818 _____ () C:\Documents and Settings\uzivatel\Plocha\Zástupce - KARTONY SRPEN 2014.lnk
2014-07-15 11:40 - 2014-07-15 11:40 - 00000830 _____ () C:\Documents and Settings\uzivatel\Plocha\Zástupce - DOCHÁZKA SRPEN 2014.lnk
2014-07-15 07:01 - 2014-07-15 07:01 - 00000687 _____ () C:\awh20.tmp
2014-07-13 16:14 - 2014-07-13 16:14 - 00000687 _____ () C:\awhDF.tmp
2014-07-12 08:17 - 2014-07-12 08:17 - 00000687 _____ () C:\awh1109.tmp
2014-07-11 07:37 - 2014-07-11 07:37 - 00000687 _____ () C:\awh27.tmp
2014-07-10 07:12 - 2014-07-10 07:12 - 00000687 _____ () C:\awh34.tmp
2014-07-09 09:28 - 2014-07-09 09:28 - 00246784 _____ () C:\WINDOWS\system32\hfpapi.dll
2014-07-09 09:28 - 2014-07-09 09:28 - 00179200 _____ () C:\WINDOWS\system32\nethtsrv.exe
2014-07-09 09:28 - 2014-07-09 09:28 - 00159744 _____ () C:\WINDOWS\system32\netupdsrv.exe
2014-07-09 09:28 - 2014-07-09 09:28 - 00111104 _____ () C:\WINDOWS\system32\installd.exe
2014-07-09 09:28 - 2014-07-09 09:28 - 00108544 _____ () C:\WINDOWS\system32\hfnapi.dll
2014-07-09 09:28 - 2014-07-09 09:28 - 00049152 _____ () C:\WINDOWS\system32\Drivers\nethfdrv.sys
2014-07-09 09:17 - 2014-07-09 09:17 - 11204096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-09 06:49 - 2014-07-09 06:49 - 00000687 _____ () C:\awh25.tmp
2014-07-08 19:08 - 2014-07-08 19:08 - 00000687 _____ () C:\awh1E.tmp
2014-07-08 06:43 - 2014-07-08 06:43 - 00000687 _____ () C:\awh24.tmp
2014-07-06 20:45 - 2014-07-06 20:45 - 00000687 _____ () C:\awh2B.tmp
2014-07-05 07:39 - 2014-07-05 07:39 - 00000687 _____ () C:\awh23.tmp
2014-07-04 07:55 - 2014-07-04 07:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver
2014-07-04 07:55 - 2014-07-04 07:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver
2014-07-04 07:20 - 2014-07-04 07:20 - 00000687 _____ () C:\awh22.tmp
2014-07-03 06:58 - 2014-07-03 06:58 - 00000687 _____ () C:\awh28.tmp
2014-07-02 09:14 - 2014-07-02 09:14 - 00000687 _____ () C:\awh26.tmp
2014-07-01 18:02 - 2014-07-01 18:02 - 00000687 _____ () C:\awh22D4.tmp
2014-06-29 13:00 - 2014-06-29 13:00 - 00000687 _____ () C:\awh588A.tmp
2014-06-28 20:47 - 2014-06-28 20:47 - 00000476 __RSH () C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
2014-06-28 20:47 - 2014-06-28 20:47 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-06-28 20:47 - 2014-06-28 20:47 - 00000000 ____D () C:\Program Files\TrustMediaViewerV1
2014-06-25 02:17 - 2014-06-25 02:17 - 00000687 _____ () C:\awh196.tmp
2014-06-22 08:22 - 2014-06-22 08:22 - 00000687 _____ () C:\awhAE.tmp
2014-06-20 16:08 - 2014-06-20 16:08 - 00000687 _____ () C:\awh1F.tmp
2014-06-20 07:04 - 2014-06-20 07:04 - 00000687 _____ () C:\awh2A.tmp

==================== One Month Modified Files and Folders =======

2014-07-16 01:50 - 2007-11-06 15:22 - 00000000 ____D () C:\Documents and Settings\uzivatel\Local Settings\Temp
2014-07-16 01:48 - 2014-07-16 01:47 - 00000000 ____D () C:\FRST
2014-07-16 01:47 - 2011-05-01 00:03 - 00000000 ____D () C:\Documents and Settings\uzivatel\Dokumenty\Stažené soubory
2014-07-16 01:45 - 2014-07-16 01:45 - 00015327 _____ () C:\Documents and Settings\uzivatel\Plocha\LM.bat
2014-07-16 01:45 - 2014-07-16 01:43 - 00029696 _____ () C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\MSGBOX.EXE
2014-07-16 01:45 - 2007-11-06 15:22 - 00000000 ___HD () C:\Documents and Settings\uzivatel\Local Settings\Data aplikací
2014-07-16 01:45 - 2007-11-06 15:22 - 00000000 ____D () C:\Documents and Settings\uzivatel\Plocha
2014-07-16 01:31 - 2014-07-16 01:31 - 00000687 _____ () C:\awhCFB0.tmp
2014-07-16 01:31 - 2014-05-25 16:28 - 00000000 ____D () C:\Documents and Settings\uzivatel\Data aplikací\Seznam.cz
2014-07-16 01:28 - 2007-11-06 15:11 - 01928006 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-16 01:26 - 2014-05-31 11:30 - 00000000 _____ () C:\WINDOWS\system32\s.o
2014-07-16 01:26 - 2014-05-25 16:27 - 00000388 _____ () C:\WINDOWS\Tasks\AmiUpdXp.job
2014-07-16 01:26 - 2012-02-09 18:58 - 00000441 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.ics
2014-07-16 01:26 - 2010-09-28 11:40 - 00000259 _____ () C:\WINDOWS\wiadebug.log
2014-07-16 01:26 - 2010-09-28 11:40 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-07-16 01:25 - 2014-07-16 01:25 - 00000000 ____D () C:\Documents and Settings\uzivatel\Nabídka Start\Programy\CyberLink PowerDVD
2014-07-16 01:25 - 2014-03-30 14:27 - 00000228 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-07-16 01:25 - 2011-05-08 16:27 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-16 01:25 - 2007-11-06 15:22 - 00000000 ___RD () C:\Documents and Settings\uzivatel\Nabídka Start\Programy
2014-07-16 01:25 - 2007-11-06 15:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-15 14:59 - 2010-09-28 09:20 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-07-15 14:59 - 2007-11-06 15:22 - 00000178 ___SH () C:\Documents and Settings\uzivatel\ntuser.ini
2014-07-15 14:59 - 2007-11-06 15:20 - 00032636 _____ () C:\WINDOWS\SchedLgU.Txt
2014-07-15 14:19 - 2011-05-08 16:27 - 00000944 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 14:17 - 2012-04-02 10:07 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-15 13:50 - 2012-07-23 09:25 - 00000087 _____ () C:\WINDOWS\printstn.INI
2014-07-15 13:50 - 2005-01-24 18:38 - 00000000 ____D () C:\LVWIN60
2014-07-15 12:57 - 2014-07-15 12:57 - 00000801 _____ () C:\Documents and Settings\uzivatel\Plocha\Zástupce - SKLAD 8 - 9 2014.lnk
2014-07-15 11:49 - 2014-07-15 11:49 - 00000818 _____ () C:\Documents and Settings\uzivatel\Plocha\Zástupce - KARTONY SRPEN 2014.lnk
2014-07-15 11:40 - 2014-07-15 11:40 - 00000830 _____ () C:\Documents and Settings\uzivatel\Plocha\Zástupce - DOCHÁZKA SRPEN 2014.lnk
2014-07-15 11:20 - 2014-02-13 11:20 - 00012341 _____ () C:\Documents and Settings\uzivatel\Plocha\OBJ.NUTRA.xlsx
2014-07-15 07:22 - 2012-05-21 10:17 - 00000000 ____D () C:\Documents and Settings\uzivatel\Dokumenty\DL RACIO
2014-07-15 07:01 - 2014-07-15 07:01 - 00000687 _____ () C:\awh20.tmp
2014-07-15 06:55 - 2001-10-25 16:00 - 00002262 _____ () C:\WINDOWS\system32\wpa.dbl
2014-07-13 16:14 - 2014-07-13 16:14 - 00000687 _____ () C:\awhDF.tmp
2014-07-12 08:17 - 2014-07-12 08:17 - 00000687 _____ () C:\awh1109.tmp
2014-07-11 07:37 - 2014-07-11 07:37 - 00000687 _____ () C:\awh27.tmp
2014-07-10 14:51 - 2010-09-27 12:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2014-07-10 14:51 - 2010-09-27 12:54 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2014-07-10 14:44 - 2013-07-19 03:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-10 14:40 - 2007-11-06 16:46 - 93585272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-10 13:43 - 2005-01-10 16:03 - 00039424 _____ () C:\Documents and Settings\uzivatel\Plocha\Směny.xls
2014-07-10 07:12 - 2014-07-10 07:12 - 00000687 _____ () C:\awh34.tmp
2014-07-09 09:28 - 2014-07-09 09:28 - 00246784 _____ () C:\WINDOWS\system32\hfpapi.dll
2014-07-09 09:28 - 2014-07-09 09:28 - 00179200 _____ () C:\WINDOWS\system32\nethtsrv.exe
2014-07-09 09:28 - 2014-07-09 09:28 - 00159744 _____ () C:\WINDOWS\system32\netupdsrv.exe
2014-07-09 09:28 - 2014-07-09 09:28 - 00111104 _____ () C:\WINDOWS\system32\installd.exe
2014-07-09 09:28 - 2014-07-09 09:28 - 00108544 _____ () C:\WINDOWS\system32\hfnapi.dll
2014-07-09 09:28 - 2014-07-09 09:28 - 00049152 _____ () C:\WINDOWS\system32\Drivers\nethfdrv.sys
2014-07-09 09:17 - 2014-07-09 09:17 - 11204096 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-07-09 09:17 - 2012-04-02 10:07 - 00699056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-07-09 09:17 - 2011-05-28 21:52 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-07-09 06:49 - 2014-07-09 06:49 - 00000687 _____ () C:\awh25.tmp
2014-07-08 19:20 - 2014-03-30 14:27 - 00000222 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-07-08 19:08 - 2014-07-08 19:08 - 00000687 _____ () C:\awh1E.tmp
2014-07-08 06:43 - 2014-07-08 06:43 - 00000687 _____ () C:\awh24.tmp
2014-07-06 20:45 - 2014-07-06 20:45 - 00000687 _____ () C:\awh2B.tmp
2014-07-05 07:39 - 2014-07-05 07:39 - 00000687 _____ () C:\awh23.tmp
2014-07-04 13:36 - 2007-11-06 14:36 - 00000000 ____D () C:\Documents and Settings\uzivatel\Dokumenty\Outlook Express
2014-07-04 08:01 - 2014-05-25 16:28 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\df3183a0089a298b
2014-07-04 08:01 - 2014-05-25 16:28 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\df3183a0089a298b
2014-07-04 07:55 - 2014-07-04 07:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver
2014-07-04 07:55 - 2014-07-04 07:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver
2014-07-04 07:55 - 2007-11-06 15:52 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-07-04 07:20 - 2014-07-04 07:20 - 00000687 _____ () C:\awh22.tmp
2014-07-03 09:09 - 2014-02-19 14:14 - 00002317 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Sayasis.lnk
2014-07-03 06:58 - 2014-07-03 06:58 - 00000687 _____ () C:\awh28.tmp
2014-07-02 09:14 - 2014-07-02 09:14 - 00000687 _____ () C:\awh26.tmp
2014-07-01 18:02 - 2014-07-01 18:02 - 00000687 _____ () C:\awh22D4.tmp
2014-07-01 13:10 - 2001-10-25 16:00 - 00000512 _____ () C:\WINDOWS\win.ini
2014-06-29 13:00 - 2014-06-29 13:00 - 00000687 _____ () C:\awh588A.tmp
2014-06-28 20:47 - 2014-06-28 20:47 - 00000476 __RSH () C:\Documents and Settings\All Users.WINDOWS\ntuser.pol
2014-06-28 20:47 - 2014-06-28 20:47 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2014-06-28 20:47 - 2014-06-28 20:47 - 00000000 ____D () C:\Program Files\TrustMediaViewerV1
2014-06-28 20:47 - 2007-11-06 15:51 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS
2014-06-26 10:12 - 2014-02-19 14:21 - 00000000 ____D () C:\Documents and Settings\uzivatel\Dokumenty\Veronika
2014-06-25 02:17 - 2014-06-25 02:17 - 00000687 _____ () C:\awh196.tmp
2014-06-22 08:22 - 2014-06-22 08:22 - 00000687 _____ () C:\awhAE.tmp
2014-06-20 16:08 - 2014-06-20 16:08 - 00000687 _____ () C:\awh1F.tmp
2014-06-20 07:04 - 2014-06-20 07:04 - 00000687 _____ () C:\awh2A.tmp

Files to move or delete:
====================
C:\Documents and Settings\Polda 2\Polda2.exe

Some content of TEMP:
====================
C:\Documents and Settings\uzivatel\Local Settings\Temp\49442e40_.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\5d037a5a_.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\AdobeUpdater12345.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\appinstaly.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\drvinstal.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\drvinstal1.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\Foxit Reader Updater.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\Foxit Updater.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-7u15-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-7u25-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\jre-7u60-windows-i586-iftw.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\PicasaCD.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\_is122.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp\_is1E2.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-1960408961-2049760794-725345543-1003\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
AppInit_DLLs: c:\progra~1\suppor~1\suppor~1.dll => c:\Program Files\Supporter\Supporter.dll [4143104 2014-05-25] ()
c:\Program Files\Supporter\Supporter.dll
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
BHO: ReguularDeAls -> {290BAF35-3677-DB1E-602C-5A657D7E81D0} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ReguularDeAls\C5JDcrso3b.dll ()
BHO: MiniimumPricuE -> {490E8BF3-71B1-4DCD-94C6-9757A58808E2} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MiniimumPricuE\Znin8T4c.dll ()
c:\Documents and Settings\All Users.WINDOWS\Data aplikací\ReguularDeAls
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MiniimumPricuE
BHO: RobooSaver -> {884001A7-056B-CCDB-2095-67ABEF214947} -> C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver\V23Q7diE.dll ()
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\RobooSaver
BHO: CostMin -> {C503F241-2B0D-467F-08AE-348672980903} -> C:\Program Files\CostMin\E.dll ()
C:\Program Files\CostMin
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Extension: RoboSaver - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\bp1fj@yaeyvsiiyi.com [2014-07-06]
FF Extension: CostMin - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\iuu_3tghj@vbmbr-ay.edu [2014-05-25]
FF Extension: RandomPrIcoe - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\scd7iy@iouiaa-sj.org [2014-06-08]
FF Extension: CoupExttEnsion - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\y-bvyeey@hauyiau.net [2014-06-15]
FF Extension: JoniCoupon - C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\Extensions\z0ei@xoxqcgnf.net [2014-06-01]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
R1 NetworkX; C:\WINDOWS\system32\ckldrv.sys [24000 1998-10-13] () [File not signed]
C:\awh20.tmp
C:\awhDF.tmp
C:\awh1109.tmp
C:\awh27.tmp
C:\awh34.tmp
C:\awh25.tmp
C:\awh1E.tmp
C:\awh24.tmp
C:\awh2B.tmp
C:\awh23.tmp
C:\awh22.tmp
C:\awh28.tmp
C:\awh26.tmp
C:\awh22D4.tmp
C:\awh588A.tmp
C:\awh196.tmp
C:\awhAE.tmp
C:\awh1F.tmp
c:\awh2A.tmp
C:\awhCFB0.tmp
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\awh20.tmp
C:\Documents and Settings\Polda 2\Polda2.exe
C:\Documents and Settings\uzivatel\Local Settings\Temp
End

Uložte do C:\Documents and Settings\uzivatel\Dokumenty\Stažené soubory jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Zdravím,

trvalo to snad 15 minut než se fix dokončil po restartu, ale je hotovo. Log má skoro 4MB. Je tam toho hafo, tak to přidávám do přílohy.
Jinak prohlížeče stále zlobí (google a firefox). Reklamy, panely s vyhledáváním na Bing atp.
Díky

Spusťte následující utility:

1.

Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

2.

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Chtěl sem chvalořečit app. adwcleaner a nebudu. Myslel sem, že je s havětí konec, co jsem si pročetl log, ale je to +- stejné. Lišta vyhledávače Bing, vyskakujicí okno. Ale nějaká reklama zmizela, to jo.
Junkware ještě pracuje.

# AdwCleaner v3.211 - Report created 17/07/2014 at 22:53:46
# Updated 26/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uzivatel - PRIMA3-35720A06
# Running from : C:\Documents and Settings\uzivatel\Dokumenty\Stažené

soubory\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 40030ae4

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\CostMin
Folder Deleted : C:\Program Files\Supporter
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data

aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\Chromatic

Browser
Folder Deleted : C:\Documents and Settings\Guest\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data

aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\HelpAssistant\Local Settings\Data aplikací\torch
Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data

aplikací\Chromatic Browser
Folder Deleted : C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Data

aplikací\torch
Folder Deleted : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Chromatic

Browser
Folder Deleted : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\torch
File Deleted : C:\WINDOWS\Tasks\AmiUpdXp.job

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CostMin.CostMin
Key Deleted : HKLM\SOFTWARE\Classes\CostMin.CostMin.2.2
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE4

8B}{40030ae4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\PIP
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F5F003B-C71B-72E3-42B4-DE51AB079E

B2}
Key Deleted :

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF

96}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Documents and Settings\uzivatel\Data

aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
Line Deleted : user_pref("extensions.TVbjSBnJ3zm.scode", "(function(){try{var

url=(window.self.location.href +

document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.in

dexOf(\"sumo[...]
Line Deleted : user_pref("extensions.dIHsA5zPFCQT.scode", "(function(){try{var

url=(window.self.location.href +

document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.in

dexOf(\"sum[...]
Line Deleted : user_pref("extensions.jxJ67o8ca.scode", "(function(){try{var

url=(window.self.location.href +

document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.in

dexOf(\"sumoro[...]
Line Deleted : user_pref("extensions.n0fRzp.scode", "(function(){try{var

url=(window.self.location.href +

document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.in

dexOf(\"sumorobo.[...]
Line Deleted : user_pref("extensions.tuz.scode", "(function(){try{var

url=(window.self.location.href +

document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.in

dexOf(\"sumorobo.net[...]

-\\ Google Chrome v35.0.1916.114

[ File : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User

Data\Default\preferences ]

Deleted [Startup_urls] : hxxp://search.gboxapp.com/
Deleted [Homepage] : hxxp://search.gboxapp.com/

*************************

AdwCleaner[R0].txt - [5115 octets] - [17/07/2014 22:47:04]
AdwCleaner[S0].txt - [4995 octets] - [17/07/2014 22:53:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5055 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by uzivatel on źt 17.07.2014 at 22:57:34,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3714833A-57F7-46E4-95F4-76613A2CF830}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fc95844e-32cd-4920-8866-a5aec2c80b02}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{fc95844e-32cd-4920-8866-a5aec2c80b02}

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 17.07.2014 at 23:26:14,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ok, měl sem pocit, že jsem adwcleaner nedal šanci jakou by si zasloužil. Na stahuj.cz je starší verze ke stažení než na stránce, kde mě "nutila" jít stará verze adwcleaner.
Něco to pomazalo opět, ale stále lišta vyhledávače bing, vyskakovací okno taky vyskakuje.
Zdá se mi prohlížeč FF být svižnější.
Log:
# AdwCleaner v3.216 - Report created 17/07/2014 at 23:47:06
# Updated 17/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : uzivatel - PRIMA3-35720A06
# Running from : C:\Documents and Settings\uzivatel\Dokumenty\Stažené soubory\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : nethfdrv
Service Deleted : NethxxpService
[#] Service Deleted : ProtectMonitor
Service Deleted : ServiceUpdater

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\PCDApp
File Deleted : C:\WINDOWS\system32\drivers\nethfdrv.sys
File Deleted : C:\WINDOWS\system32\hfpapi.dll
File Deleted : C:\WINDOWS\system32\installd.exe
File Deleted : C:\WINDOWS\system32\nethtsrv.exe
File Deleted : C:\WINDOWS\system32\netupdsrv.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\PCDApp\dgen.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\u62fcyf6.default\prefs.js ]

-\\ Google Chrome v35.0.1916.114

[ File : C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [5115 octets] - [17/07/2014 22:47:04]
AdwCleaner[R1].txt - [2130 octets] - [17/07/2014 23:42:16]
AdwCleaner[S0].txt - [5135 octets] - [17/07/2014 22:53:46]
AdwCleaner[S1].txt - [2089 octets] - [17/07/2014 23:47:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2149 octets] ##########

Nastala nějaká změna?

ano, jak výše píšu. FF je rychlejší, ale stále tam je v prohlížeči lišta na vyhledávání přes Bing a vyskakuje a zavírá se nějaké okno vyskakovací.

Zazálohujte FF pomocí Mozbackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ . Pak FF odinstalujte vč jeho profilu. Znovu nainstalujte a ze zálohy zpět nakopírujte pouze záložky, příp. hesla.

ano, máte pravdu. Pomohlo to. Teda nevím jestli to pomohlo, ale předtím než sem dal odinstalovat FF, tak sem šel ve Win do Přidat odebrat programy a pomazal tam cca 5 prográmků co měli co společné s prohlížeči. Všechno šlape perfektně. Díky moc

Rádo se stalo!

VIRY.CZ

Divně chovající se prohlížeč

Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč

Re: Divně chovající se prohlížeč