pokračování tématu Youtube Accelerator

[pavel123]

Dobrý den,
omlouvám se, ale raději se na Vás obracím ještě jednou.
Po vyčištění notebooku od Youtube Acceleratoru (a možná i něčeho dalšího) mám problém s Firefoxem. Leze mi tam při otevírání nějaké požadované stránky spousta reklam a bannerů a odkazů na hry a podobného smetí a je to hrozně pomalé. Do toho posledního problému mi to tam zdaleka tolik nelezlo.
Domníval jsem se, že Youtbe Accelerator mohl nějak Firefox nabourat, tak jsem ho odinstaloval, vyčistil jsem registry a veškerou historii a nainstaloval ho znovu, ale chová se to pořád stejně.
Chtěl jsem si stáhnout a nainstalovat Adblock, stáhl jsem z: Mozilla Foundation (US) https://addons.mozilla.org/cs/firefox/a ... lock-plus/
Narazil jsem ale na to, že stažený soubor adblock_plus-2.6.4-fx+an+sm+tb.xpi mi nejde spustit, požaduje to vyhledat vhodný program pomocí webové služba.
Po poslední zkušenosti, kdy jsem si s DocReaderem nechtěně nainstaloval i Youtube Accelerator a nejsem si vědom, že by se mě to někde ptalo, jestli ho chci se teď bojím spustit instalaci něčeho, co se chová takhle....
Můžu prosím poprosit o radu, co s tím a nebo jestli si mám stáhnout adblock odjinud?
A nebo jestli problém může být někde jinde?
Když použije Chrome, tak se tam žádné podobné smetí nevnucuje...
Díky za radu
Pavel

[vyosek]

Zdravim

Aplikujte AdwCleaner jako minule - log pak sem, snad nam to od reklam vycisti

AdBlock pak nainstalujem

[pavel123]

Díky, připadám si už jako tydýt

Posílám log z AdwCleaneru:

# AdwCleaner v3.302 - Report created 04/08/2014 at 11:37:14
# Updated 30/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - SASA
# Running from : C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\focusbase

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v31.0 (x86 cs)

[ File : C:\Documents and Settings\admin\Data aplikací\Mozilla\Firefox\Profiles\4mlb4m13.default\prefs.js ]


[ File : C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\prefs.js ]

Line Deleted : user_pref("extensions.a45633fba7e7d40fea9c299dc18447eea04021a325caf3com61911.61911.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A757182%2C%22ver%22%3A1%2C%22status%22%3A1%2[...]
Line Deleted : user_pref("extensions.a45633fba7e7d40fea9c299dc18447eea04021a325caf3com61911.61911.internaldb.Resources_resource_757191.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%20a%28e%29%7Bvar%20[...]
Line Deleted : user_pref("extensions.a45633fba7e7d40fea9c299dc18447eea04021a325caf3com61911.61911.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2[...]
Line Deleted : user_pref("extensions.aRNEOMVW50611856ZKVKQ22976610com61908.61908.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anth[...]
Line Deleted : user_pref("extensions.aRNEOMVW50611856ZKVKQ22976610com61908.61908.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%[...]
Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.Resources_meta.value", "%7B%22images/icon_255x255.png%22%3A%7B%22id%22%3A750126%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22im[...]
Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls[...]
Line Deleted : user_pref("extensions.asepherdwilburaolcom61752.61752.thankyou", "hxxp://crossrider.com/thank_you/61752");
Line Deleted : user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22[...]
Line Deleted : user_pref("extensions.crossrider.bic", "14791e7218339fc102423f0deffbd972");

-\\ Google Chrome v34.0.1847.131

[ File : C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R2].txt - [3576 octets] - [04/08/2014 10:57:06]
AdwCleaner[S2].txt - [3527 octets] - [04/08/2014 11:37:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3587 octets] ##########

[vyosek]

V pohode, nic se nedeje

Poprosim nyni o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[pavel123]

Díky

Tady je log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Owner (administrator) on SASA on 04-08-2014 11:56:45
Running from C:\Documents and Settings\Owner\Plocha
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\CDBurnerXP\NMSAccessU.exe
(Monet+, a.s.) C:\WINDOWS\system32\xmesrv.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Broadcom Corporation.) C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\S-1-5-21-583907252-1450960922-1417001333-1003\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-05-18] (Hewlett-Packard Company)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 208.67.222.222

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=12.0.1.666 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=12.0.1.666 -> C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.666 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ge-Force - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com [2014-07-31]
FF Extension: SavePass - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\RNEOMVW50611856@ZKVKQ22976610.com [2014-07-31]
FF Extension: Internet Speed Checker - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\sepherdwilbur@aol.com [2014-07-31]
FF Extension: Sense - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\warnerroberts@hotmail.com [2014-07-31]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-03-08]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-08-30]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon [2012-03-21]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-02-04]

Chrome:
=======
CHR HomePage:
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-16]
CHR Extension: (Disk Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-16]
CHR Extension: (YouTube) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-16]
CHR Extension: (Vyhledávání Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-16]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2011-08-30]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Documents and Settings\Owner\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-16]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-08-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems)
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2009-07-02] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1329304 2012-11-26] (ESET)
S4 gupdate1ca2ff55364e1b6; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-09-07] (Google Inc.)
S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-09-12] (Oracle Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
R2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [254042 2009-03-30] (IDT, Inc.)
R2 VmbService; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [9216 2011-07-14] (Vodafone) [File not signed]
R2 xmengine service; C:\WINDOWS\system32\xmesrv.exe [28672 2007-01-18] (Monet+, a.s.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113536 2009-02-18] (Andrea Electronics Corporation)
S3 AF15BDA; C:\WINDOWS\System32\DRIVERS\AF15BDA.sys [483200 2012-01-26] (ITETech )
R1 AmdPPM; C:\WINDOWS\System32\DRIVERS\AmdPPM.sys [33792 2007-04-16] (Advanced Micro Devices)
R2 ASIXIo; C:\WINDOWS\system32\Drivers\asixio.sys [3078 2011-05-12] (ASIX s.r.o) [File not signed]
S1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [33112 2013-04-10] () [File not signed]
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [1735040 2009-07-29] (Broadcom Corporation)
R0 BMLoad; C:\WINDOWS\System32\drivers\BMLoad.sys [13184 2010-03-11] (Bytemobile, Inc.) [File not signed]
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [534568 2009-01-14] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2009-01-14] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2009-01-14] (Broadcom Corporation.)
R3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [156816 2009-01-14] (Broadcom Corporation.)
R3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [47272 2009-01-14] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [159832 2012-10-08] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [121216 2012-10-08] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [149568 2012-10-08] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [40376 2012-10-08] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [62512 2012-10-08] (ESET)
S3 FsUsbExDisk; C:\WINDOWS\system32\FsUsbExDisk.SYS [36608 2009-03-31] () [File not signed]
S3 GemCCID; C:\WINDOWS\System32\Drivers\GemCCID.sys [89600 2009-08-10] (Gemalto)
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
S3 OlyCamComm; C:\WINDOWS\System32\DRIVERS\OlyCamComm.sys [21648 2009-09-10] (OLYMPUS IMAGING CORP.)
S3 silabenm; C:\WINDOWS\System32\DRIVERS\silabenm.sys [47176 2013-10-24] (Silicon Laboratories)
S3 silabser; C:\WINDOWS\System32\DRIVERS\silabser.sys [63104 2013-10-24] (Silicon Laboratories)
R3 SNP2UVC; C:\WINDOWS\System32\DRIVERS\snp2uvc.sys [1765168 2009-03-26] ()
S3 ss_bbus; C:\WINDOWS\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\WINDOWS\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\WINDOWS\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
S3 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2012-05-22] () [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1550891 2009-03-30] (IDT, Inc.)
R1 tcpipBM; C:\WINDOWS\system32\drivers\tcpipBM.sys [24192 2010-03-11] (Bytemobile, Inc.) [File not signed]
R3 vodafone_K3805-z_dc_enum; C:\WINDOWS\System32\DRIVERS\vodafone_K3805-z_dc_enum.sys [80000 2010-09-01] (Vodafone)
R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [296960 2009-03-27] (Marvell)
U4 epfwtdir; system32\DRIVERS\epfwtdir.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 11:56 - 2014-08-04 11:57 - 00017449 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-08-04 11:56 - 2014-08-04 11:56 - 00000000 ____D () C:\FRST
2014-08-04 11:54 - 2014-08-04 11:55 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-08-04 11:54 - 2014-08-04 11:54 - 01084928 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-08-04 10:57 - 2014-08-04 11:37 - 00000000 ____D () C:\AdwCleaner
2014-08-04 10:56 - 2014-08-04 10:56 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-08-04 09:07 - 2014-08-04 09:07 - 00000730 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-08-04 09:07 - 2014-08-04 09:07 - 00000724 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-08-04 09:07 - 2014-08-04 09:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-03 18:18 - 2014-08-03 18:18 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Plocha\TFC.exe
2014-08-03 17:31 - 2014-08-04 10:17 - 00000924 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2014-08-01 19:45 - 2014-08-01 19:45 - 00007646 _____ () C:\Documents and Settings\Owner\Plocha\zoek-results.txt
2014-08-01 09:23 - 2014-08-04 11:57 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-07-31 14:50 - 2014-07-31 14:50 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2014-07-31 13:53 - 2014-07-31 14:02 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
2014-07-31 13:49 - 2014-07-31 13:49 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Freeware
2014-07-31 13:45 - 2014-07-31 13:45 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
2014-07-31 13:45 - 2014-07-31 13:45 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\CrashRpt
2014-07-30 14:54 - 2014-07-30 14:54 - 00000001 _____ () C:\Documents and Settings\Owner\Dokumenty\.spirit-settings.cfg
2014-07-30 13:43 - 2014-07-30 13:43 - 00001604 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00001598 _____ () C:\Documents and Settings\All Users\Plocha\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00000000 ____D () C:\Program Files\Spirit Setings
2014-07-30 08:20 - 2014-08-04 09:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-29 16:15 - 2014-07-29 16:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2014-07-29 16:12 - 2013-10-24 22:39 - 00063104 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\silabser.sys
2014-07-29 16:12 - 2013-10-24 22:39 - 00047176 _____ (Silicon Laboratories) C:\WINDOWS\system32\Drivers\silabenm.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-04 11:57 - 2014-08-04 11:56 - 00017449 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-08-04 11:57 - 2014-08-01 09:23 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Temp
2014-08-04 11:56 - 2014-08-04 11:56 - 00000000 ____D () C:\FRST
2014-08-04 11:56 - 2009-07-29 14:57 - 00000000 ___HD () C:\Documents and Settings\Owner\Local Settings\Data aplikací
2014-08-04 11:56 - 2009-07-29 14:57 - 00000000 ____D () C:\Documents and Settings\Owner\Plocha
2014-08-04 11:55 - 2014-08-04 11:54 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-08-04 11:54 - 2014-08-04 11:54 - 01084928 _____ (Farbar) C:\Documents and Settings\Owner\Plocha\FRST.exe
2014-08-04 11:42 - 2009-07-29 14:52 - 01775172 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-04 11:39 - 2009-07-29 15:38 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-08-04 11:39 - 2009-07-29 15:38 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-08-04 11:39 - 2009-07-29 14:55 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-04 11:39 - 2009-07-02 18:44 - 00173776 _____ () C:\WINDOWS\system32\ativvaxx.cap
2014-08-04 11:38 - 2009-07-29 14:57 - 00000178 ___SH () C:\Documents and Settings\Owner\ntuser.ini
2014-08-04 11:38 - 2009-07-29 14:55 - 00032560 _____ () C:\WINDOWS\SchedLgU.Txt
2014-08-04 11:37 - 2014-08-04 10:57 - 00000000 ____D () C:\AdwCleaner
2014-08-04 10:56 - 2014-08-04 10:56 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-08-04 10:17 - 2014-08-03 17:31 - 00000924 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2014-08-04 09:07 - 2014-08-04 09:07 - 00000730 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2014-08-04 09:07 - 2014-08-04 09:07 - 00000724 _____ () C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2014-08-04 09:07 - 2014-08-04 09:07 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-04 09:07 - 2014-07-30 08:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-04 09:07 - 2009-07-29 15:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-08-04 09:07 - 2009-07-29 15:35 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-08-04 08:59 - 2009-07-29 14:57 - 00000000 ____D () C:\Documents and Settings\Owner
2014-08-04 08:55 - 2013-09-11 18:37 - 02164002 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-583907252-1450960922-1417001333-1003-0.dat
2014-08-04 08:54 - 2013-09-10 22:47 - 00334322 _____ () C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
2014-08-03 18:19 - 2012-12-19 09:59 - 00000000 ____D () C:\Documents and Settings\admin\Local Settings\temp
2014-08-03 18:18 - 2014-08-03 18:18 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Plocha\TFC.exe
2014-08-03 18:16 - 2009-07-29 15:27 - 00110016 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
2014-08-03 18:15 - 2009-07-29 14:50 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-08-03 18:14 - 2009-07-29 15:34 - 00372080 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-03 17:22 - 2008-04-14 14:00 - 00013736 _____ () C:\WINDOWS\system32\wpa.dbl
2014-08-01 19:45 - 2014-08-01 19:45 - 00007646 _____ () C:\Documents and Settings\Owner\Plocha\zoek-results.txt
2014-08-01 16:15 - 2009-08-18 17:20 - 00000000 ____D () C:\Documents and Settings\Owner\Dokumenty\Stažené soubory
2014-08-01 14:03 - 2009-11-09 14:44 - 00000000 ____D () C:\Program Files\AutoCAD R14
2014-07-31 15:41 - 2014-05-12 16:13 - 00000000 ____D () C:\JRT
2014-07-31 15:16 - 2009-07-30 14:33 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\Temp
2014-07-31 15:15 - 2008-04-14 14:00 - 00000675 _____ () C:\WINDOWS\win.ini
2014-07-31 15:14 - 2009-07-29 15:34 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-07-31 14:50 - 2014-07-31 14:50 - 00000000 ___RD () C:\Documents and Settings\LocalService\Oblíbené položky
2014-07-31 14:50 - 2009-07-29 14:55 - 00000000 __SHD () C:\Documents and Settings\LocalService
2014-07-31 14:02 - 2014-07-31 13:53 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Seznam.cz
2014-07-31 13:54 - 2009-07-29 14:57 - 00000000 ___RD () C:\Documents and Settings\Owner\Dokumenty
2014-07-31 13:53 - 2009-07-29 14:57 - 00000000 __RHD () C:\Documents and Settings\Owner\Data aplikací
2014-07-31 13:49 - 2014-07-31 13:49 - 00000000 ____D () C:\Documents and Settings\Owner\Data aplikací\Media Freeware
2014-07-31 13:46 - 2009-07-29 15:35 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokumenty
2014-07-31 13:45 - 2014-07-31 13:45 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
2014-07-31 13:45 - 2014-07-31 13:45 - 00000000 ____D () C:\Documents and Settings\Owner\Local Settings\Data aplikací\CrashRpt
2014-07-31 13:44 - 2011-08-30 10:26 - 00001871 _____ () C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2014-07-31 07:54 - 2013-06-19 06:42 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-07-30 14:54 - 2014-07-30 14:54 - 00000001 _____ () C:\Documents and Settings\Owner\Dokumenty\.spirit-settings.cfg
2014-07-30 13:43 - 2014-07-30 13:43 - 00001604 _____ () C:\Documents and Settings\All Users\Nabídka Start\Programy\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00001598 _____ () C:\Documents and Settings\All Users\Plocha\Spirit Settings.lnk
2014-07-30 13:43 - 2014-07-30 13:43 - 00000000 ____D () C:\Program Files\Spirit Setings
2014-07-30 13:06 - 2009-08-04 14:05 - 00000178 ___SH () C:\Documents and Settings\admin\ntuser.ini
2014-07-29 17:30 - 2009-07-30 14:40 - 00114176 _____ () C:\Documents and Settings\Owner\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-29 16:15 - 2014-07-29 16:15 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_silabser_01009.Wdf
2014-07-29 16:12 - 2010-08-15 22:14 - 00000000 ____D () C:\Program Files\DIFX

Some content of TEMP:
====================
C:\Documents and Settings\Owner\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:97.65 GB) (Free:71.88 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive f: () (Fixed) (Total:200.43 GB) (Free:22.06 GB) NTFS

Available physical RAM: 908.42 MB
Total physical RAM: 1788.79 MB
Percentage of memory in use: 49%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298 GB) (Disk ID: 7A3CFDCA)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\Temp:56E2E879

==================== Security Center ==================

AV: ESET Smart Security 6.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Owner\Plocha" je 114 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[pavel123]

Zdravím, omlouvám se, jen se chci zeptat, jestli jste na mě nezapomněl?
Pavel

[vyosek]

Omlouvam se, nejak mi to zapadlo

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  FF Extension: SavePass - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\RNEOMVW50611856@ZKVKQ22976610.com [2014-07-31]
  FF Extension: Internet Speed Checker - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\sepherdwilbur@aol.com [2014-07-31]
  FF Extension: Sense - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\warnerroberts@hotmail.com [2014-07-31]
  
  U4 epfwtdir; system32\DRIVERS\epfwtdir.sys [X]
  
  
  2014-08-04 11:56 - 2014-08-04 11:57 - 00017449 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
  2014-08-04 11:54 - 2014-08-04 11:55 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
  2014-08-04 10:57 - 2014-08-04 11:37 - 00000000 ____D () C:\AdwCleaner
  2014-08-04 10:56 - 2014-08-04 10:56 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
  2014-08-03 18:18 - 2014-08-03 18:18 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Plocha\TFC.exe
  2014-08-03 17:31 - 2014-08-04 10:17 - 00000924 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
  2014-08-01 19:45 - 2014-08-01 19:45 - 00007646 _____ () C:\Documents and Settings\Owner\Plocha\zoek-results.txt
  2014-07-31 13:45 - 2014-07-31 13:45 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx
  
  Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[pavel123]

posílám fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:2-08-2014
Ran by Owner at 2014-08-05 09:39:35 Run:1
Running from C:\Documents and Settings\Owner\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
FF Extension: SavePass - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\RNEOMVW50611856@ZKVKQ22976610.com [2014-07-31]
FF Extension: Internet Speed Checker - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\sepherdwilbur@aol.com [2014-07-31]
FF Extension: Sense - C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\warnerroberts@hotmail.com [2014-07-31]

U4 epfwtdir; system32\DRIVERS\epfwtdir.sys [X]


2014-08-04 11:56 - 2014-08-04 11:57 - 00017449 _____ () C:\Documents and Settings\Owner\Plocha\FRST.txt
2014-08-04 11:54 - 2014-08-04 11:55 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe
2014-08-04 10:57 - 2014-08-04 11:37 - 00000000 ____D () C:\AdwCleaner
2014-08-04 10:56 - 2014-08-04 10:56 - 01361309 _____ () C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe
2014-08-03 18:18 - 2014-08-03 18:18 - 00448512 _____ (OldTimer Tools) C:\Documents and Settings\Owner\Plocha\TFC.exe
2014-08-03 17:31 - 2014-08-04 10:17 - 00000924 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2014-08-01 19:45 - 2014-08-01 19:45 - 00007646 _____ () C:\Documents and Settings\Owner\Plocha\zoek-results.txt
2014-07-31 13:45 - 2014-07-31 13:45 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\system32\AniGIF.ocx

Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Hosts:
Reboot:
End
*****************

C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\RNEOMVW50611856@ZKVKQ22976610.com => Moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\sepherdwilbur@aol.com => Moved successfully.
C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default\Extensions\warnerroberts@hotmail.com => Moved successfully.
epfwtdir => Error deleting Service
C:\Documents and Settings\Owner\Plocha\FRST.txt => Moved successfully.
C:\Documents and Settings\Owner\Plocha\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Owner\Plocha\adwcleaner_3.302.exe => Moved successfully.
C:\Documents and Settings\Owner\Plocha\TFC.exe => Moved successfully.
C:\WINDOWS\Tasks\Google Software Updater.job => Moved successfully.
C:\Documents and Settings\Owner\Plocha\zoek-results.txt => Moved successfully.
C:\WINDOWS\system32\AniGIF.ocx => Moved successfully.
C:\WINDOWS\Tasks\Google Software Updater.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Jak se chova Firefox??

[pavel123]

Nic moc reklam je tam méně, ale jsou tam... např. na seznam.cz je kromě aktualit 3x okénko na nějakou hru My Lands, pak je tam ještě nějaká jiná hra a ještě něco, celkem 5 blbostí, jestli to dobře počítám.
Na Chromu na seznamu není z tohohle nic.
Firefox jsem včera instaloval nově (původní jsem odinstaloval) a je to verze 31.0.

[vyosek]

Zkuste FF odinstalovat a i smazat profil - navod zde http://www.tipypropc.cz/jak-kompletne-o ... t-firefox/

[pavel123]

Když jsem četl návod na zbavení se Firefoxu, připadalo mi, že to je přesně to, co je potřeba. Bohužel ale ten profil v Doc.and Settings (C:\Documents and Settings\jméno_uživatele\Data Aplikací\Mozilla\Firefox\Profiles\xyz.default\) nemám (resp. nenašel jsem ho).
Co je ale zajímavé, že jsem tam našel tohle: C:\Documents and Settings\All Users\Application Data\GOOBZO\YouTube Accelerator , kterého jsme se snažili zbavit
Nejspíš je to jen nějaký zbytek - jsou tam 2 soubory, config a va_conf .

K tomu profilu - zkusil vyhledat všechno s názvem mozilla a profil to nenašlo. Je možné, že když jsem Firefox odinstaloval přes Ccleaner, že to smazalo i ten profil? Ccleaner jsem ale použil i včera, když jsem Firefox odinstaloval. Po odinstalování jsem notebook projel Ccleanerem.

Mám tedy Firefox naistalovat znovu a ten zbytek Youtube Acceleratoru smazat?

[pavel123]

Zapomněl jsem napsat, co to našlo s názvem Mozilla - např. jakýsi profil v adresáři FRST - vůbec nevím, kde se to vzalo. Konkrétně C:\FRST\Quarantine\C\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\Profiles\qplye22f.default - to názvem odpovídá tomu profilu, o které se píše v tom vláknu, co jste mi poslal odkaz. Ale datum vytvoření je dnešní.

[vyosek]

Adresar FRST je zaloha z nej to nebezi

Tohle C:\Documents and Settings\All Users\Application Data\GOOBZO\YouTube Accelerator cely smazte

Pokud mate FF odinstalovany, tak smazte jeste i slozku C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\

Procisteni CCleanerem - registry

Pak nova instalace FF

[pavel123]

FF je odinstalovaný, složku C:\Documents and Settings\All Users\Application Data\GOOBZO\YouTube Accelerator jsem celou smazal, teď tam je už jen C:\Documents and Settings\All Users\Application Data.

Jak jsem psal, C:\Documents and Settings\Owner\Data aplikací\Mozilla\Firefox\ v pc vůbec nemám - to mě právě mate.
Nemám ji ani pod uživatelem admin ani pod all users. Jediná složka Application Data je pod uživatelem All Users a tam byla jedině ta položka GOOBZO\YouTube Accelerator, ten jsem teď smazal. Ještě to projedu Ccleanerem a nainstaluju nově FF.