VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kamaradky pocitac

https://forum.viry.cz:443/viewtopic.php?t=140100

Stránka 1 z 1

Kamaradky pocitac

Napsal: 07 zář 2014 02:26
od Šulyman
Snazim se pomoct dobre kamaradce ktera ma notas 6 let bez jakekoliv udrzby. Stroj zpracovava i jednoduche prikazy extremne pomalu, vytvoreni logu trvalo okolo 40 minut. Doufam ze bude mozne zachovat stavajici w7. Predem dekuji za vas cas.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2014
Ran by Aneta (administrator) on ANETA-HP on 07-09-2014 02:21:52
Running from C:\Users\Aneta\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Gemfor s.r.o.) C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Opera Software) C:\Program Files\Opera\launcher.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Program Files\Opera\23.0.1522.75\opera_autoupdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Opera Software ASA) C:\Windows\Temp\CProgram FilesOpera\2592_10598\Opera_24.0.1558.53_Autoupdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2010-01-12] (PDF Complete Inc)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532683-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532693-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c15326ae-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchnu.com/410
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {87F5EC5B-FC70-4E10-B892-9C8E31B8C9CE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={E896 ... 2012-03-25 21:02:18&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {E639A6D7-3058-4421-841C-BC33C77183E1} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{26D5F57C-DA1F-2B15-918A-B0204B6FDB04}: [NameServer] 62.141.0.1 213.162.65.1

FireFox:
========
FF ProfilePath: C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: ZEON/PDF,version=2.0 -> C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-29]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-13]
FF Extension: PDF Converter 6.0 - C:\Program Files\Nuance\PDF Professional 6\FireFox [2010-12-26]

Chrome:
=======
CHR DefaultSearchKeyword: Default -> r
CHR DefaultSearchProvider: Default -> Search Results
CHR DefaultSearchURL: Default -> http://dts.search-results.com/sr?src=cr ... earchTerms}
CHR DefaultSuggestURL: Default ->
CHR CustomProfile: C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-07]
CHR Extension: (Peněženka Google) - C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ameisvc; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [67312 2010-03-02] (Gemfor s.r.o.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [134944 2009-11-03] (Nuance Communications, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-29] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-01-19] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-10-21] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-07 02:21 - 2014-09-07 02:57 - 00015100 _____ () C:\Users\Aneta\Desktop\FRST.txt
2014-09-07 02:17 - 2014-09-07 02:35 - 00000000 ____D () C:\FRST
2014-09-07 01:47 - 2014-09-07 01:43 - 01096704 _____ (Farbar) C:\Users\Aneta\Desktop\FRST.exe
2014-09-04 07:18 - 2014-09-06 00:27 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-08-30 19:20 - 2014-09-07 01:49 - 00000448 _____ () C:\windows\setupact.log
2014-08-30 19:20 - 2014-08-30 19:20 - 00000578 _____ () C:\windows\PFRO.log
2014-08-30 19:20 - 2014-08-30 19:20 - 00000000 _____ () C:\windows\setuperr.log
2014-08-30 11:35 - 2014-08-30 11:35 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 11:28 - 2014-08-30 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-27 16:10 - 2014-08-27 16:10 - 00000000 ____D () C:\Users\Aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-08-24 20:56 - 2014-08-24 20:56 - 00000000 ____H () C:\Users\Aneta\AppData\Local\BITF749.tmp
2014-08-24 20:56 - 2014-08-24 20:56 - 00000000 _____ () C:\Users\Aneta\AppData\Local\{159A3212-F7D4-4B2C-99FA-FC33075AB814}
2014-08-24 20:49 - 2014-08-24 20:49 - 00000000 ____H () C:\Users\Aneta\AppData\Local\BIT366A.tmp
2014-08-24 20:49 - 2014-08-24 20:49 - 00000000 _____ () C:\Users\Aneta\AppData\Local\{DB9A5EB8-4AD1-4E09-AA7E-D1F2F7D1230B}
2014-08-21 20:55 - 2014-08-21 20:56 - 00000000 ____D () C:\Users\Aneta\Desktop\AHS titulky
2014-08-19 22:00 - 2014-08-21 21:09 - 00000000 ____D () C:\Users\Aneta\Desktop\American Horror Story - Season 1 part 1
2014-08-19 21:54 - 2014-08-19 21:54 - 00744021 _____ () C:\Users\Aneta\Desktop\american-horror-story-1-rada-titulky-cz-sz.zip
2014-08-19 21:22 - 2014-08-19 21:23 - 00066913 _____ () C:\Users\Aneta\Downloads\bluescreenview (1).zip
2014-08-19 20:54 - 2014-08-21 20:49 - 00000000 ____D () C:\Users\Aneta\Desktop\Connie venku
2014-08-18 19:48 - 2014-07-23 10:52 - 00231584 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-07 02:57 - 2014-09-07 02:21 - 00015100 _____ () C:\Users\Aneta\Desktop\FRST.txt
2014-09-07 02:56 - 2010-09-01 17:36 - 01781225 _____ () C:\windows\WindowsUpdate.log
2014-09-07 02:55 - 2014-05-16 19:48 - 00000000 ____D () C:\Program Files\Opera
2014-09-07 02:42 - 2013-03-03 23:46 - 00000938 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 02:41 - 2009-07-14 06:34 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-07 02:40 - 2009-07-14 06:34 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-07 02:35 - 2014-09-07 02:17 - 00000000 ____D () C:\FRST
2014-09-07 02:05 - 2013-03-03 23:46 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 01:58 - 2014-02-16 00:03 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-07 01:51 - 2013-06-10 22:07 - 00000350 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-09-07 01:49 - 2014-08-30 19:20 - 00000448 _____ () C:\windows\setupact.log
2014-09-07 01:49 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-07 01:43 - 2014-09-07 01:47 - 01096704 _____ (Farbar) C:\Users\Aneta\Desktop\FRST.exe
2014-09-06 00:29 - 2012-10-03 19:43 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter
2014-09-06 00:27 - 2014-09-04 07:18 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-09-05 23:25 - 2009-07-14 06:53 - 00032558 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-08-30 19:43 - 2011-02-18 21:32 - 00000000 ____D () C:\Users\Aneta\AppData\Roaming\Skype
2014-08-30 19:20 - 2014-08-30 19:20 - 00000578 _____ () C:\windows\PFRO.log
2014-08-30 19:20 - 2014-08-30 19:20 - 00000000 _____ () C:\windows\setuperr.log
2014-08-30 18:57 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2014-08-30 18:56 - 2012-10-13 19:21 - 00000000 ____D () C:\Users\Aneta\AppData\Local\CrashDumps
2014-08-30 18:56 - 2012-07-11 23:01 - 00000000 ____D () C:\windows\Minidump
2014-08-30 18:56 - 2009-07-27 10:31 - 00000000 ____D () C:\windows\Panther
2014-08-30 11:35 - 2014-08-30 11:35 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 11:35 - 2014-08-30 11:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-29 18:08 - 2010-03-27 04:50 - 00930482 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-27 16:10 - 2014-08-27 16:10 - 00000000 ____D () C:\Users\Aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-08-24 20:56 - 2014-08-24 20:56 - 00000000 ____H () C:\Users\Aneta\AppData\Local\BITF749.tmp
2014-08-24 20:56 - 2014-08-24 20:56 - 00000000 _____ () C:\Users\Aneta\AppData\Local\{159A3212-F7D4-4B2C-99FA-FC33075AB814}
2014-08-24 20:49 - 2014-08-24 20:49 - 00000000 ____H () C:\Users\Aneta\AppData\Local\BIT366A.tmp
2014-08-24 20:49 - 2014-08-24 20:49 - 00000000 _____ () C:\Users\Aneta\AppData\Local\{DB9A5EB8-4AD1-4E09-AA7E-D1F2F7D1230B}
2014-08-21 21:09 - 2014-08-19 22:00 - 00000000 ____D () C:\Users\Aneta\Desktop\American Horror Story - Season 1 part 1
2014-08-21 20:56 - 2014-08-21 20:55 - 00000000 ____D () C:\Users\Aneta\Desktop\AHS titulky
2014-08-21 20:56 - 2013-07-20 21:21 - 00000000 ____D () C:\windows\system32\MRT
2014-08-21 20:53 - 2010-12-26 17:10 - 93585272 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-21 20:49 - 2014-08-19 20:54 - 00000000 ____D () C:\Users\Aneta\Desktop\Connie venku
2014-08-19 21:54 - 2014-08-19 21:54 - 00744021 _____ () C:\Users\Aneta\Desktop\american-horror-story-1-rada-titulky-cz-sz.zip
2014-08-19 21:23 - 2014-08-19 21:22 - 00066913 _____ () C:\Users\Aneta\Downloads\bluescreenview (1).zip
2014-08-19 05:17 - 2010-12-26 12:57 - 00125208 _____ () C:\Users\Aneta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-19 05:17 - 2010-12-26 12:53 - 00000000 ____D () C:\Users\Aneta
2014-08-19 05:17 - 2009-07-14 06:33 - 01849104 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-18 19:58 - 2014-02-16 00:03 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-08-18 19:58 - 2014-02-16 00:03 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-18 19:54 - 2013-12-15 23:20 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-30 18:48

==================== End Of Log ============================

Re: Kamaradky pocitac

Napsal: 07 zář 2014 08:14
od vyosek
Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Kamaradky pocitac

Napsal: 07 zář 2014 19:16
od Šulyman
Ahoj, diky za rychlou odpoved,
první JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Aneta on ne 07.09.2014 at 20:02:46,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1423684537-3366557919-2078362510-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\searchqutoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\datamngrui_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\searchqumediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\setupdatamngr_searchqu_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Aneta\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Aneta\appdata\locallow\searchquband"
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{0690DC6A-A082-4A7E-A45A-9B9D319E5E6B}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{13CC88AE-1305-4F25-A121-F379205E0322}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{146E40DA-5604-4292-AD08-FE9B03C767FE}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{1A17E1BE-D14E-4E0D-9734-4C3B34EB79F9}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{1A9381A8-4A03-4E0D-B608-0AFA16DF8DB2}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{1B0B9096-9FD2-43EB-A72B-F5F3B89353C5}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{1B3F41BF-4FBD-4837-9CFC-1BC84B4C6912}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{1FD6F8A7-D826-41B0-BDA0-7398B529B148}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{40AC3AB4-A7EC-4FA2-BF1F-879FEEE1BF36}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{4479633A-1641-4985-BF12-826CFD50E4F1}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{4569FB84-9C20-4D58-B45A-90A5A4C116EC}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{46221D5C-B3BF-43AF-B419-294240A86DA3}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{485DDC74-05B8-4C2D-AC7F-062D4742F992}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{48C47889-8658-4E11-A1AF-15E44FE45BE3}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{4B19F16A-08D7-4C6A-950D-D0129D4C8C87}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{4D113EFF-A0EF-4441-87B5-8807772161BF}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{560A8539-7FAB-42F5-BF0C-02C8813B7379}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{56D5BE58-D119-4118-8885-9AE664EF4E84}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{5F65F298-E7E3-48EE-B3E9-076A485B911C}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{5FA31B7C-5DC2-4B1F-A117-345F8472E62D}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{7FFF57F9-6192-48DD-A20D-0922D43742D1}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{8B8B0E85-585E-4CEE-B0F7-509AFBE6B3F0}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{96DEB5D8-DB27-4227-868F-864F91CBA08B}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{A08FA1AA-B52B-42CF-A508-E5E9FE995247}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{A4CC8A4A-803C-4C83-A214-436A9B703AC3}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{AA92B518-ADFB-48EF-AD06-D0C4CF30F9F9}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{AE9FF0C3-F425-4A9E-8DB2-A34D34A40B21}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{BC1ED676-29DC-4C6F-9C4E-A1B1B8B27F01}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{BF711B3A-F438-45FE-A242-58A774349BF6}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{D0B0AFB3-0D30-45E9-A486-46B0C95280AA}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{D3428E92-615F-4030-A0CE-95DEA5F12A3C}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{D9A9528B-A280-4348-82C0-97F879B5AFD7}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{E017B85D-B8FD-4090-A5AF-836EC03B5A21}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{E37D80FF-D735-4152-8CDC-8B03C7E6B31B}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{EC92C50C-1FD2-4D24-A155-11B73BEE1383}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{FA1085FB-8158-49DC-AD39-035720C317C0}
Successfully deleted: [Empty Folder] C:\Users\Aneta\appdata\local\{FF9579BE-ED49-4059-ABAA-77081724EDA3}



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\search_results.xml"
Successfully deleted: [File] C:\Users\Aneta\AppData\Roaming\mozilla\firefox\profiles\o33jrr3s.default\searchplugins\search_results.xml
Failed to delete: [Folder] C:\Users\Aneta\AppData\Roaming\mozilla\firefox\profiles\o33jrr3s.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 07.09.2014 at 20:06:05,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

a AdwareCleaner:

# AdwCleaner v3.309 - Report created 07/09/2014 at 20:09:05
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Aneta - ANETA-HP
# Running from : C:\Users\Aneta\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Aneta\AppData\LocalLow\AVG Security Toolbar
File Deleted : C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v3.6.13 (cs)

-\\ Google Chrome v37.0.2062.103

[ File : C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3509 octets] - [07/09/2014 20:06:57]
AdwCleaner[S0].txt - [3488 octets] - [07/09/2014 20:09:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3548 octets] ##########

Re: Kamaradky pocitac

Napsal: 07 zář 2014 21:57
od vyosek
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Kamaradky pocitac

Napsal: 09 zář 2014 06:23
od Šulyman
vysledky zoek:


Zoek.exe v5.0.0.0 Updated 06-August-2014
Tool run by Aneta on Łt 09.09.2014 at 6:52:47,49.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Aneta\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

9.9.2014 6:55:41 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1423684537-3366557919-2078362510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1423684537-3366557919-2078362510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1423684537-3366557919-2078362510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1423684537-3366557919-2078362510-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1423684537-3366557919-2078362510-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default\prefs.js:

Added to C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Program Files\GUTEA5F.tmp deleted
C:\Program Files\GUMEA5E.tmp deleted
C:\Users\Aneta\AppData\Local\BIT366A.tmp deleted
C:\Users\Aneta\AppData\Local\BITF749.tmp deleted
C:\Users\Aneta\Searches deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\system32\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\windows\system32\config\systemprofile\Searches deleted
"C:\Users\Aneta\AppData\Local\{159A3212-F7D4-4B2C-99FA-FC33075AB814}" deleted
"C:\Users\Aneta\AppData\Local\{DB9A5EB8-4AD1-4E09-AA7E-D1F2F7D1230B}" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- PDF Converter 6.0 - C:\Program Files\Nuance\PDF Professional 6\FireFox
- Undetermined - C:\Program Files\AVG\AVG2012\Firefox4
- Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5
- Undetermined - C:\Program Files\Searchqu Toolbar\Datamngr\FirefoxExtension
- PDF Converter 6.0 - %ProfilePath%\extensions\nuance@pdf6

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

==== Firefox Plugins ======================

Profilepath: C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default
4DA979E6A3269922A16D4653AEF26D7F - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
0A1FF0B674E2F268799442A434A63BB3 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
4C5191E946EF47C7267C8FAC30C1C668 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in
92AB52FC695C1D459E3BE9AFD6CE218D - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL - Microsoft Office 2003
8CC90A080E1C3C7DCEF3A0FA4CC2AF61 - C:\Program Files\Nuance\PDF Reader\Bin\nppdf.dll - Zeon Plus
8CC90A080E1C3C7DCEF3A0FA4CC2AF61 - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll - Zeon Plus
E01E08A5C8BB2196E9C7E23F8370D5FD - C:\Program Files\Nuance\PDF Professional 6\Bin\nppdf.dll - Zeon Plus


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[14.05.2013 13:27]

Skype Click to Call - Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.bing.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{783FB0DE-DAD1-42CA-BEEF-3AA2038443F1} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{87F5EC5B-FC70-4E10-B892-9C8E31B8C9CE} Google Url="https://www.google.com/search?q={searchTerms}"
{E639A6D7-3058-4421-841C-BC33C77183E1} WebHledani Url="http://www.webhledani.cz/results.aspx?i ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Users\Aneta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aneta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Aneta\AppData\Local\Mozilla\Firefox\Profiles\o33jrr3s.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=123 folders=5 12906459 bytes)

==== Empty Temp Folders ======================

C:\Users\Aneta\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Aneta\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on Łt 09.09.2014 at 7:21:18,57 ======================

Re: Kamaradky pocitac

Napsal: 09 zář 2014 08:26
od vyosek
Dejte novy log z FRST

Re: Kamaradky pocitac

Napsal: 09 zář 2014 19:14
od Šulyman
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2014
Ran by Aneta (administrator) on ANETA-HP on 09-09-2014 18:35:14
Running from C:\Users\Aneta\Desktop
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\stacsv.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\AEstSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Gemfor s.r.o.) C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2010-01-12] (PDF Complete Inc)
HKLM\...\Run: [WirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532683-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532693-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c15326ae-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {87F5EC5B-FC70-4E10-B892-9C8E31B8C9CE} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {E639A6D7-3058-4421-841C-BC33C77183E1} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll (Zeon Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{26D5F57C-DA1F-2B15-918A-B0204B6FDB04}: [NameServer] 62.141.0.1 213.162.65.1

FireFox:
========
FF ProfilePath: C:\Users\Aneta\AppData\Roaming\Mozilla\Firefox\Profiles\o33jrr3s.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: ZEON/PDF,version=2.0 -> C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-29]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-13]
FF Extension: PDF Converter 6.0 - C:\Program Files\Nuance\PDF Professional 6\FireFox [2010-12-26]

Chrome:
=======
CHR CustomProfile: C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-07]
CHR Extension: (Google Wallet) - C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ameisvc; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [67312 2010-03-02] (Gemfor s.r.o.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [120832 2009-10-15] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [134944 2009-11-03] (Nuance Communications, Inc.)
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [229458 2010-01-29] (IDT, Inc.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-01-19] ()
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-10-21] (Huawei Technologies Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 07:13 - 2014-09-09 06:52 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-09-09 06:55 - 2014-09-09 07:21 - 00011720 _____ () C:\zoek-results.log
2014-09-09 06:52 - 2014-09-09 07:12 - 00000000 ____D () C:\zoek_backup
2014-09-09 06:52 - 2014-09-09 06:50 - 01288704 _____ () C:\Users\Aneta\Desktop\zoek.exe
2014-09-07 21:56 - 2014-09-07 21:54 - 01370467 _____ () C:\Users\Aneta\Desktop\adwcleaner_3.309.exe
2014-09-07 21:56 - 2014-09-07 21:54 - 01016261 _____ (Thisisu) C:\Users\Aneta\Desktop\JRT.exe
2014-09-07 20:06 - 2014-09-07 20:09 - 00000000 ____D () C:\AdwCleaner
2014-09-07 20:06 - 2014-09-07 20:06 - 00008502 _____ () C:\Users\Aneta\Desktop\JRT.txt
2014-09-07 20:02 - 2014-09-07 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-09-07 03:20 - 2014-09-07 03:20 - 00008700 _____ () C:\Users\Aneta\Desktop\Addition.rar
2014-09-07 02:58 - 2014-09-07 03:01 - 00037153 _____ () C:\Users\Aneta\Desktop\Addition.txt
2014-09-07 02:21 - 2014-09-09 18:35 - 00012380 _____ () C:\Users\Aneta\Desktop\FRST.txt
2014-09-07 02:17 - 2014-09-09 18:35 - 00000000 ____D () C:\FRST
2014-09-07 01:47 - 2014-09-07 01:43 - 01096704 _____ (Farbar) C:\Users\Aneta\Desktop\FRST.exe
2014-09-04 07:18 - 2014-09-06 00:27 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-08-30 19:20 - 2014-09-09 18:27 - 00000728 _____ () C:\windows\setupact.log
2014-08-30 19:20 - 2014-09-09 07:21 - 00001210 _____ () C:\windows\PFRO.log
2014-08-30 19:20 - 2014-08-30 19:20 - 00000000 _____ () C:\windows\setuperr.log
2014-08-30 11:35 - 2014-08-30 11:35 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 11:28 - 2014-08-30 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-27 16:10 - 2014-08-27 16:10 - 00000000 ____D () C:\Users\Aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-08-21 20:55 - 2014-08-21 20:56 - 00000000 ____D () C:\Users\Aneta\Desktop\AHS titulky
2014-08-19 22:00 - 2014-08-21 21:09 - 00000000 ____D () C:\Users\Aneta\Desktop\American Horror Story - Season 1 part 1
2014-08-19 21:54 - 2014-08-19 21:54 - 00744021 _____ () C:\Users\Aneta\Desktop\american-horror-story-1-rada-titulky-cz-sz.zip
2014-08-19 21:22 - 2014-08-19 21:23 - 00066913 _____ () C:\Users\Aneta\Downloads\bluescreenview (1).zip
2014-08-19 20:54 - 2014-08-21 20:49 - 00000000 ____D () C:\Users\Aneta\Desktop\Connie venku
2014-08-18 19:48 - 2014-07-23 10:52 - 00231584 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-09 18:36 - 2014-09-07 02:21 - 00012380 _____ () C:\Users\Aneta\Desktop\FRST.txt
2014-09-09 18:35 - 2014-09-07 02:17 - 00000000 ____D () C:\FRST
2014-09-09 18:35 - 2009-07-14 06:34 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-09 18:35 - 2009-07-14 06:34 - 00019760 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-09 18:28 - 2013-03-03 23:46 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-09 18:27 - 2014-08-30 19:20 - 00000728 _____ () C:\windows\setupact.log
2014-09-09 18:27 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-09 07:25 - 2010-09-01 17:36 - 01840448 _____ () C:\windows\WindowsUpdate.log
2014-09-09 07:21 - 2014-09-09 06:55 - 00011720 _____ () C:\zoek-results.log
2014-09-09 07:21 - 2014-08-30 19:20 - 00001210 _____ () C:\windows\PFRO.log
2014-09-09 07:12 - 2014-09-09 06:52 - 00000000 ____D () C:\zoek_backup
2014-09-09 07:12 - 2010-12-26 12:53 - 00000000 ____D () C:\Users\Aneta
2014-09-09 06:58 - 2014-02-16 00:03 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-09 06:53 - 2010-03-27 04:50 - 00930482 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-09 06:52 - 2014-09-09 07:13 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-09-09 06:50 - 2014-09-09 06:52 - 01288704 _____ () C:\Users\Aneta\Desktop\zoek.exe
2014-09-07 23:42 - 2013-03-03 23:46 - 00000938 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 21:54 - 2014-09-07 21:56 - 01370467 _____ () C:\Users\Aneta\Desktop\adwcleaner_3.309.exe
2014-09-07 21:54 - 2014-09-07 21:56 - 01016261 _____ (Thisisu) C:\Users\Aneta\Desktop\JRT.exe
2014-09-07 20:09 - 2014-09-07 20:06 - 00000000 ____D () C:\AdwCleaner
2014-09-07 20:06 - 2014-09-07 20:06 - 00008502 _____ () C:\Users\Aneta\Desktop\JRT.txt
2014-09-07 20:02 - 2014-09-07 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-09-07 03:21 - 2013-12-15 23:20 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-07 03:20 - 2014-09-07 03:20 - 00008700 _____ () C:\Users\Aneta\Desktop\Addition.rar
2014-09-07 03:01 - 2014-09-07 02:58 - 00037153 _____ () C:\Users\Aneta\Desktop\Addition.txt
2014-09-07 02:55 - 2014-05-16 19:48 - 00000000 ____D () C:\Program Files\Opera
2014-09-07 01:43 - 2014-09-07 01:47 - 01096704 _____ (Farbar) C:\Users\Aneta\Desktop\FRST.exe
2014-09-06 00:29 - 2012-10-03 19:43 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter
2014-09-06 00:27 - 2014-09-04 07:18 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-09-05 23:25 - 2009-07-14 06:53 - 00032558 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-08-30 19:43 - 2011-02-18 21:32 - 00000000 ____D () C:\Users\Aneta\AppData\Roaming\Skype
2014-08-30 19:20 - 2014-08-30 19:20 - 00000000 _____ () C:\windows\setuperr.log
2014-08-30 18:57 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\rescache
2014-08-30 18:56 - 2012-10-13 19:21 - 00000000 ____D () C:\Users\Aneta\AppData\Local\CrashDumps
2014-08-30 18:56 - 2012-07-11 23:01 - 00000000 ____D () C:\windows\Minidump
2014-08-30 18:56 - 2009-07-27 10:31 - 00000000 ____D () C:\windows\Panther
2014-08-30 11:35 - 2014-08-30 11:35 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 11:35 - 2014-08-30 11:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-27 16:10 - 2014-08-27 16:10 - 00000000 ____D () C:\Users\Aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2014-08-21 21:09 - 2014-08-19 22:00 - 00000000 ____D () C:\Users\Aneta\Desktop\American Horror Story - Season 1 part 1
2014-08-21 20:56 - 2014-08-21 20:55 - 00000000 ____D () C:\Users\Aneta\Desktop\AHS titulky
2014-08-21 20:56 - 2013-07-20 21:21 - 00000000 ____D () C:\windows\system32\MRT
2014-08-21 20:53 - 2010-12-26 17:10 - 93585272 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-21 20:49 - 2014-08-19 20:54 - 00000000 ____D () C:\Users\Aneta\Desktop\Connie venku
2014-08-19 21:54 - 2014-08-19 21:54 - 00744021 _____ () C:\Users\Aneta\Desktop\american-horror-story-1-rada-titulky-cz-sz.zip
2014-08-19 21:23 - 2014-08-19 21:22 - 00066913 _____ () C:\Users\Aneta\Downloads\bluescreenview (1).zip
2014-08-19 05:17 - 2010-12-26 12:57 - 00125208 _____ () C:\Users\Aneta\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-19 05:17 - 2009-07-14 06:33 - 01849104 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-18 19:58 - 2014-02-16 00:03 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-08-18 19:58 - 2014-02-16 00:03 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-07 20:49

==================== End Of Log ============================

Re: Kamaradky pocitac

Napsal: 10 zář 2014 13:27
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532683-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532693-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c15326ae-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-29]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-13]

CHR Extension: (Skype Click to Call) - C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-07]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

2014-09-09 07:13 - 2014-09-09 06:52 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-09-09 06:55 - 2014-09-09 07:21 - 00011720 _____ () C:\zoek-results.log
2014-09-09 06:52 - 2014-09-09 07:12 - 00000000 ____D () C:\zoek_backup
2014-09-09 06:52 - 2014-09-09 06:50 - 01288704 _____ () C:\Users\Aneta\Desktop\zoek.exe
2014-09-07 21:56 - 2014-09-07 21:54 - 01370467 _____ () C:\Users\Aneta\Desktop\adwcleaner_3.309.exe
2014-09-07 21:56 - 2014-09-07 21:54 - 01016261 _____ (Thisisu) C:\Users\Aneta\Desktop\JRT.exe
2014-09-07 20:06 - 2014-09-07 20:09 - 00000000 ____D () C:\AdwCleaner
2014-09-07 20:06 - 2014-09-07 20:06 - 00008502 _____ () C:\Users\Aneta\Desktop\JRT.txt
2014-09-07 20:02 - 2014-09-07 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-09-07 03:20 - 2014-09-07 03:20 - 00008700 _____ () C:\Users\Aneta\Desktop\Addition.rar
2014-09-07 02:58 - 2014-09-07 03:01 - 00037153 _____ () C:\Users\Aneta\Desktop\Addition.txt
2014-09-07 02:21 - 2014-09-09 18:35 - 00012380 _____ () C:\Users\Aneta\Desktop\FRST.txt

Hosts:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Kamaradky pocitac

Napsal: 10 zář 2014 16:20
od Šulyman
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-09-2014
Ran by Aneta at 2014-09-10 17:14:29 Run:1
Running from C:\Users\Aneta\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation)
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: D - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532683-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c1532693-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\...\MountPoints2: {c15326ae-111b-11e0-bb49-1cc1dea277d3} - D:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-08-29]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-13]

CHR Extension: (Skype Click to Call) - C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-09-07]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]

2014-09-09 07:13 - 2014-09-09 06:52 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-09-09 06:55 - 2014-09-09 07:21 - 00011720 _____ () C:\zoek-results.log
2014-09-09 06:52 - 2014-09-09 07:12 - 00000000 ____D () C:\zoek_backup
2014-09-09 06:52 - 2014-09-09 06:50 - 01288704 _____ () C:\Users\Aneta\Desktop\zoek.exe
2014-09-07 21:56 - 2014-09-07 21:54 - 01370467 _____ () C:\Users\Aneta\Desktop\adwcleaner_3.309.exe
2014-09-07 21:56 - 2014-09-07 21:54 - 01016261 _____ (Thisisu) C:\Users\Aneta\Desktop\JRT.exe
2014-09-07 20:06 - 2014-09-07 20:09 - 00000000 ____D () C:\AdwCleaner
2014-09-07 20:06 - 2014-09-07 20:06 - 00008502 _____ () C:\Users\Aneta\Desktop\JRT.txt
2014-09-07 20:02 - 2014-09-07 20:02 - 00000000 ____D () C:\windows\ERUNT
2014-09-07 03:20 - 2014-09-07 03:20 - 00008700 _____ () C:\Users\Aneta\Desktop\Addition.rar
2014-09-07 02:58 - 2014-09-07 03:01 - 00037153 _____ () C:\Users\Aneta\Desktop\Addition.txt
2014-09-07 02:21 - 2014-09-09 18:35 - 00012380 _____ () C:\Users\Aneta\Desktop\FRST.txt

Hosts:
Reboot:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nuance PDF Reader-reminder => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [280576 2013-04-30] (Microsoft Corporation) => Value not found.
"HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-1423684537-3366557919-2078362510-1001" => Key not found.
"HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-1423684537-3366557919-2078362510-1001" => Key not found.
"HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1532683-111b-11e0-bb49-1cc1dea277d3}" => Key deleted successfully.
"HKCR\CLSID\{c1532683-111b-11e0-bb49-1cc1dea277d3}" => Key not found.
"HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c1532693-111b-11e0-bb49-1cc1dea277d3}" => Key deleted successfully.
"HKCR\CLSID\{c1532693-111b-11e0-bb49-1cc1dea277d3}" => Key not found.
"HKU\S-1-5-21-1423684537-3366557919-2078362510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c15326ae-111b-11e0-bb49-1cc1dea277d3}" => Key deleted successfully.
"HKCR\CLSID\{c15326ae-111b-11e0-bb49-1cc1dea277d3}" => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk => Moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} => Moved successfully.
C:\Users\Aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Aneta\Desktop\zoek.exe => Moved successfully.
C:\Users\Aneta\Desktop\adwcleaner_3.309.exe => Moved successfully.
C:\Users\Aneta\Desktop\JRT.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Aneta\Desktop\JRT.txt => Moved successfully.
C:\windows\ERUNT => Moved successfully.
C:\Users\Aneta\Desktop\Addition.rar => Moved successfully.
C:\Users\Aneta\Desktop\Addition.txt => Moved successfully.
C:\Users\Aneta\Desktop\FRST.txt => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Re: Kamaradky pocitac

Napsal: 10 zář 2014 16:32
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz