VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

http://istart.webssearches.com/

https://forum.viry.cz:443/viewtopic.php?t=140154

Stránka 1 z 2

http://istart.webssearches.com/

Napsal: 09 zář 2014 20:34
od netki
Nemohu odstranit: hxxp://istart.webssearches.com/
Pomůžete?
info.txt logfile of random's system information tool 1.10 2014-09-09 21:24:33

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F85100183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731EFE4E110F850C00807E00800F848A00B280EB825532E48A5600CD135DEB9C813EFE7D55AA756EFF7600E88A000F851500B0D1E664E87F00B0DFE660E8780000000064E87100B800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C0074FCBB0700B40ECD10EBF22BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D00000000627A99918BC5BB0000007D01031C80C4FF0008000000C0DA008080C4FF0780C4FF00C8DA0000A0FC0600FEFFFF0FFEFFFF0068D70700E021060000000000000000000000000000000055AA

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\NuNInst.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
Adobe Reader X (10.1.11) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
ASUS Touch Pad Extra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver-->"C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x5 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2-->C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Comodo Dragon-->"C:\Program Files\Comodo\Dragon\uninstall.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\37.0.2062.103\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Talk Plugin-->MsiExec.exe /I{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Gosaveanoow-->"C:\ProgramData\Gosaveanoow\UByPxPML0DQexI4.exe" !x:1 /s /n /i:"ExecuteCommands;UninstallCommands"
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Security Client-->MsiExec.exe /X{36A345C9-0691-45A1-AEEF-29ECEC8B5014}
Microsoft Security Essentials-->"C:\Program Files\Microsoft Security Client\Setup.exe" /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Motorola SM56 Speakerphone Modem-->rundll32.exe sm56co85.dll,SM56UnInstaller
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP3 Parser (KB2758694)-->MsiExec.exe /I{1D95BA90-F4F8-47EC-A882-441C99D30C1E}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
NB Probe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\SETUP.EXE" -l0x9
Nero 7 Essentials-->MsiExec.exe /X{97F32DF8-D66E-446A-A425-C1D7B45C1033}
NVIDIA Drivers-->C:\Windows\system32\nvunrm.exe UninstallGUI
OpenVPN 2.1_rc22-->C:\Program Files\OpenVPN\Uninstall.exe
Power4Gear eXtreme-->C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Realtek USB 2.0 Card Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8433C01-319F-3370-850E-87C35496299A} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {48B0C142-A0F4-3263-90E1-1984CBB8DD18} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {054F96E9-E89B-3DDB-AA70-A65194B921B4}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {F7DFD2B8-0CD1-4A51-AC71-A0582FE796C2}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {A514D470-B2E9-43BC-865B-5ECEE29AD33F}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition -->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {25E99E7A-DEA7-4077-856B-9DBA15BEE045}
SHARP MX/DX Series PCL/PS Printer Driver-->C:\Program Files\InstallShield Installation Information\{673E2CB8-8306-4F99-9DF9-6492C2F57072}\setup.exe -l0009 -uninst sn0eis.sii
Skype™ 6.18-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
Software602 Form Filler-->MsiExec.exe /X{51C3B2AE-0127-45CC-B10F-6AD308AC6AFE}
SW-Booster-->"c:\programdata\trusted publisher\sw-booster\sw-booster.exe" /uninstall
SW-Sustainer 1.80-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~1\SW-BOO~1\ASSIST~1.DLL",_uninstall /un
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
The KMPlayer (remove only)-->"C:\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {B2260BC9-D561-46EE-B33D-739CF760A2A9}
USB2.0 1.3M WebCam-->C:\Windows\StkUnist.exe
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
Wireless Console 2-->C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
YoutubeAdBluOckue-->"C:\ProgramData\YoutubeAdBluOckue\zAPuIEkvJsrUXkw.exe" !x:1 /s /n /i:"ExecuteCommands;UninstallCommands"

======Security center information======

AS: Windows Defender (disabled)

======System event log======

Computer Name: zastupkyne-ntb
Event Code: 4374
Message: Služba Windows Servicing zjistila, že balíček KB2507618(Security Update) nelze v tomto systému použít.
Record Number: 97939
Source Name: Microsoft-Windows-Servicing
Time Written: 20140307181210.000000-000
Event Type: Upozornění
User: ZSSUDKOV-REDIT-\ZSSudkov

Computer Name: zastupkyne-ntb
Event Code: 4371
Message: Služba Windows Servicing zahájila proces změny stavu balíčku KB2507618(Security Update) z Rozpoznáno(Resolved) na Nainstalováno(Installed).
Record Number: 97938
Source Name: Microsoft-Windows-Servicing
Time Written: 20140307181209.000000-000
Event Type: Informace
User: ZSSUDKOV-REDIT-\ZSSudkov

Computer Name: zastupkyne-ntb
Event Code: 4376
Message: Služba Servicing požádala o restartování za účelem dokončení operace nastavení balíčku KB2419640(Security Update) do stavu Rozfázovaný(Staged).
Record Number: 97937
Source Name: Microsoft-Windows-Servicing
Time Written: 20140307181209.000000-000
Event Type: Upozornění
User: ZSSUDKOV-REDIT-\ZSSudkov

Computer Name: zastupkyne-ntb
Event Code: 4376
Message: Služba Servicing požádala o restartování za účelem dokončení operace nastavení balíčku KB2419640(Security Update) do stavu Rozfázovaný(Staged).
Record Number: 97936
Source Name: Microsoft-Windows-Servicing
Time Written: 20140307181208.000000-000
Event Type: Upozornění
User: ZSSUDKOV-REDIT-\ZSSudkov

Computer Name: zastupkyne-ntb
Event Code: 4376
Message: Služba Servicing požádala o restartování za účelem dokončení operace nastavení balíčku KB2419640(Security Update) do stavu Rozfázovaný(Staged).
Record Number: 97935
Source Name: Microsoft-Windows-Servicing
Time Written: 20140307181208.000000-000
Event Type: Upozornění
User: ZSSUDKOV-REDIT-\ZSSudkov

=====Application event log=====

Computer Name: zastupkyne-ntb
Event Code: 10002
Message: Následující aplikace byla ukončena, protože došlo k jejímu zhroucení: ALU.exe.
Record Number: 534
Source Name: Microsoft-Windows-Winsrv
Time Written: 20071124060428.571600-000
Event Type: Informace
User: ZSSUDKOV-REDIT-\Administrator

Computer Name: zastupkyne-ntb
Event Code: 2
Message: Klient Certifikační služby byl úspěšně zastaven.
Record Number: 533
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20071124060421.738800-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: zastupkyne-ntb
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 532
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20130409212155.000000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: LH-EY66NV68OGJ0
Event Code: 8225
Message: Služba VSS bude ukončena z důvodu události ukončení ze Správce řízení služeb.
Record Number: 531
Source Name: VSS
Time Written: 20071124060406.000000-000
Event Type: Informace
User:

Computer Name: LH-EY66NV68OGJ0
Event Code: 1013
Message: Služba Windows Search byla řádně zastavena.

Record Number: 530
Source Name: Microsoft-Windows-Search
Time Written: 20071124060131.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: zastupkyne-ntb
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 549
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130409205431.056861-000
Event Type: Úspěch auditu
User:

Computer Name: zastupkyne-ntb
Event Code: 4634
Message: Účet byl odhlášen.

Předmět:
ID zabezpečení: S-1-5-7
Název účtu: ANONYMOUS LOGON
Doména účtu: NT AUTHORITY
ID přihlášení: 0x336dd

Typ přihlášení: 3

Tato událost je generována, pokud je zničena relace přihlášení. Může být spojena s událostí přihlášení pomocí hodnoty ID přihlášení. Hodnoty ID přihlášení jsou jednoznačné pouze v rámci jednotlivých restartů stejného počítače.
Record Number: 548
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20071124060419.071200-000
Event Type: Úspěch auditu
User:

Computer Name: LH-EY66NV68OGJ0
Event Code: 1108
Message: Služba protokolování událostí zjistila při zpracování příchozí události publikované z umístění Microsoft-Windows-Security-Auditing, že došlo k chybě.
Record Number: 547
Source Name: Microsoft-Windows-Eventlog
Time Written: 20071124060413.923200-000
Event Type: Úspěch auditu
User:

Computer Name: LH-EY66NV68OGJ0
Event Code: 1100
Message: Služba protokolování událostí byla ukončena.
Record Number: 546
Source Name: Microsoft-Windows-Eventlog
Time Written: 20071124060410.428800-000
Event Type: Úspěch auditu
User:

Computer Name: LH-EY66NV68OGJ0
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-1578806293-4075964732-472650498-500
Název účtu: Administrator
Název domény: LH-EY66NV68OGJ0
ID přihlášení: 0xbb306
Record Number: 545
Source Name: Microsoft-Windows-Eventlog
Time Written: 20071124060112.894000-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4c02
"NUMBER_OF_PROCESSORS"=1
"configsetroot"=%SystemRoot%\ConfigSetRoot
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

-----------------EOF-----------------

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 20:36
od vyosek
Zdravim :)

:arrow: Dejte log.txt

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 20:43
od netki
co je to log.txt

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 20:45
od vyosek
slozka c:\rsit\log.txt

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 20:47
od netki
Logfile of random's system information tool 1.10 (written by random/random)
Run by ZSSudkov at 2014-09-09 21:24:11
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 21 GB (36%) free of 57 GB
Total RAM: 1919 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:30, on 9.9.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16563)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\ZSSudkov\Downloads\RSIT.exe
C:\Program Files\trend micro\ZSSudkov.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XX5LZ6Y7NR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... XX5LZ6Y7NR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XX5LZ6Y7NR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... XX5LZ6Y7NR
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: GioosiaavENOw - {02622665-e4c5-4916-9197-ae743f373f2a} - C:\Program Files\GioosiaavENOw\jPrFwGpjOKpTHa.dll
O2 - BHO: YoutubeAdBluOckue - {c3d1bf0d-0343-4dc9-993e-3d68589e186f} - C:\Program Files\YoutubeAdBluOckue\0m8dZRguOdJJqE.dll
O2 - BHO: Gosaveanoow - {eb91659b-81b7-4890-9035-b77cb3daadde} - C:\Program Files\Gosaveanoow\yCZiwbiP54PDcy.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: c:\progra~1\sw-boo~1\assist~1.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

--
End of file - 7025 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000Core.job - C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000UA.job - C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SW-Booster-S-792098896.job - c:\programdata\trusted publisher\sw-booster\SW-Booster.exe /schedule /profile "c:\programdata\trusted publisher\sw-booster\792098896.ini"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02622665-e4c5-4916-9197-ae743f373f2a}]
GioosiaavENOw - C:\Program Files\GioosiaavENOw\jPrFwGpjOKpTHa.dll [2013-09-09 625152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3d1bf0d-0343-4dc9-993e-3d68589e186f}]
YoutubeAdBluOckue - C:\Program Files\YoutubeAdBluOckue\0m8dZRguOdJJqE.dll [2014-09-09 625152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb91659b-81b7-4890-9035-b77cb3daadde}]
Gosaveanoow - C:\Program Files\Gosaveanoow\yCZiwbiP54PDcy.dll [2014-09-09 625152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-03-26 1057328]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-04-25 4444160]
"Skytel"=C:\Windows\Skytel.exe [2007-04-13 1822720]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-11-02 61440]
"ASUSTPE"=C:\Windows\system32\ASUSTPE.exe [2007-01-17 106496]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-03-01 857648]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-05-14 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-05-14 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-05-14 81920]
"ASUS Camera ScreenSaver"=C:\Windows\ASScrProlog.exe [2007-11-24 37232]
"ASUS Screen Saver Protector"=C:\Windows\ASScrPro.exe [2007-11-24 33136]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe /c []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-07-24 21652064]
"LiveSupport"=C:\Program Files\LiveSupport\LiveSupport.exe /noshow /log []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\sw-boo~1\assist~1.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=MSh263.drv
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=serwvdrv.dll
"wave2"=serwvdrv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-09-09 21:24:12 ----D---- C:\Program Files\trend micro
2014-09-09 21:24:11 ----D---- C:\rsit
2014-09-09 20:34:07 ----D---- C:\Program Files\SW-Booster
2014-09-09 20:33:22 ----D---- C:\ProgramData\YoutubeAdBluOckue
2014-09-09 20:33:14 ----D---- C:\Program Files\YoutubeAdBluOckue
2014-09-09 20:31:21 ----D---- C:\ProgramData\Gosaveanoow
2014-09-09 20:31:15 ----D---- C:\Program Files\Gosaveanoow
2014-09-09 20:29:18 ----D---- C:\Users\ZSSudkov\AppData\Roaming\EZDownloader
2014-09-09 20:26:11 ----A---- C:\Users\ZSSudkov\AppData\Roaming\verclsid.exe_log.txt
2014-09-09 20:26:11 ----A---- C:\Users\ZSSudkov\AppData\Roaming\Explorer.EXE_log.txt
2014-09-09 20:25:25 ----A---- C:\Users\ZSSudkov\AppData\Roaming\LiveSupport.exe_log.txt
2014-09-09 20:25:24 ----A---- C:\Users\ZSSudkov\AppData\Roaming\regsvr32.exe_log.txt
2014-09-09 20:25:14 ----D---- C:\Users\ZSSudkov\AppData\Roaming\SkypEmoticons
2014-09-09 20:22:07 ----D---- C:\ProgramData\Trusted Publisher
2014-09-09 20:16:02 ----D---- C:\ProgramData\1559c912b8bfc341
2014-09-09 20:15:53 ----D---- C:\ProgramData\GioosiaavENOw
2014-09-09 20:15:44 ----D---- C:\Program Files\GioosiaavENOw
2014-09-02 18:46:40 ----A---- C:\Windows\system32\infocardapi.dll
2014-09-02 18:46:39 ----A---- C:\Windows\system32\icardagt.exe
2014-09-02 18:46:37 ----A---- C:\Windows\system32\icardres.dll
2014-09-02 18:46:22 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-09-02 18:29:04 ----A---- C:\Windows\system32\win32k.sys
2014-09-02 18:29:03 ----A---- C:\Windows\system32\gdi32.dll
2014-09-02 18:27:11 ----A---- C:\Windows\system32\msi.dll
2014-09-02 18:27:10 ----A---- C:\Windows\system32\msihnd.dll
2014-09-02 18:27:10 ----A---- C:\Windows\system32\consent.exe
2014-09-02 18:27:10 ----A---- C:\Windows\system32\authui.dll
2014-09-02 18:27:10 ----A---- C:\Windows\system32\appinfo.dll
2014-09-02 18:27:03 ----A---- C:\Windows\system32\vbscript.dll
2014-09-02 18:27:02 ----A---- C:\Windows\system32\dxtmsft.dll
2014-09-02 18:27:01 ----A---- C:\Windows\system32\wininet.dll
2014-09-02 18:27:01 ----A---- C:\Windows\system32\mshtmled.dll
2014-09-02 18:27:01 ----A---- C:\Windows\system32\jscript9.dll
2014-09-02 18:27:01 ----A---- C:\Windows\system32\jscript.dll
2014-09-02 18:27:01 ----A---- C:\Windows\system32\ieui.dll
2014-09-02 18:27:01 ----A---- C:\Windows\system32\dxtrans.dll
2014-09-02 18:26:58 ----A---- C:\Windows\system32\mshtml.dll
2014-09-02 18:26:55 ----A---- C:\Windows\system32\urlmon.dll
2014-09-02 18:26:55 ----A---- C:\Windows\system32\mshta.exe
2014-09-02 18:26:55 ----A---- C:\Windows\system32\msfeedssync.exe
2014-09-02 18:26:55 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-09-02 18:26:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-09-02 18:26:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-09-02 18:26:52 ----A---- C:\Windows\system32\url.dll
2014-09-02 18:26:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-09-02 18:26:52 ----A---- C:\Windows\system32\iertutil.dll
2014-09-02 18:26:51 ----A---- C:\Windows\system32\ieframe.dll
2014-09-02 18:26:44 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-09-02 18:26:43 ----A---- C:\Windows\system32\cdd.dll
2014-09-02 18:26:38 ----A---- C:\Windows\system32\tzres.dll
2014-08-27 20:48:06 ----D---- C:\Users\ZSSudkov\AppData\Roaming\GHISLER
2014-08-27 20:48:06 ----D---- C:\totalcmd
2014-08-25 20:24:37 ----A---- C:\Windows\system32\certsentry.dll
2014-08-25 20:24:09 ----D---- C:\Program Files\Comodo
2014-08-25 20:20:08 ----D---- C:\The KMPlayer

======List of files/folders modified in the last 1 month======

2014-09-09 21:24:12 ----RD---- C:\Program Files
2014-09-09 21:23:53 ----D---- C:\Windows\Temp
2014-09-09 21:16:11 ----D---- C:\Windows\Panther
2014-09-09 21:16:11 ----D---- C:\Windows\inf
2014-09-09 21:15:59 ----D---- C:\Windows\Logs
2014-09-09 21:15:56 ----D---- C:\Windows\Debug
2014-09-09 21:15:55 ----D---- C:\Windows
2014-09-09 21:08:40 ----D---- C:\Windows\System32
2014-09-09 21:08:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-09 21:01:58 ----D---- C:\Windows\system32\drivers
2014-09-09 20:40:14 ----D---- C:\Windows\system32\Tasks
2014-09-09 20:37:08 ----D---- C:\Windows\Prefetch
2014-09-09 20:34:26 ----D---- C:\Windows\Tasks
2014-09-09 20:33:22 ----HD---- C:\ProgramData
2014-09-09 20:15:44 ----HD---- C:\Windows\system32\GroupPolicy
2014-09-09 20:15:43 ----D---- C:\Program Files\Google
2014-09-09 20:15:38 ----RD---- C:\Users
2014-09-09 20:01:18 ----SHD---- C:\System Volume Information
2014-09-09 19:49:39 ----D---- C:\Users\ZSSudkov\AppData\Roaming\Skype
2014-09-04 06:10:01 ----D---- C:\Windows\Microsoft.NET
2014-09-04 06:09:01 ----RSD---- C:\Windows\assembly
2014-09-02 19:59:43 ----D---- C:\Windows\rescache
2014-09-02 19:34:57 ----D---- C:\Windows\system32\cs-CZ
2014-09-02 19:34:55 ----D---- C:\Windows\system32\migration
2014-09-02 19:34:54 ----D---- C:\Program Files\Internet Explorer
2014-09-02 19:11:04 ----SHD---- C:\Windows\Installer
2014-09-02 19:11:03 ----D---- C:\ProgramData\Microsoft Help
2014-09-02 19:09:20 ----D---- C:\Windows\system32\MRT
2014-09-02 18:53:56 ----A---- C:\Windows\system32\mrt.exe
2014-09-02 18:52:00 ----D---- C:\Windows\winsxs
2014-09-02 18:49:23 ----D---- C:\Windows\system32\catroot
2014-09-02 18:49:17 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-03-26 37040]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-02-05 11632]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-04-25 1771944]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-18 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-05-14 7115264]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR.SYS [2007-01-11 35328]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\Windows\System32\Drivers\StkCMini.sys [2007-02-13 1245056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-03-01 182456]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-11-20 25984]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-03-26 108592]
S1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-03-26 39472]
S2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-11-16 15216]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-05-15 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 c67abfdb;SW-Sustainer; c:\progra~1\sw-boo~1\AssistantSvc.dll [2014-09-09 174928]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-03-26 864816]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-29 123248]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\Windows\System32\StkCSrv.exe [2007-02-07 24576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-03-26 779824]
S3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2009-11-20 36352]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-09-11 770168]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 20:50
od vyosek
:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 21:05
od netki
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by ZSSudkov on Łt 09.09.2014 at 21:55:59,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\livesupport



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eb91659b-81b7-4890-9035-b77cb3daadde}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{eb91659b-81b7-4890-9035-b77cb3daadde}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{eb91659b-81b7-4890-9035-b77cb3daadde}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\ZSSudkov\documents\optimizer pro"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 09.09.2014 at 22:03:05,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: http://istart.webssearches.com/

Napsal: 09 zář 2014 21:12
od netki
# AdwCleaner v3.309 - Report created 09/09/2014 at 22:07:04
# Updated 02/09/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : ZSSudkov - ZSSUDKOV-REDIT-
# Running from : C:\Users\ZSSudkov\Downloads\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : c67abfdb

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\Program Files\sw-booster
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\ZSSudkov\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\ZSSudkov\AppData\Local\torch
Folder Deleted : C:\Users\ZSSudkov\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\ZSSudkov\AppData\Roaming\SkypEmoticons
File Deleted : C:\Users\ZSSudkov\AppData\Roaming\Explorer.EXE_log.txt
File Deleted : C:\Users\ZSSudkov\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\ZSSudkov\AppData\Roaming\regsvr32.exe_log.txt

***** [ Scheduled Tasks ] *****

Task Deleted : SW-Booster-S-792098896

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\SW-Booster
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\sw-boo~1\assist~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16563

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v37.0.2062.103

[ File : C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5462 octets] - [09/09/2014 22:05:28]
AdwCleaner[S0].txt - [4118 octets] - [09/09/2014 22:07:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4178 octets] ##########

Re: http://istart.webssearches.com/

Napsal: 10 zář 2014 06:52
od vyosek
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: http://istart.webssearches.com/

Napsal: 10 zář 2014 21:51
od netki
Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by ZSSudkov on st 10.09.2014 at 22:31:22,62.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ZSSudkov\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10.9.2014 22:32:04 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Dragon\shell\open\command]
@="C:\\Program Files\\Comodo\\Dragon\\dragon.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\YoutubeAdBluOckue deleted
C:\PROGRA~2\YoutubeAdBluOckue deleted
"C:\PROGRA~2\1559c912b8bfc341\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140909203330" deleted
"C:\PROGRA~2\1559c912b8bfc341\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140909202034" deleted
"C:\PROGRA~2\1559c912b8bfc341\{D5314663-3E59-BDB8-2150-E72C9107C551}.20140909201602" deleted
"C:\PROGRA~2\1559c912b8bfc341\{D5314663-3E59-BDB8-2150-E72C9107C551}.20140909203129" deleted
"C:\PROGRA~2\1559c912b8bfc341" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [15.04.2013 09:25]

==== Chromium Look ======================

Social Face - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Stylish - ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe
Gosaveanoow - ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh
Social Face - ZSSudkov\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie
GioosiaavENOw - ZSSudkov\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke
Gosaveanoow - ZSSudkov\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh

==== Chromium Startpages ======================

C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.seznam.cz/",
"startup_urls": [ "http://www.seznam.cz/" ],


==== Chromium Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_deoodoglhbmpafkajmlggnjnngdclnie_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fccmikekeibjljbkdjljecoehlcdibke deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gmhcnpeicaannlmjnglmdeomohngnnhh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1578806293-4075964732-472650498-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{c3d1bf0d-0343-4dc9-993e-3d68589e186f} deleted successfully
HKEY_USERS\S-1-5-21-1578806293-4075964732-472650498-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{c3d1bf0d-0343-4dc9-993e-3d68589e186f} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c3d1bf0d-0343-4dc9-993e-3d68589e186f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{c3d1bf0d-0343-4dc9-993e-3d68589e186f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3d1bf0d-0343-4dc9-993e-3d68589e186f} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ZSSudkov\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ZSSudkov\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00M578MV will be deleted at reboot
C:\Users\ZSSudkov\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ZSSudkov\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=201 folders=57 7807222 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\ZSSudkov\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ZSSudkov\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\ZSSudkov\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\ZSSudkov\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00M578MV" not found

==== EOF on st 10.09.2014 at 22:50:21,21 ======================

Re: http://istart.webssearches.com/

Napsal: 10 zář 2014 21:58
od vyosek
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Re: http://istart.webssearches.com/

Napsal: 10 zář 2014 22:43
od netki
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-09-2014
Ran by ZSSudkov (administrator) on ZSSUDKOV-REDIT- on 10-09-2014 23:34:25
Running from C:\Users\ZSSudkov\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files\ATK Hotkey\ASLDRSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
() C:\Program Files\ATKOSD2\ATKOSD2.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(Comodo Security Solutions, Inc.) C:\Program Files\Comodo\Dragon\dragon_updater.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(Syntek America Inc.) C:\Windows\System32\StkCSrv.exe
() C:\Program Files\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Nero AG) C:\Program Files\Nero\Nero 7\InCD\InCD.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(ASUSTeK Computer INC.) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Windows\System32\ASUSTPE.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\ASScrPro.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\ZSSudkov\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161328 2007-03-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057328 2007-03-26] (Nero AG)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4444160 2007-04-25] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1822720 2007-04-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [61440 2006-11-02] (ASUSTeK Computer INC.)
HKLM\...\Run: [ASUSTPE] => C:\Windows\system32\ASUSTPE.exe [106496 2007-01-17] (ASUS)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-03-01] (Synaptics, Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\ASScrProlog.exe [37232 2007-11-24] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\ASScrPro.exe [33136 2007-11-24] ()
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\...\Run: [Google Update] => "C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: GioosiaavENOw -> {02622665-e4c5-4916-9197-ae743f373f2a} -> C:\Program Files\GioosiaavENOw\jPrFwGpjOKpTHa.dll ()
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1 194.228.41.65

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\ZSSudkov\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\ZSSudkov\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\ZSSudkov\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\ZSSudkov\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Users\ZSSudkov\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ZSSudkov\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-04-11]

Chrome:
=======
CHR HomePage: Default -> 2480B60EC9B771012E392C2707FB09E299FC81A10D719B7509784855C4AC9655
CHR DefaultSearchKeyword: Default -> F54F4864B35E2EA1F507E5E3FF8EE24FE8785F77146A8A08A92309CCC30A0468
CHR DefaultSearchProvider: Default -> 44CCF6DF33E6D7374F4E72F82337B57B1715CAB474ABF1C6FDC7D024C97185D1
CHR DefaultSearchURL: Default -> 33999E4D9AF8CA961E815477B8FA2102744543B56E427FA67747D3209F6E2044
CHR CustomProfile: C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-10]
CHR Extension: (Dokumenty Google) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-10]
CHR Extension: (Disk Google) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-10]
CHR Extension: (YouTube) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-10]
CHR Extension: (Vyhledávání Google) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-10]
CHR Extension: (VPN.S HTTP Proxy) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoodoglhbmpafkajmlggnjnngdclnie [2014-09-10]
CHR Extension: (Tabulky Google) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-10]
CHR Extension: (Stylish) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-09-10]
CHR Extension: (Peněženka Google) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-10]
CHR Extension: (Gmail) - C:\Users\ZSSudkov\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-02-06] () [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-05-15] () [File not signed]
R2 DragonUpdater; C:\Program Files\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 InCDsrv; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [864816 2007-03-26] (Nero AG)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [36352 2009-11-20] () [File not signed]
R2 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [123248 2006-12-29] () [File not signed]
R2 StkSSrv; C:\Windows\System32\StkCSrv.exe [24576 2007-02-07] (Syntek America Inc.)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [11632 2007-02-05] () [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [15216 2006-11-16] () [File not signed]
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [108592 2007-03-26] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [37040 2007-03-26] (Nero AG)
U1 InCDrec; C:\Windows\system32\Drivers\InCDrec.sys [16304 2007-03-26] (Nero AG)
S1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [39472 2007-03-26] (Nero AG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [5632 2007-01-24] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [1245056 2007-02-13] (Syntek)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [25984 2009-11-20] (The OpenVPN Project)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 23:34 - 2014-09-10 23:35 - 00013289 _____ () C:\Users\ZSSudkov\Desktop\FRST.txt
2014-09-10 23:32 - 2014-09-10 23:32 - 00112640 _____ (forum.viry.cz) C:\Users\ZSSudkov\Desktop\FRSTLauncher.exe
2014-09-10 23:27 - 2014-09-10 23:25 - 01097728 _____ (Farbar) C:\Users\ZSSudkov\Desktop\FRST.exe
2014-09-10 23:25 - 2014-09-10 23:34 - 00000000 ____D () C:\FRST
2014-09-10 23:24 - 2014-09-10 23:25 - 01097728 _____ (Farbar) C:\Users\ZSSudkov\Downloads\FRST.exe
2014-09-10 23:17 - 2014-09-10 23:22 - 72896571 _____ () C:\Users\ZSSudkov\Downloads\Tenda_USBdriver v3.0.rar
2014-09-10 23:16 - 2014-09-10 23:16 - 03300182 _____ () C:\Users\ZSSudkov\Downloads\User Guide_English.zip
2014-09-10 22:46 - 2014-09-10 22:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-10 22:31 - 2014-09-10 22:50 - 00015244 _____ () C:\zoek-results.log
2014-09-10 22:28 - 2014-09-10 22:44 - 00000000 ____D () C:\zoek_backup
2014-09-10 22:28 - 2014-09-10 22:28 - 01290240 _____ () C:\Users\ZSSudkov\Desktop\zoek.exe
2014-09-09 22:08 - 2014-09-10 22:49 - 00001256 _____ () C:\Windows\PFRO.log
2014-09-09 22:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-09 22:03 - 2014-09-09 22:03 - 00001449 _____ () C:\Users\ZSSudkov\Desktop\JRT.txt
2014-09-09 22:01 - 2014-09-09 22:07 - 00000000 ____D () C:\AdwCleaner
2014-09-09 22:00 - 2014-09-09 22:00 - 01370467 _____ () C:\Users\ZSSudkov\Downloads\adwcleaner_3.309.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 01016261 _____ (Thisisu) C:\Users\ZSSudkov\Downloads\JRT.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\rsit
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Program Files\trend micro
2014-09-09 21:23 - 2014-09-09 21:23 - 01107968 _____ () C:\Users\ZSSudkov\Downloads\RSIT.exe
2014-09-09 20:36 - 2014-09-09 20:37 - 00000000 ____D () C:\Users\ZSSudkov\Downloads\happyHouse
2014-09-09 20:36 - 2014-09-09 20:36 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Local\GHISLER
2014-09-09 20:31 - 2014-09-09 20:31 - 00000000 ____D () C:\ProgramData\Gosaveanoow
2014-09-09 20:31 - 2014-09-09 20:31 - 00000000 ____D () C:\Program Files\Gosaveanoow
2014-09-09 20:15 - 2014-09-09 20:31 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 20:15 - 2014-09-09 20:16 - 00000000 ____D () C:\ProgramData\GioosiaavENOw
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Guest
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Administrator
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Program Files\GioosiaavENOw
2014-09-09 20:08 - 2014-09-09 20:08 - 00865792 _____ (Of Or) C:\Users\ZSSudkov\Downloads\Happy House_ Level 1 (Audio CD TB WB flashcards).exe
2014-09-09 20:04 - 2014-09-09 20:15 - 184965638 _____ () C:\Users\ZSSudkov\Downloads\Happy-House-New-Edition-2.rar.crdownload
2014-09-07 23:58 - 2014-09-07 23:58 - 00010410 _____ () C:\Users\ZSSudkov\Documents\SD.xlsx
2014-09-07 23:57 - 2014-09-07 23:57 - 00010499 _____ () C:\Users\ZSSudkov\Documents\Sj.xlsx
2014-09-07 23:55 - 2014-09-07 23:55 - 00010754 _____ () C:\Users\ZSSudkov\Documents\MS.xlsx
2014-09-07 22:41 - 2014-09-07 23:34 - 00011235 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh9.xlsx
2014-09-07 22:40 - 2014-09-07 23:35 - 00011143 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh8.xlsx
2014-09-07 22:40 - 2014-09-07 22:40 - 00009193 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh7.xlsx
2014-09-07 22:39 - 2014-09-07 22:39 - 00009167 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh6.xlsx
2014-09-07 22:39 - 2014-09-07 22:39 - 00008974 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh5.xlsx
2014-09-07 22:38 - 2014-09-07 22:38 - 00008955 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh4.xlsx
2014-09-07 22:38 - 2014-09-07 22:38 - 00008849 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh3.xlsx
2014-09-07 22:37 - 2014-09-07 22:41 - 00010652 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh1.xlsx
2014-09-07 22:37 - 2014-09-07 22:37 - 00008722 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh2.xlsx
2014-09-07 22:26 - 2014-09-07 22:26 - 00021430 _____ () C:\Users\ZSSudkov\Desktop\Rozvrhy.xlsx
2014-09-02 18:46 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-02 18:46 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-02 18:46 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-02 18:46 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-02 18:29 - 2014-08-23 03:03 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-02 18:29 - 2014-08-23 01:26 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-02 18:27 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-02 18:27 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-02 18:27 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-02 18:27 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-02 18:27 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-02 18:27 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-02 18:27 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-02 18:27 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-02 18:27 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-02 18:27 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-02 18:27 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-02 18:27 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-09-02 18:27 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-02 18:26 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-02 18:26 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-02 18:26 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-02 18:26 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-02 18:26 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-02 18:26 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-02 18:26 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-02 18:26 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-02 18:26 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-02 18:26 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-02 18:26 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-02 18:26 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-02 18:26 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-02 18:26 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-02 18:26 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-02 18:26 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-09-01 23:13 - 2014-09-01 23:13 - 00016370 _____ () C:\Users\ZSSudkov\Desktop\Hodnocení.xlsx
2014-08-30 18:11 - 2014-09-02 19:42 - 00000000 ____D () C:\Users\ZSSudkov\Desktop\moje
2014-08-30 18:05 - 2014-08-30 18:06 - 00000000 ____D () C:\Users\ZSSudkov\Desktop\zástupci
2014-08-27 20:48 - 2014-08-27 21:01 - 00000000 ____D () C:\totalcmd
2014-08-27 20:48 - 2014-08-27 20:48 - 00000591 _____ () C:\Users\ZSSudkov\Desktop\Total Commander.lnk
2014-08-27 20:48 - 2014-08-27 20:48 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-08-27 20:48 - 2014-08-27 20:48 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\GHISLER
2014-08-25 20:24 - 2014-08-25 20:24 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-08-25 20:24 - 2014-08-25 20:24 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Local\Comodo
2014-08-25 20:24 - 2014-08-25 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-08-25 20:24 - 2014-08-25 20:24 - 00000000 ____D () C:\Program Files\Comodo
2014-08-25 20:21 - 2014-08-25 20:21 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-08-25 20:20 - 2014-08-26 20:41 - 00000000 ____D () C:\The KMPlayer
2014-08-22 13:20 - 2014-08-27 14:25 - 00008704 _____ () C:\Users\ZSSudkov\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-10 23:35 - 2014-09-10 23:34 - 00013289 _____ () C:\Users\ZSSudkov\Desktop\FRST.txt
2014-09-10 23:34 - 2014-09-10 23:25 - 00000000 ____D () C:\FRST
2014-09-10 23:32 - 2014-09-10 23:32 - 00112640 _____ (forum.viry.cz) C:\Users\ZSSudkov\Desktop\FRSTLauncher.exe
2014-09-10 23:27 - 2013-04-25 07:10 - 00027620 _____ () C:\Users\ZSSudkov\AppData\Roaming\nvModes.001
2014-09-10 23:25 - 2014-09-10 23:27 - 01097728 _____ (Farbar) C:\Users\ZSSudkov\Desktop\FRST.exe
2014-09-10 23:25 - 2014-09-10 23:24 - 01097728 _____ (Farbar) C:\Users\ZSSudkov\Downloads\FRST.exe
2014-09-10 23:24 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 23:24 - 2006-11-02 14:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 23:22 - 2014-09-10 23:17 - 72896571 _____ () C:\Users\ZSSudkov\Downloads\Tenda_USBdriver v3.0.rar
2014-09-10 23:19 - 2014-03-06 22:13 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000UA.job
2014-09-10 23:19 - 2013-04-09 14:44 - 00000944 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 23:16 - 2014-09-10 23:16 - 03300182 _____ () C:\Users\ZSSudkov\Downloads\User Guide_English.zip
2014-09-10 23:11 - 2007-11-24 04:20 - 01915836 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 22:56 - 2006-11-02 12:33 - 01538982 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 22:50 - 2014-09-10 22:31 - 00015244 _____ () C:\zoek-results.log
2014-09-10 22:49 - 2014-09-09 22:08 - 00001256 _____ () C:\Windows\PFRO.log
2014-09-10 22:49 - 2013-04-09 14:43 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 22:49 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 22:48 - 2007-04-21 12:36 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-09-10 22:48 - 2006-11-02 15:01 - 00032588 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-10 22:44 - 2014-09-10 22:28 - 00000000 ____D () C:\zoek_backup
2014-09-10 22:31 - 2014-09-10 22:46 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-10 22:28 - 2014-09-10 22:28 - 01290240 _____ () C:\Users\ZSSudkov\Desktop\zoek.exe
2014-09-10 21:39 - 2014-08-04 12:08 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\Skype
2014-09-10 21:19 - 2014-03-06 22:13 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000Core.job
2014-09-09 22:07 - 2014-09-09 22:01 - 00000000 ____D () C:\AdwCleaner
2014-09-09 22:07 - 2014-03-07 17:31 - 00000974 _____ () C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-09 22:07 - 2013-04-09 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-09 22:03 - 2014-09-09 22:03 - 00001449 _____ () C:\Users\ZSSudkov\Desktop\JRT.txt
2014-09-09 22:00 - 2014-09-09 22:00 - 01370467 _____ () C:\Users\ZSSudkov\Downloads\adwcleaner_3.309.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 01016261 _____ (Thisisu) C:\Users\ZSSudkov\Downloads\JRT.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\rsit
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Program Files\trend micro
2014-09-09 21:23 - 2014-09-09 21:23 - 01107968 _____ () C:\Users\ZSSudkov\Downloads\RSIT.exe
2014-09-09 21:16 - 2007-04-21 13:30 - 00000000 ____D () C:\Windows\Panther
2014-09-09 21:06 - 2013-04-09 14:47 - 00001962 _____ () C:\Users\ZSSudkov\Desktop\Google Chrome.lnk
2014-09-09 20:37 - 2014-09-09 20:36 - 00000000 ____D () C:\Users\ZSSudkov\Downloads\happyHouse
2014-09-09 20:36 - 2014-09-09 20:36 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Local\GHISLER
2014-09-09 20:31 - 2014-09-09 20:31 - 00000000 ____D () C:\ProgramData\Gosaveanoow
2014-09-09 20:31 - 2014-09-09 20:31 - 00000000 ____D () C:\Program Files\Gosaveanoow
2014-09-09 20:31 - 2014-09-09 20:15 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-09-09 20:16 - 2014-09-09 20:15 - 00000000 ____D () C:\ProgramData\GioosiaavENOw
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Guest
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Users\Administrator
2014-09-09 20:15 - 2014-09-09 20:15 - 00000000 ____D () C:\Program Files\GioosiaavENOw
2014-09-09 20:15 - 2014-09-09 20:04 - 184965638 _____ () C:\Users\ZSSudkov\Downloads\Happy-House-New-Edition-2.rar.crdownload
2014-09-09 20:15 - 2013-04-09 14:43 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Local\Google
2014-09-09 20:15 - 2013-04-09 14:43 - 00000000 ____D () C:\Program Files\Google
2014-09-09 20:15 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-09 20:08 - 2014-09-09 20:08 - 00865792 _____ (Of Or) C:\Users\ZSSudkov\Downloads\Happy House_ Level 1 (Audio CD TB WB flashcards).exe
2014-09-07 23:58 - 2014-09-07 23:58 - 00010410 _____ () C:\Users\ZSSudkov\Documents\SD.xlsx
2014-09-07 23:57 - 2014-09-07 23:57 - 00010499 _____ () C:\Users\ZSSudkov\Documents\Sj.xlsx
2014-09-07 23:55 - 2014-09-07 23:55 - 00010754 _____ () C:\Users\ZSSudkov\Documents\MS.xlsx
2014-09-07 23:53 - 2013-04-15 10:50 - 00002589 _____ () C:\Users\ZSSudkov\Desktop\Microsoft Office Excel 2007.lnk
2014-09-07 23:35 - 2014-09-07 22:40 - 00011143 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh8.xlsx
2014-09-07 23:34 - 2014-09-07 22:41 - 00011235 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh9.xlsx
2014-09-07 22:41 - 2014-09-07 22:37 - 00010652 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh1.xlsx
2014-09-07 22:40 - 2014-09-07 22:40 - 00009193 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh7.xlsx
2014-09-07 22:39 - 2014-09-07 22:39 - 00009167 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh6.xlsx
2014-09-07 22:39 - 2014-09-07 22:39 - 00008974 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh5.xlsx
2014-09-07 22:38 - 2014-09-07 22:38 - 00008955 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh4.xlsx
2014-09-07 22:38 - 2014-09-07 22:38 - 00008849 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh3.xlsx
2014-09-07 22:37 - 2014-09-07 22:37 - 00008722 _____ () C:\Users\ZSSudkov\Desktop\Rozvrh2.xlsx
2014-09-07 22:26 - 2014-09-07 22:26 - 00021430 _____ () C:\Users\ZSSudkov\Desktop\Rozvrhy.xlsx
2014-09-04 06:10 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-02 19:59 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-09-02 19:42 - 2014-08-30 18:11 - 00000000 ____D () C:\Users\ZSSudkov\Desktop\moje
2014-09-02 19:38 - 2006-11-02 14:47 - 00374896 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-02 19:11 - 2007-11-24 04:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-02 19:09 - 2013-07-30 15:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-02 18:53 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-09-01 23:13 - 2014-09-01 23:13 - 00016370 _____ () C:\Users\ZSSudkov\Desktop\Hodnocení.xlsx
2014-08-30 18:06 - 2014-08-30 18:05 - 00000000 ____D () C:\Users\ZSSudkov\Desktop\zástupci
2014-08-27 21:01 - 2014-08-27 20:48 - 00000000 ____D () C:\totalcmd
2014-08-27 20:48 - 2014-08-27 20:48 - 00000591 _____ () C:\Users\ZSSudkov\Desktop\Total Commander.lnk
2014-08-27 20:48 - 2014-08-27 20:48 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-08-27 20:48 - 2014-08-27 20:48 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\GHISLER
2014-08-27 14:25 - 2014-08-22 13:20 - 00008704 _____ () C:\Users\ZSSudkov\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-27 12:09 - 2013-04-15 10:50 - 00002593 _____ () C:\Users\ZSSudkov\Desktop\Microsoft Office PowerPoint 2007.lnk
2014-08-26 20:41 - 2014-08-25 20:20 - 00000000 ____D () C:\The KMPlayer
2014-08-25 20:24 - 2014-08-25 20:24 - 00048392 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-08-25 20:24 - 2014-08-25 20:24 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Local\Comodo
2014-08-25 20:24 - 2014-08-25 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-08-25 20:24 - 2014-08-25 20:24 - 00000000 ____D () C:\Program Files\Comodo
2014-08-25 20:21 - 2014-08-25 20:21 - 00000000 ____D () C:\Users\ZSSudkov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2014-08-25 17:23 - 2014-08-06 13:07 - 00000680 _____ () C:\Users\ZSSudkov\AppData\Local\d3d9caps.dat
2014-08-23 03:03 - 2014-09-02 18:29 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:26 - 2014-09-02 18:29 - 02054656 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 13:42 - 2013-04-15 10:50 - 00002675 _____ () C:\Users\ZSSudkov\Desktop\Microsoft Office Word 2007.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000Core.job => C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000UA.job => C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ZSSudkov\Desktop" je 5 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: http://istart.webssearches.com/

Napsal: 10 zář 2014 22:46
od netki
příloha adition

Re: http://istart.webssearches.com/

Napsal: 14 zář 2014 18:34
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161328 2007-03-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057328 2007-03-26] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\...\Run: [Google Update] => "C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

BHO: GioosiaavENOw -> {02622665-e4c5-4916-9197-ae743f373f2a} -> C:\Program Files\GioosiaavENOw\jPrFwGpjOKpTHa.dll ()

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

2014-09-10 23:34 - 2014-09-10 23:35 - 00013289 _____ () C:\Users\ZSSudkov\Desktop\FRST.txt
2014-09-10 23:32 - 2014-09-10 23:32 - 00112640 _____ (forum.viry.cz) C:\Users\ZSSudkov\Desktop\FRSTLauncher.exe
2014-09-10 22:46 - 2014-09-10 22:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-10 22:31 - 2014-09-10 22:50 - 00015244 _____ () C:\zoek-results.log
2014-09-10 22:28 - 2014-09-10 22:44 - 00000000 ____D () C:\zoek_backup
2014-09-10 22:28 - 2014-09-10 22:28 - 01290240 _____ () C:\Users\ZSSudkov\Desktop\zoek.exe
2014-09-09 22:08 - 2014-09-10 22:49 - 00001256 _____ () C:\Windows\PFRO.log
2014-09-09 22:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-09 22:03 - 2014-09-09 22:03 - 00001449 _____ () C:\Users\ZSSudkov\Desktop\JRT.txt
2014-09-09 22:01 - 2014-09-09 22:07 - 00000000 ____D () C:\AdwCleaner
2014-09-09 22:00 - 2014-09-09 22:00 - 01370467 _____ () C:\Users\ZSSudkov\Downloads\adwcleaner_3.309.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 01016261 _____ (Thisisu) C:\Users\ZSSudkov\Downloads\JRT.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\rsit
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Program Files\trend micro
2014-09-09 21:23 - 2014-09-09 21:23 - 01107968 _____ () C:\Users\ZSSudkov\Downloads\RSIT.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000Core.job => C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000UA.job => C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: http://istart.webssearches.com/

Napsal: 14 zář 2014 22:27
od netki
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 10-09-2014
Ran by ZSSudkov at 2014-09-14 22:38:41 Run:1
Running from C:\Users\ZSSudkov\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161328 2007-03-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Program Files\Nero\Nero 7\InCD\InCD.exe [1057328 2007-03-26] (Nero AG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\...\Run: [Google Update] => "C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21652064 2014-07-24] (Skype Technologies S.A.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

BHO: GioosiaavENOw -> {02622665-e4c5-4916-9197-ae743f373f2a} -> C:\Program Files\GioosiaavENOw\jPrFwGpjOKpTHa.dll ()

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

2014-09-10 23:34 - 2014-09-10 23:35 - 00013289 _____ () C:\Users\ZSSudkov\Desktop\FRST.txt
2014-09-10 23:32 - 2014-09-10 23:32 - 00112640 _____ (forum.viry.cz) C:\Users\ZSSudkov\Desktop\FRSTLauncher.exe
2014-09-10 22:46 - 2014-09-10 22:31 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-10 22:31 - 2014-09-10 22:50 - 00015244 _____ () C:\zoek-results.log
2014-09-10 22:28 - 2014-09-10 22:44 - 00000000 ____D () C:\zoek_backup
2014-09-10 22:28 - 2014-09-10 22:28 - 01290240 _____ () C:\Users\ZSSudkov\Desktop\zoek.exe
2014-09-09 22:08 - 2014-09-10 22:49 - 00001256 _____ () C:\Windows\PFRO.log
2014-09-09 22:06 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-09 22:03 - 2014-09-09 22:03 - 00001449 _____ () C:\Users\ZSSudkov\Desktop\JRT.txt
2014-09-09 22:01 - 2014-09-09 22:07 - 00000000 ____D () C:\AdwCleaner
2014-09-09 22:00 - 2014-09-09 22:00 - 01370467 _____ () C:\Users\ZSSudkov\Downloads\adwcleaner_3.309.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 01016261 _____ (Thisisu) C:\Users\ZSSudkov\Downloads\JRT.exe
2014-09-09 21:55 - 2014-09-09 21:55 - 00000000 ____D () C:\Windows\ERUNT
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\rsit
2014-09-09 21:24 - 2014-09-09 21:24 - 00000000 ____D () C:\Program Files\trend micro
2014-09-09 21:23 - 2014-09-09 21:23 - 01107968 _____ () C:\Users\ZSSudkov\Downloads\RSIT.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000Core.job => C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000UA.job => C:\Users\ZSSudkov\AppData\Local\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\InCD => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => value deleted successfully.
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKU\S-1-5-21-1578806293-4075964732-472650498-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02622665-e4c5-4916-9197-ae743f373f2a}" => Key deleted successfully.
"HKCR\CLSID\{02622665-e4c5-4916-9197-ae743f373f2a}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
blbdrive => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Users\ZSSudkov\Desktop\FRST.txt => Moved successfully.
C:\Users\ZSSudkov\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\ZSSudkov\Desktop\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\Windows\system32\sqlite3.dll => Moved successfully.
C:\Users\ZSSudkov\Desktop\JRT.txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\ZSSudkov\Downloads\adwcleaner_3.309.exe => Moved successfully.
C:\Users\ZSSudkov\Downloads\JRT.exe => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\ZSSudkov\Downloads\RSIT.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1578806293-4075964732-472650498-1000UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 263.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz