VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Automatické otevírání nových nežadoucích oken v prohlížeči

https://forum.viry.cz:443/viewtopic.php?t=141290

Stránka 1 z 1

Automatické otevírání nových nežadoucích oken v prohlížeči

Napsal: 15 lis 2014 15:06
od Kangaroo99
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2014 01
Ran by DarkStorm (administrator) on GX620 on 15-11-2014 15:01:33
Running from C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory
Loaded Profile: DarkStorm (Available profiles: DarkStorm)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Documents and Settings\All Users\Data aplikací\a4bfa1f9-a877-4764-8645-bc2e9e51a9a4\maintainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
() C:\Program Files\maucampo\bin\utilmaucampo.exe
() C:\Program Files\maucampo\updatemaucampo.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17421824 2008-11-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1368064 2008-10-02] (Intel(R) Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1191936 2008-10-02] (Intel(R) Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-10-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKU\S-1-5-21-515967899-113007714-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://rts.dsrlte.com/?m=tab&affID=na" <======= ATTENTION
SearchScopes: HKCU - {1F59FB1C-6FD9-4AAA-ADC0-64896E3B60D1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {C21131E5-17E1-41BC-ADA2-156AFA922281} URL = http://rts.dsrlte.com/?q={searchTerms}&r=265
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default
FF NewTab:
FF DefaultSearchEngine: Yahoo! Search
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: https://www.seznam.cz/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\ask-web-search.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\daemon-search.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\dsrlte.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-05]
FF Extension: YouTube quality manager - C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\Extensions\youtubequality@rzll.xpi [2011-09-05]
FF Extension: maucampo - C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\Extensions\{ef8714df-a44b-464c-9034-549a70dc4cd7}.xpi [2014-09-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-10]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-30]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-09-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-29]
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]
FF Extension: No Name - jqs@sun.com [Not Found]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-02] (Intel(R) Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-09-13] (Sun Microsystems, Inc.)
R2 MaintainerSvc4.00.4737669; C:\Documents and Settings\All Users\Data aplikací\a4bfa1f9-a877-4764-8645-bc2e9e51a9a4\maintainer.exe [123624 2014-11-15] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-02] (Intel(R) Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [905216 2008-10-02] (Intel(R) Corporation) [File not signed]
R2 Update maucampo; C:\Program Files\maucampo\updatemaucampo.exe [525544 2014-11-15] ()
R2 Util maucampo; C:\Program Files\maucampo\bin\utilmaucampo.exe [525544 2014-11-15] ()
R2 WLANKEEPER; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160 2008-10-02] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2003-12-17] (Adaptec) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-06-29] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-06-29] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-06-29] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-06-29] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-04] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-06-29] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-06-29] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-24] (Disc Soft Ltd)
R3 enecirhid; C:\WINDOWS\System32\DRIVERS\enecirhid.sys [11264 2008-04-29] (ENE TECHNOLOGY INC.)
R3 enecirhidma; C:\WINDOWS\System32\DRIVERS\enecirhidma.sys [5632 2008-04-25] (ENE TECHNOLOGY INC.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3634688 2008-09-25] (Intel Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [41376 2008-09-06] (NVIDIA Corporation)
S4 RsFx0102; C:\WINDOWS\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11904 2008-08-04] (Intel Corporation) [File not signed]
R1 {ef8714df-a44b-464c-9034-549a70dc4cd7}t; C:\WINDOWS\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}t.sys [55864 2014-11-04] (StdLib)
S4 IntelIde; No ImagePath
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
S3 smserial; system32\DRIVERS\smserial.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 15:01 - 2014-11-15 15:01 - 00000000 ____D () C:\FRST
2014-11-15 15:00 - 2014-11-15 15:00 - 00029696 _____ () C:\Documents and Settings\DarkStorm\Local Settings\Data aplikací\MSGBOX.EXE
2014-11-15 15:00 - 2014-11-15 15:00 - 00015327 _____ () C:\Documents and Settings\DarkStorm\Plocha\LM.bat
2014-11-15 14:32 - 2014-11-15 14:53 - 00017104 _____ () C:\WINDOWS\setupapi.log
2014-11-10 15:59 - 2014-11-10 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-05 11:15 - 2014-11-04 18:31 - 00055864 _____ (StdLib) C:\WINDOWS\system32\Drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}t.sys
2014-10-30 17:37 - 2014-11-10 17:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-10-30 14:26 - 2014-11-15 14:25 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\a4bfa1f9-a877-4764-8645-bc2e9e51a9a4
2014-10-28 09:11 - 2011-11-13 11:01 - 733880320 _____ () C:\Documents and Settings\DarkStorm\Plocha\Já,-legenda-cz-DABING-(high-quality).avi
2014-10-21 12:09 - 2014-10-21 12:01 - 00491226 _____ () C:\Documents and Settings\DarkStorm\Dokumenty\kc.jpeg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 15:01 - 2014-04-30 21:21 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory
2014-11-15 15:01 - 2009-04-30 18:27 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Local Settings\Temp
2014-11-15 15:00 - 2009-04-30 18:27 - 00000000 ___HD () C:\Documents and Settings\DarkStorm\Local Settings\Data aplikací
2014-11-15 15:00 - 2009-04-30 18:27 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Plocha
2014-11-15 14:54 - 2009-04-30 18:22 - 01167739 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-15 14:53 - 2014-06-29 14:35 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-15 14:49 - 2014-06-29 14:21 - 00000370 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-11-15 14:49 - 2014-01-24 20:22 - 00000000 ____D () C:\Program Files\maucampo
2014-11-15 14:49 - 2001-10-25 13:00 - 00000834 _____ () C:\WINDOWS\win.ini
2014-11-15 14:44 - 2014-01-24 20:22 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Data aplikací\Seznam.cz
2014-11-15 14:44 - 2009-04-30 19:13 - 00068535 _____ () C:\WINDOWS\system32\nvModes.001
2014-11-15 14:44 - 2009-04-30 19:07 - 00190797 _____ () C:\WINDOWS\system32\nvapps.xml
2014-11-15 14:43 - 2014-06-28 13:11 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-11-15 14:43 - 2009-04-30 20:11 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2014-11-15 14:43 - 2009-04-30 20:11 - 00000050 ____C () C:\WINDOWS\wiaservc.log
2014-11-15 14:43 - 2009-04-30 18:26 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-15 14:43 - 2001-10-25 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-15 14:40 - 2009-04-30 18:27 - 00000272 ___SH () C:\Documents and Settings\DarkStorm\ntuser.ini
2014-11-15 14:40 - 2009-04-30 18:26 - 00032488 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-15 14:38 - 2009-04-30 20:08 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-11-15 14:37 - 2014-04-30 21:35 - 00000079 _____ () C:\WINDOWS\wininit.ini
2014-11-15 14:37 - 2009-04-30 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-11-15 14:31 - 2009-04-30 20:29 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Codec Pack
2014-11-15 14:31 - 2009-04-30 19:12 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-11-15 14:31 - 2009-04-30 19:06 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-15 14:31 - 2009-04-30 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Hry
2014-11-15 14:30 - 2011-09-05 18:12 - 00000000 ____D () C:\Program Files\AC Tool
2014-11-15 14:27 - 2014-03-29 16:24 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Data aplikací\uTorrent
2014-11-15 14:27 - 2009-04-30 18:27 - 00000000 ____D () C:\Documents and Settings\DarkStorm
2014-11-14 20:32 - 2009-04-30 18:27 - 00000000 ___RD () C:\Documents and Settings\DarkStorm\Dokumenty
2014-11-14 17:08 - 2011-09-06 00:10 - 00002561 _____ () C:\Documents and Settings\All Users\Nabídka Start\Microsoft Office Word 2003.lnk
2014-11-12 17:17 - 2014-01-14 14:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-02 19:12 - 2014-09-24 16:34 - 03755008 _____ () C:\Documents and Settings\DarkStorm\Dokumenty\telč.ppt 2.ppt
2014-11-02 07:47 - 2011-09-12 15:08 - 00010752 _____ () C:\Documents and Settings\DarkStorm\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-02 07:38 - 2014-07-22 12:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2014-10-31 17:29 - 2009-04-30 23:15 - 00000000 ___RD () C:\Documents and Settings\DarkStorm\Dokumenty\Filmy
2014-10-30 14:26 - 2009-04-30 20:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-10-19 07:20 - 2011-11-11 20:00 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-18 12:01 - 2014-02-09 00:06 - 00000000 ____D () C:\Program Files\PokerStars
2014-10-16 19:55 - 2013-03-22 19:55 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Dokumenty\škola

Some content of TEMP:
====================
C:\Documents and Settings\DarkStorm\Local Settings\Temp\maucampoUntemp.exe
C:\Documents and Settings\DarkStorm\Local Settings\Temp\res.dll
C:\Documents and Settings\DarkStorm\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
  • vv

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 15:10
od Rudy
Zdravím!
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 15:24
od Kangaroo99
# AdwCleaner v4.101 - Report created 15/11/2014 at 15:20:52
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Local]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : DarkStorm - GX620
# Running from : C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update maucampo
[#] Service Deleted : Util maucampo
[#] Service Deleted : {ef8714df-a44b-464c-9034-549a70dc4cd7}t

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\maucampo
Folder Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\pay-by-ads
File Deleted : C:\WINDOWS\system32\\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}t.sys
File Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\ask-web-search.xml
File Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\bingp.xml
File Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\daemon-search.xml
File Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\dsrlte.xml
File Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\icqplugin-1.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\keepmysearch
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update maucampo
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util maucampo
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C21131E5-17E1-41BC-ADA2-156AFA922281}
Key Deleted : HKCU\Software\maucampo
Key Deleted : HKLM\SOFTWARE\maucampo
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v33.1 (x86 cs)

[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://rts.dsrlte.com/?q=");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.prev", "Yahoo! Search");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.savedPrev", "true");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.defaultenginename.tb", "Ask Web Search");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.prev", "Yahoo! Search");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.savedPrev", "true");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.search.selectedEngine.tb", "Ask Web Search");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.prev", "www.seznam.cz");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.savedPrev", "true");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=6943779D-AEEE-4768-9D00-9FC44A25BD7B&n=780c7691&p2=^AW7^xdm055^S10504^cz&si=YO[...]
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.page.savedPrev", 1);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.startup.page.tb", 1);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.firstKnownVersion", "6.66.4.34077");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=6943779D-AEEE-4768-9D00-9FC44A25BD7B&n=780c7691&p2=^AW7^xdm055^S10504^cz&si=YO_SAF_INTL_CZE_45");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.enabled", false);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.guardType", "HPR");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.user.defined", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.initialized", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installKeysSource", "LocalStorage");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installType", "XPI");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.contextKey", "");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.installDate", "2014082705");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerId", "^AW7^xdm055^S10504^cz");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerSubId", "YO_SAF_INTL_CZE_45");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.pixelUrl", "hxxp://safepcrepair.dl.tb.ask.com/install_pixels.jhtml?partner=^AW7^xdm055^S10504^cz&coId=aa8ac04cbfe3494592f566eb8efaeb27"[...]
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.success", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.toolbarId", "6943779D-AEEE-4768-9D00-9FC44A25BD7B");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.isCompliantUninstallImplementation", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.lastActivePing", "1411220351304");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.lastKnownVersion", "6.72.4.55185");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.defaultSearch", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.homePageEnabled", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.keywordEnabled", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.tabEnabled", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.partnerPixelFired", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.searchHistory", "seznam.cz najdu tam co neznam");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.successUrl", "hxxp://download.safepcrepair.com/installComplete.jhtml");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.toolbarCollapsed", true);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.weather.location", "10001");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
[worydcm4.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "safepcrepair@mindspark.com");

*************************

AdwCleaner[R0].txt - [9172 octets] - [15/11/2014 15:13:58]
AdwCleaner[S0].txt - [9221 octets] - [15/11/2014 15:20:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9281 octets] ##########

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 15:59
od Rudy
Dejte nový log RSIT.

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 16:36
od Kangaroo99
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-11-2014 01
Ran by DarkStorm (administrator) on GX620 on 15-11-2014 16:35:26
Running from C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory
Loaded Profile: DarkStorm (Available profiles: DarkStorm)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Documents and Settings\All Users\Data aplikací\a4bfa1f9-a877-4764-8645-bc2e9e51a9a4\maintainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [17421824 2008-11-07] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [57344 2008-06-19] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ITSecMng] => C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2008-12-19] (TOSHIBA CORPORATION)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1368064 2008-10-02] (Intel(R) Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1191936 2008-10-02] (Intel(R) Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-10-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKU\S-1-5-21-515967899-113007714-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "http://www.google.com" <======= ATTENTION
SearchScopes: HKCU - {1F59FB1C-6FD9-4AAA-ADC0-64896E3B60D1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default
FF NewTab:
FF DefaultSearchEngine: Yahoo! Search
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Yahoo! Search
FF Homepage: https://www.seznam.cz/
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\npctrl.1.0.30401.0.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\firmycz.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
FF SearchPlugin: C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-05]
FF Extension: YouTube quality manager - C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\Extensions\youtubequality@rzll.xpi [2011-09-05]
FF Extension: maucampo - C:\Documents and Settings\DarkStorm\Data aplikací\Mozilla\Firefox\Profiles\worydcm4.default\Extensions\{ef8714df-a44b-464c-9034-549a70dc4cd7}.xpi [2014-09-20]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-10]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-30]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2011-09-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-29]
FF Extension: No Name - {20a82645-c095-46ed-80e3-08825760534b} [Not Found]
FF Extension: No Name - jqs@sun.com [Not Found]
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-02] (Intel(R) Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2011-09-13] (Sun Microsystems, Inc.)
R2 MaintainerSvc4.00.4737669; C:\Documents and Settings\All Users\Data aplikací\a4bfa1f9-a877-4764-8645-bc2e9e51a9a4\maintainer.exe [123624 2014-11-15] ()
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-02] (Intel(R) Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [905216 2008-10-02] (Intel(R) Corporation) [File not signed]
R2 WLANKEEPER; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160 2008-10-02] (Intel(R) Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Aspi32; C:\WINDOWS\system32\Drivers\Aspi32.sys [17005 2003-12-17] (Adaptec) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-06-29] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-06-29] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-06-29] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-06-29] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-07-04] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-06-29] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-06-29] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-24] (Disc Soft Ltd)
R3 enecirhid; C:\WINDOWS\System32\DRIVERS\enecirhid.sys [11264 2008-04-29] (ENE TECHNOLOGY INC.)
R3 enecirhidma; C:\WINDOWS\System32\DRIVERS\enecirhidma.sys [5632 2008-04-25] (ENE TECHNOLOGY INC.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3634688 2008-09-25] (Intel Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [41376 2008-09-06] (NVIDIA Corporation)
S4 RsFx0102; C:\WINDOWS\System32\DRIVERS\RsFx0102.sys [242712 2008-07-10] (Microsoft Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11904 2008-08-04] (Intel Corporation) [File not signed]
S4 IntelIde; No ImagePath
S3 JMCR; system32\DRIVERS\jmcr.sys [X]
S3 smserial; system32\DRIVERS\smserial.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 15:13 - 2014-11-15 15:21 - 00000000 ____D () C:\AdwCleaner
2014-11-15 15:01 - 2014-11-15 16:35 - 00000000 ____D () C:\FRST
2014-11-15 15:00 - 2014-11-15 15:00 - 00029696 _____ () C:\Documents and Settings\DarkStorm\Local Settings\Data aplikací\MSGBOX.EXE
2014-11-15 15:00 - 2014-11-15 15:00 - 00015327 _____ () C:\Documents and Settings\DarkStorm\Plocha\LM.bat
2014-11-15 14:32 - 2014-11-15 16:33 - 00036689 _____ () C:\WINDOWS\setupapi.log
2014-11-10 15:59 - 2014-11-10 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-30 17:37 - 2014-11-10 17:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-10-30 14:26 - 2014-11-15 14:25 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\a4bfa1f9-a877-4764-8645-bc2e9e51a9a4
2014-10-28 09:11 - 2011-11-13 11:01 - 733880320 _____ () C:\Documents and Settings\DarkStorm\Plocha\Já,-legenda-cz-DABING-(high-quality).avi
2014-10-21 12:09 - 2014-10-21 12:01 - 00491226 _____ () C:\Documents and Settings\DarkStorm\Dokumenty\kc.jpeg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 16:35 - 2014-04-30 21:21 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory
2014-11-15 16:35 - 2009-04-30 18:27 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Local Settings\Temp
2014-11-15 16:33 - 2014-06-29 14:21 - 00000370 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-11-15 16:33 - 2009-04-30 18:22 - 01179144 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-15 16:32 - 2009-04-30 20:11 - 00000159 ____C () C:\WINDOWS\wiadebug.log
2014-11-15 16:32 - 2009-04-30 20:11 - 00000050 ____C () C:\WINDOWS\wiaservc.log
2014-11-15 16:32 - 2009-04-30 19:13 - 00068535 _____ () C:\WINDOWS\system32\nvModes.001
2014-11-15 16:32 - 2009-04-30 19:07 - 00190797 _____ () C:\WINDOWS\system32\nvapps.xml
2014-11-15 16:32 - 2009-04-30 18:26 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-15 16:32 - 2001-10-25 13:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-11-15 15:44 - 2009-04-30 18:26 - 00032554 _____ () C:\WINDOWS\SchedLgU.Txt
2014-11-15 15:20 - 2009-04-30 18:27 - 00000000 __RHD () C:\Documents and Settings\DarkStorm\Data aplikací
2014-11-15 15:00 - 2009-04-30 18:27 - 00000000 ___HD () C:\Documents and Settings\DarkStorm\Local Settings\Data aplikací
2014-11-15 15:00 - 2009-04-30 18:27 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Plocha
2014-11-15 14:53 - 2014-06-29 14:35 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-11-15 14:49 - 2001-10-25 13:00 - 00000834 _____ () C:\WINDOWS\win.ini
2014-11-15 14:44 - 2014-01-24 20:22 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Data aplikací\Seznam.cz
2014-11-15 14:43 - 2014-06-28 13:11 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-11-15 14:40 - 2009-04-30 18:27 - 00000272 ___SH () C:\Documents and Settings\DarkStorm\ntuser.ini
2014-11-15 14:38 - 2009-04-30 20:08 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy
2014-11-15 14:37 - 2014-04-30 21:35 - 00000079 _____ () C:\WINDOWS\wininit.ini
2014-11-15 14:37 - 2009-04-30 20:08 - 00000000 ____D () C:\Documents and Settings\All Users\Plocha
2014-11-15 14:31 - 2009-04-30 20:29 - 00000000 ____D () C:\Documents and Settings\All Users\Nabídka Start\Programy\Codec Pack
2014-11-15 14:31 - 2009-04-30 19:12 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-11-15 14:31 - 2009-04-30 19:06 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-11-15 14:31 - 2009-04-30 18:20 - 00000000 ___RD () C:\Documents and Settings\All Users\Nabídka Start\Programy\Hry
2014-11-15 14:30 - 2011-09-05 18:12 - 00000000 ____D () C:\Program Files\AC Tool
2014-11-15 14:27 - 2014-03-29 16:24 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Data aplikací\uTorrent
2014-11-15 14:27 - 2009-04-30 18:27 - 00000000 ____D () C:\Documents and Settings\DarkStorm
2014-11-14 20:32 - 2009-04-30 18:27 - 00000000 ___RD () C:\Documents and Settings\DarkStorm\Dokumenty
2014-11-14 17:08 - 2011-09-06 00:10 - 00002561 _____ () C:\Documents and Settings\All Users\Nabídka Start\Microsoft Office Word 2003.lnk
2014-11-12 17:17 - 2014-01-14 14:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-02 19:12 - 2014-09-24 16:34 - 03755008 _____ () C:\Documents and Settings\DarkStorm\Dokumenty\telč.ppt 2.ppt
2014-11-02 07:47 - 2011-09-12 15:08 - 00010752 _____ () C:\Documents and Settings\DarkStorm\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-02 07:38 - 2014-07-22 12:58 - 00000000 ____D () C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2014-10-31 17:29 - 2009-04-30 23:15 - 00000000 ___RD () C:\Documents and Settings\DarkStorm\Dokumenty\Filmy
2014-10-30 14:26 - 2009-04-30 20:08 - 00000000 __RHD () C:\Documents and Settings\All Users\Data aplikací
2014-10-19 07:20 - 2011-11-11 20:00 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-10-18 12:01 - 2014-02-09 00:06 - 00000000 ____D () C:\Program Files\PokerStars
2014-10-16 19:55 - 2013-03-22 19:55 - 00000000 ____D () C:\Documents and Settings\DarkStorm\Dokumenty\škola

Some content of TEMP:
====================
C:\Documents and Settings\DarkStorm\Local Settings\Temp\maucampoUntemp.exe
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\DarkStorm\Local Settings\Temp\res.dll
C:\Documents and Settings\DarkStorm\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\DarkStorm\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 16:53
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Documents and Settings\DarkStorm\Local Settings\Temp
End
Uložte do C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 17:10
od Kangaroo99
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-11-2014 01
Ran by DarkStorm at 2014-11-15 17:07:40 Run:1
Running from C:\Documents and Settings\DarkStorm\Dokumenty\Stažené soubory
Loaded Profile: DarkStorm (Available profiles: DarkStorm)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Program Files\Skype\Toolbars
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
C:\Documents and Settings\DarkStorm\Local Settings\Temp
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
C:\Program Files\Skype\Toolbars => Moved successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.

"C:\Documents and Settings\DarkStorm\Local Settings\Temp" directory move:

Could not move "C:\Documents and Settings\DarkStorm\Local Settings\Temp\AdobeARM.log" => Scheduled to move on reboot.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\adwcleaner.db => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\AdwCleaner.jpg => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\ArmUI.ini => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\au-descriptor-1.7.0_71-b14.xml => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Cleaning.ico => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Czech.bin => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Donate.ico => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\EULA.txt => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\jusched.log => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\maucampoUntemp.exe => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Report.ico => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\res.dll => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Scan.ico => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Set1D3.tmp => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\sqlite3.dll => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Uninstall.ico => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\Version.txt => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\~54.tmp => Moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp\WER8377.dir00\firefox.exe.hdmp => Moved successfully.
Could not move "C:\Documents and Settings\DarkStorm\Local Settings\Temp" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-11-15 17:09:09)<=

C:\Documents and Settings\DarkStorm\Local Settings\Temp\AdobeARM.log => Is moved successfully.
C:\Documents and Settings\DarkStorm\Local Settings\Temp => Moved successfully.

==== End of Fixlog ====

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 17:41
od Rudy
Smazáno. Nastala nějaká změna?

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 17:46
od Kangaroo99
Problém je zdá se vyřešen... :happy:

Mockrát Vám děkuji za pomoc!!!

Re: Automatické otevírání nových nežadoucích oken v prohlíže

Napsal: 15 lis 2014 17:52
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz