zdravím, smím prosit o kontrolu? Díky.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Prachov at 2016-05-20 19:45:30
Microsoft® Windows Vista™ Home Basic
System drive C: has 33 GB (50%) free of 66 GB
Total RAM: 2038 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:45:34, on 20.5.2016
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Prachov\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Users\Prachov\Downloads\RSIT(1).exe
C:\Program Files\trend micro\Prachov.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
--
End of file - 4313 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default
prefs.js - "browser.startup.homepage" - "http://seznam.cz"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.242 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-07 679680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2014-12-12 1006264]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-02-12 174872]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-05-12 7400576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2014-12-12 1232896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-03-30 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======List of files/folders created in the last 1 month======
2016-05-20 19:45:30 ----D---- C:\rsit
2016-05-13 22:12:27 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2016-05-11 16:42:44 ----A---- C:\Windows\system32\aswBoot.exe
2016-05-11 16:42:08 ----A---- C:\Windows\avastSS.scr
2016-05-08 08:00:23 ----D---- C:\Program Files\Mozilla Firefox
2016-05-04 18:01:58 ----D---- C:\Users\Prachov\AppData\Roaming\TubeTycoon
======List of files/folders modified in the last 1 month======
2016-05-20 19:45:34 ----D---- C:\Windows\Prefetch
2016-05-20 19:45:32 ----D---- C:\Windows\Temp
2016-05-20 19:45:32 ----D---- C:\Program Files\trend micro
2016-05-20 19:40:13 ----SHD---- C:\System Volume Information
2016-05-19 20:21:58 ----HD---- C:\ProgramData
2016-05-19 20:03:24 ----D---- C:\Windows\System32
2016-05-19 20:03:23 ----D---- C:\Windows\inf
2016-05-19 20:03:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-05-13 22:12:33 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-05-13 21:59:39 ----D---- C:\Windows\system32\Tasks
2016-05-13 21:58:15 ----D---- C:\Windows\system32\drivers
2016-05-13 21:58:13 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-05-12 03:02:49 ----D---- C:\Windows\system32\MRT
2016-05-12 03:02:40 ----A---- C:\Windows\system32\mrt.exe
2016-05-11 16:42:43 ----D---- C:\Windows
2016-05-11 07:10:02 ----SHD---- C:\Windows\Installer
2016-05-11 07:05:38 ----RD---- C:\Program Files
2016-05-11 07:05:22 ----D---- C:\Windows\Tasks
2016-04-21 15:05:04 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-05-11 58776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-05-11 221368]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-05-11 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2016-05-11 64272]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-05-11 815792]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-05-11 449640]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-05-11 32792]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-05-11 91168]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-30 5120]
R3 aswStmXP;Avast StreamFilter Driver; C:\Windows\system32\drivers\aswStmXP.sys [2016-05-11 187208]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
R3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-30 1671680]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2014-12-12 82432]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-03-02 38400]
S3 aswTdi;aswTdi; C:\Windows\system32\drivers\aswTdi.sys [2016-05-11 67216]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-30 1671680]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2006-11-02 71552]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-11 243296]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-02-12 355096]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-08-22 75136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-30 144200]
S2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-30 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-05-08 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
sestřin noťas
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: sestřin noťas
Zdravim 
Proc neni system aktualizovany?
Jde ciste jen o prevenci, nebo je i nejaky konkretni problem?
Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Proc neni system aktualizovany? Jde ciste jen o prevenci, nebo je i nejaky konkretni problem? Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: sestřin noťas
Tak toho, že není aktualizován jsem si nevšiml 
ale při ručnímspuštění aktualizace mito hodilo error "80071A90", po třetím restartu už aktualizace (údajně úspěšně) proběhla. Jen po restartu se mi tu objevila v seznamu aktualizace na SP1 znovu, tak nevím..
jinak tedy zde Crystal Disk:
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.2 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Basic [6.0 Build 6000] (x86)
Date : 2016/05/21 12:34:45
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVDRAM GSA-T20N ATA Device
+ Intel(R) 82801GBM SATA AHCI Controller [ATA]
- Hitachi HTS541680J9SA00
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541680J9SA00 : 80,0 GB [0/1/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS541680J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541680J9SA00
Firmware : SB2OC7KP
Serial Number : SB2204KGCXDVZE
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : ---- | SATA/150
Power On Hours : 22965 hod.
Power On Count : 9841 krát
Temperature : 48 C (118 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000800000000 Čas na roztočení ploten
04 _90 _90 __0 000000003DA5 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _48 _48 __0 0000000059B5 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _94 _94 __0 000000002671 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000003B Počet vypnutí disku
C1 _45 _45 __0 0000000885E4 Počet cyklů načítání/vymazání
C2 114 114 __0 003A00070030 Teplota
C4 100 100 __0 000000000001 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5342 3232 3034 4B47 4358 4456 5A45
020: 0003 3AB8 0004 5342 324F 4337 4B50 4869 7461 6368
030: 6920 4854 5335 3431 3638 304A 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 0F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0502 0000 005E 004C
080: 00FC 001A 746B 7F69 4163 7469 3D49 4163 203F 0015
090: 0000 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 51CC EAB4 0000 0000 0000 0000 0000 0000 0000 4000
120: 4000 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0006 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 8000 0000 324F 0000 0000 3342 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D4A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 FD FD 00
020: 00 00 00 08 00 00 04 12 00 5A 5A A5 3D 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 30 30 B5 59 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 5E 5E 71 26 00 00 00 00 00 BF 0A 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 3B 00 00 00 00
090: 00 00 C1 12 00 2D 2D E4 85 08 00 00 00 00 C2 02
0A0: 00 72 72 30 00 07 00 3A 00 00 C4 32 00 64 64 01
0B0: 00 00 00 00 00 00 C5 22 00 64 64 00 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 FD 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 85 02 01 5B
170: 03 00 01 00 02 2C 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4A
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
ale při ručnímspuštění aktualizace mito hodilo error "80071A90", po třetím restartu už aktualizace (údajně úspěšně) proběhla. Jen po restartu se mi tu objevila v seznamu aktualizace na SP1 znovu, tak nevím..
jinak tedy zde Crystal Disk:
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.2 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Basic [6.0 Build 6000] (x86)
Date : 2016/05/21 12:34:45
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801G (ICH7 Family) Ultra ATA Storage Controllers - 27DF [ATA]
+ Kanál IDE (0)
- HL-DT-ST DVDRAM GSA-T20N ATA Device
+ Intel(R) 82801GBM SATA AHCI Controller [ATA]
- Hitachi HTS541680J9SA00
- Iniciátor iSCSI společnosti Microsoft [SCSI]
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS541680J9SA00 : 80,0 GB [0/1/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS541680J9SA00
----------------------------------------------------------------------------
Model : Hitachi HTS541680J9SA00
Firmware : SB2OC7KP
Serial Number : SB2204KGCXDVZE
Disk Size : 80,0 GB (8,4/80,0/80,0/80,0)
Buffer Size : 7516 KB
Queue Depth : 32
# of Sectors : 156301488
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 1
Transfer Mode : ---- | SATA/150
Power On Hours : 22965 hod.
Power On Count : 9841 krát
Temperature : 48 C (118 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000800000000 Čas na roztočení ploten
04 _90 _90 __0 000000003DA5 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _48 _48 __0 0000000059B5 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _94 _94 __0 000000002671 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000003B Počet vypnutí disku
C1 _45 _45 __0 0000000885E4 Počet cyklů načítání/vymazání
C2 114 114 __0 003A00070030 Teplota
C4 100 100 __0 000000000001 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 253 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5342 3232 3034 4B47 4358 4456 5A45
020: 0003 3AB8 0004 5342 324F 4337 4B50 4869 7461 6368
030: 6920 4854 5335 3431 3638 304A 3953 4130 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 0F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: F8B0 0950 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0502 0000 005E 004C
080: 00FC 001A 746B 7F69 4163 7469 3D49 4163 203F 0015
090: 0000 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: F8B0 0950 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 51CC EAB4 0000 0000 0000 0000 0000 0000 0000 4000
120: 4000 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0006 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 8000 0000 324F 0000 0000 3342 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 8000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D4A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 FD FD 00
020: 00 00 00 08 00 00 04 12 00 5A 5A A5 3D 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 30 30 B5 59 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 5E 5E 71 26 00 00 00 00 00 BF 0A 00 64 64 00
080: 00 00 00 00 00 00 C0 32 00 64 64 3B 00 00 00 00
090: 00 00 C1 12 00 2D 2D E4 85 08 00 00 00 00 C2 02
0A0: 00 72 72 30 00 07 00 3A 00 00 C4 32 00 64 64 01
0B0: 00 00 00 00 00 00 C5 22 00 64 64 00 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 FD 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 85 02 01 5B
170: 03 00 01 00 02 2C 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4A
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89
Re: sestřin noťas
a tady ADW:
# AdwCleaner v5.117 - Log soubor vytvořen 21/05/2016 o 12:37:38
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows Vista (TM) Home Basic (X86)
# Jméno uživatele : Prachov - PRACHOV-PC
# Spuštěno z : C:\Users\Prachov\Desktop\adwcleaner_5.117.exe
# Volba : Skenovat
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.BUTTON_STRUCTURE", "[{\"b\":224341181,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224341182,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.prev", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.savedPrev", "true");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=76[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.savedPrev", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.tb", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.version.last", "46.0");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.coId", "4a5df8d041e84ccabcbf105a95fcc2d3");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.firstKnownVersion", "7.70.9.23211");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.homepage", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=7652E10A-DC7E-45E5-93[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.enabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.guardType", "HPR");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.user.defined", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.initialized", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installType", "XPI");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.dlpCountryCode", "CZ");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.installDate", "2016050405");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerId", "^BYI^xdm122^TTAB02^cz");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerSubId", "cze");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.pixelUrl", "hxxp://free.gounzip.com/install_pixels.jhtml?partner=^BYI^xdm122^TTAB02^cz&sub_id=cze&coId=4a5df8d041e84ccabcbf105a95fcc2d3[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.success", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.toolbarId", "7652E10A-DC7E-45E5-9301-6B3368503D5C");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastActivePing", "1462813103465");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastKnownVersion", "7.70.9.23211");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.defaultSearch", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.homePageEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.keywordEnabled", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.tabEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.partnerPixelFired", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.language", "cs");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/gounzip/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&si=${pa[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.type", "ToolTab");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.successUrl", "hxxp://free.gounzip.com/installComplete.jhtml");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbar.versionChanged", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbarCollapsed", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._dmMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.BUTTON_STRUCTURE", "[{\"b\":224244839,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224244840,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.prev", "www.seznam.cz");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.savedPrev", "true");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.savedPrev", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.tb", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.version.last", "46.0");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.coId", "6f3ba82523bd4c1cb158af402817141b");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.firstKnownVersion", "7.70.9.25694");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.homepage", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&ptb=34492AB8-C528-4[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.enabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.guardType", "HPR");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.user.defined", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.initialized", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installType", "XPI");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.dlpCountryCode", "CZ");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.installDate", "2016050202");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerId", "^BYR^xdm157^TTAB02^cz");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerSubId", "cze");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.pixelUrl", "hxxp://download.freeradiocast.com/install_pixels.jhtml?partner=^BYR^xdm157^TTAB02^cz&sub_id=cze&coId=6f3ba82523bd4c1cb158af[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.success", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.toolbarId", "34492AB8-C528-4E48-8AE2-28C45CD7F114");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastActivePing", "1462813103432");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastKnownVersion", "7.70.9.25694");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.defaultSearch", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.homePageEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.keywordEnabled", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.tabEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.partnerPixelFired", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.language", "cs");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&s[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.type", "ToolTab");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.successUrl", "hxxp://download.freeradiocast.com/installComplete.jhtml");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbar.versionChanged", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbarCollapsed", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._eeMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "gounzip@mindspark.com");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark.lastInstalled", "gounzip@mindspark.com");
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3370 bytes] - [28/09/2015 20:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [20516 bytes] - [28/09/2015 20:22:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [17374 bytes] - [21/05/2016 12:37:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [17448 bytes] ##########
# AdwCleaner v5.117 - Log soubor vytvořen 21/05/2016 o 12:37:38
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows Vista (TM) Home Basic (X86)
# Jméno uživatele : Prachov - PRACHOV-PC
# Spuštěno z : C:\Users\Prachov\Desktop\adwcleaner_5.117.exe
# Volba : Skenovat
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.BUTTON_STRUCTURE", "[{\"b\":224341181,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224341182,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.prev", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.savedPrev", "true");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=76[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.savedPrev", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.tb", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.version.last", "46.0");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.coId", "4a5df8d041e84ccabcbf105a95fcc2d3");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.firstKnownVersion", "7.70.9.23211");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.homepage", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=7652E10A-DC7E-45E5-93[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.enabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.guardType", "HPR");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.user.defined", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.initialized", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installType", "XPI");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.dlpCountryCode", "CZ");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.installDate", "2016050405");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerId", "^BYI^xdm122^TTAB02^cz");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerSubId", "cze");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.pixelUrl", "hxxp://free.gounzip.com/install_pixels.jhtml?partner=^BYI^xdm122^TTAB02^cz&sub_id=cze&coId=4a5df8d041e84ccabcbf105a95fcc2d3[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.success", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.toolbarId", "7652E10A-DC7E-45E5-9301-6B3368503D5C");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastActivePing", "1462813103465");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastKnownVersion", "7.70.9.23211");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.defaultSearch", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.homePageEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.keywordEnabled", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.tabEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.partnerPixelFired", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.language", "cs");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/gounzip/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&si=${pa[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.type", "ToolTab");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.successUrl", "hxxp://free.gounzip.com/installComplete.jhtml");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbar.versionChanged", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbarCollapsed", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._dmMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.BUTTON_STRUCTURE", "[{\"b\":224244839,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224244840,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.prev", "www.seznam.cz");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.savedPrev", "true");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.savedPrev", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.tb", 1);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.version.last", "46.0");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.coId", "6f3ba82523bd4c1cb158af402817141b");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.firstKnownVersion", "7.70.9.25694");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.homepage", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&ptb=34492AB8-C528-4[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.enabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.guardType", "HPR");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.user.defined", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.initialized", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installType", "XPI");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.dlpCountryCode", "CZ");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.installDate", "2016050202");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerId", "^BYR^xdm157^TTAB02^cz");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerSubId", "cze");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.pixelUrl", "hxxp://download.freeradiocast.com/install_pixels.jhtml?partner=^BYR^xdm157^TTAB02^cz&sub_id=cze&coId=6f3ba82523bd4c1cb158af[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.success", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.toolbarId", "34492AB8-C528-4E48-8AE2-28C45CD7F114");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastActivePing", "1462813103432");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastKnownVersion", "7.70.9.25694");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.defaultSearch", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.homePageEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.keywordEnabled", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.tabEnabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.partnerPixelFired", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.language", "cs");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&s[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.type", "ToolTab");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.successUrl", "hxxp://download.freeradiocast.com/installComplete.jhtml");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbar.versionChanged", false);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbarCollapsed", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._eeMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "gounzip@mindspark.com");
[C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] nalezeno : user_pref("extensions.toolbar.mindspark.lastInstalled", "gounzip@mindspark.com");
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3370 bytes] - [28/09/2015 20:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [20516 bytes] - [28/09/2015 20:22:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [17374 bytes] - [21/05/2016 12:37:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [17448 bytes] ##########
Re: sestřin noťas
Ten log z ADWCleaneru je ze skenu, ja chtel az po odstraneni nalezu. Takze pokud jste to jeste neudelal, nechte ty nalezy i odstranit.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: sestřin noťas
aha.. nějak jsem si nevšiml, že nálezy jsou i na jinejch záložkách, tak jsem myslel, že je čisto 
Zde je tedy nový ADW a jdu na MBAM:
# AdwCleaner v5.009 - Logfile created 28/09/2015 at 20:24:16
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows Vista (TM) Home Basic (x86)
# Username : Prachov - PRACHOV-PC
# Running from : E:\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Adobe Flash Player Updater
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\0515ad80f5c891520879365a690ca1ce
[-] Key Deleted : HKCU\Software\06403edf2da84676405ba47ed927efe8
[-] Key Deleted : HKCU\Software\0a9fc54d1fd9c1db44f41409a9274213
[-] Key Deleted : HKCU\Software\1710a28a45b655e95348aca814ccf3ec
[-] Key Deleted : HKCU\Software\1748e8e8175e6660122f85ed736fc024
[-] Key Deleted : HKCU\Software\1ac54efef229386218f9defd73c9fae1
[-] Key Deleted : HKCU\Software\1d3aef793af087b59ec719731dc2847e
[-] Key Deleted : HKCU\Software\23556fb1360f366337f97c924e76ead3
[-] Key Deleted : HKCU\Software\2871008b11b19831c86ab1ee3dd267c7
[-] Key Deleted : HKCU\Software\2ad8d984bfc960b9426eecbec660a9bc
[-] Key Deleted : HKCU\Software\3216893c52598aba9c50043b71480bc9
[-] Key Deleted : HKCU\Software\37f860443296616ff1a1032dff645de1
[-] Key Deleted : HKCU\Software\3bd13f8af846694af836aa5a2c763ceb
[-] Key Deleted : HKCU\Software\3ea30f8d2d29e35bcde6a3aecc233a60
[-] Key Deleted : HKCU\Software\5531986d5abab4c4868b719c0565fc56
[-] Key Deleted : HKCU\Software\5cd8f17f4086744065eb0992a09e05a2
[-] Key Deleted : HKCU\Software\60d892344ef1489b8a74a8c0a3278254
[-] Key Deleted : HKCU\Software\66a0787319cac24fe398f1f8d44fb11b
[-] Key Deleted : HKCU\Software\68586d46470da7fa6e4c622786775e97
[-] Key Deleted : HKCU\Software\6e9b3cd9ea5f9879fb3dd5b668f334f7
[-] Key Deleted : HKCU\Software\78da0422172bb1c4bf8f5b473fa4639a
[-] Key Deleted : HKCU\Software\802a9357a9751f943d94eb663ea75ff1
[-] Key Deleted : HKCU\Software\8a1b3ed71d4a43a8504ec95da2c6191e
[-] Key Deleted : HKCU\Software\9ed966436aaf0c9b3532d2886ac543a4
[-] Key Deleted : HKCU\Software\a374829b0e37920935a4bbca40f63d1b
[-] Key Deleted : HKCU\Software\a3ea41f4963757b1cdfde9e372ecd474
[-] Key Deleted : HKCU\Software\a7dc92269d0800e76f2433513c03e981
[-] Key Deleted : HKCU\Software\ac81fa871a4336b2440cb3826cd12647
[-] Key Deleted : HKCU\Software\b3adaf8638cb357cd6920b27eaaf2359
[-] Key Deleted : HKCU\Software\b424857db990f63ef956b71e7a796979
[-] Key Deleted : HKCU\Software\b71003c1546ffe63d5b7bb696082e8ea
[-] Key Deleted : HKCU\Software\bcc246c0d7dcabe439f23df50156a292
[-] Key Deleted : HKCU\Software\c5dd127ab224a68ace908cef61aa4f16
[-] Key Deleted : HKCU\Software\c6790ce50eb4f56d214739fcff7acf56
[-] Key Deleted : HKCU\Software\cbad6784b4976def0050c4fa9b9dcf8d
[-] Key Deleted : HKCU\Software\e5c1ec3f25c8f93b432a0260276b94b7
[-] Key Deleted : HKCU\Software\ea78a88ee5a5c9eceab729803f7062de
[-] Key Deleted : HKCU\Software\f2be33b5e367f7ac26771cf7c4ff63aa
[-] Key Deleted : HKCU\Software\f58c4ae67804dde5f71e2e33f36c3d00
[-] Key Deleted : HKCU\Software\f706d7b5fa83b13c5dd10aaee625aa12
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3291 bytes] ##########
# AdwCleaner v5.117 - Log soubor vytvořen 22/05/2016 o 10:01:46
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows Vista (TM) Home Basic (X86)
# Jméno uživatele : Prachov - PRACHOV-PC
# Spuštěno z : C:\Users\Prachov\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.BUTTON_STRUCTURE", "[{\"b\":224341181,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224341182,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.prev", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.savedPrev", "true");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=76[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.savedPrev", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.tb", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.version.last", "46.0");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.coId", "4a5df8d041e84ccabcbf105a95fcc2d3");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.firstKnownVersion", "7.70.9.23211");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.homepage", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=7652E10A-DC7E-45E5-93[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.enabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.guardType", "HPR");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.user.defined", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.initialized", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installType", "XPI");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.dlpCountryCode", "CZ");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.installDate", "2016050405");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerId", "^BYI^xdm122^TTAB02^cz");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerSubId", "cze");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.pixelUrl", "hxxp://free.gounzip.com/install_pixels.jhtml?partner=^BYI^xdm122^TTAB02^cz&sub_id=cze&coId=4a5df8d041e84ccabcbf105a95fcc2d3[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.success", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.toolbarId", "7652E10A-DC7E-45E5-9301-6B3368503D5C");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastActivePing", "1462813103465");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastKnownVersion", "7.70.9.23211");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.defaultSearch", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.homePageEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.keywordEnabled", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.tabEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.partnerPixelFired", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.language", "cs");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/gounzip/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&si=${pa[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.type", "ToolTab");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.successUrl", "hxxp://free.gounzip.com/installComplete.jhtml");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbar.versionChanged", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbarCollapsed", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._dmMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.BUTTON_STRUCTURE", "[{\"b\":224244839,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224244840,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.prev", "www.seznam.cz");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.savedPrev", "true");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.savedPrev", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.tb", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.version.last", "46.0");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.coId", "6f3ba82523bd4c1cb158af402817141b");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.firstKnownVersion", "7.70.9.25694");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.homepage", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&ptb=34492AB8-C528-4[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.enabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.guardType", "HPR");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.user.defined", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.initialized", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installType", "XPI");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.dlpCountryCode", "CZ");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.installDate", "2016050202");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerId", "^BYR^xdm157^TTAB02^cz");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerSubId", "cze");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.pixelUrl", "hxxp://download.freeradiocast.com/install_pixels.jhtml?partner=^BYR^xdm157^TTAB02^cz&sub_id=cze&coId=6f3ba82523bd4c1cb158af[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.success", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.toolbarId", "34492AB8-C528-4E48-8AE2-28C45CD7F114");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastActivePing", "1462813103432");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastKnownVersion", "7.70.9.25694");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.defaultSearch", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.homePageEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.keywordEnabled", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.tabEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.partnerPixelFired", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.language", "cs");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&s[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.type", "ToolTab");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.successUrl", "hxxp://download.freeradiocast.com/installComplete.jhtml");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbar.versionChanged", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbarCollapsed", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._eeMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "gounzip@mindspark.com");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.lastInstalled", "gounzip@mindspark.com");
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [21020 bytes] - [28/09/2015 20:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [20516 bytes] - [28/09/2015 20:22:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [17528 bytes] - [21/05/2016 12:37:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [17602 bytes] - [22/05/2016 09:57:41]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21316 bytes] ##########
Zde je tedy nový ADW a jdu na MBAM:
# AdwCleaner v5.009 - Logfile created 28/09/2015 at 20:24:16
# Updated 27/09/2015 by Xplode
# Database : 2015-09-27.1 [Server]
# Operating system : Windows Vista (TM) Home Basic (x86)
# Username : Prachov - PRACHOV-PC
# Running from : E:\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Adobe Flash Player Updater
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\0515ad80f5c891520879365a690ca1ce
[-] Key Deleted : HKCU\Software\06403edf2da84676405ba47ed927efe8
[-] Key Deleted : HKCU\Software\0a9fc54d1fd9c1db44f41409a9274213
[-] Key Deleted : HKCU\Software\1710a28a45b655e95348aca814ccf3ec
[-] Key Deleted : HKCU\Software\1748e8e8175e6660122f85ed736fc024
[-] Key Deleted : HKCU\Software\1ac54efef229386218f9defd73c9fae1
[-] Key Deleted : HKCU\Software\1d3aef793af087b59ec719731dc2847e
[-] Key Deleted : HKCU\Software\23556fb1360f366337f97c924e76ead3
[-] Key Deleted : HKCU\Software\2871008b11b19831c86ab1ee3dd267c7
[-] Key Deleted : HKCU\Software\2ad8d984bfc960b9426eecbec660a9bc
[-] Key Deleted : HKCU\Software\3216893c52598aba9c50043b71480bc9
[-] Key Deleted : HKCU\Software\37f860443296616ff1a1032dff645de1
[-] Key Deleted : HKCU\Software\3bd13f8af846694af836aa5a2c763ceb
[-] Key Deleted : HKCU\Software\3ea30f8d2d29e35bcde6a3aecc233a60
[-] Key Deleted : HKCU\Software\5531986d5abab4c4868b719c0565fc56
[-] Key Deleted : HKCU\Software\5cd8f17f4086744065eb0992a09e05a2
[-] Key Deleted : HKCU\Software\60d892344ef1489b8a74a8c0a3278254
[-] Key Deleted : HKCU\Software\66a0787319cac24fe398f1f8d44fb11b
[-] Key Deleted : HKCU\Software\68586d46470da7fa6e4c622786775e97
[-] Key Deleted : HKCU\Software\6e9b3cd9ea5f9879fb3dd5b668f334f7
[-] Key Deleted : HKCU\Software\78da0422172bb1c4bf8f5b473fa4639a
[-] Key Deleted : HKCU\Software\802a9357a9751f943d94eb663ea75ff1
[-] Key Deleted : HKCU\Software\8a1b3ed71d4a43a8504ec95da2c6191e
[-] Key Deleted : HKCU\Software\9ed966436aaf0c9b3532d2886ac543a4
[-] Key Deleted : HKCU\Software\a374829b0e37920935a4bbca40f63d1b
[-] Key Deleted : HKCU\Software\a3ea41f4963757b1cdfde9e372ecd474
[-] Key Deleted : HKCU\Software\a7dc92269d0800e76f2433513c03e981
[-] Key Deleted : HKCU\Software\ac81fa871a4336b2440cb3826cd12647
[-] Key Deleted : HKCU\Software\b3adaf8638cb357cd6920b27eaaf2359
[-] Key Deleted : HKCU\Software\b424857db990f63ef956b71e7a796979
[-] Key Deleted : HKCU\Software\b71003c1546ffe63d5b7bb696082e8ea
[-] Key Deleted : HKCU\Software\bcc246c0d7dcabe439f23df50156a292
[-] Key Deleted : HKCU\Software\c5dd127ab224a68ace908cef61aa4f16
[-] Key Deleted : HKCU\Software\c6790ce50eb4f56d214739fcff7acf56
[-] Key Deleted : HKCU\Software\cbad6784b4976def0050c4fa9b9dcf8d
[-] Key Deleted : HKCU\Software\e5c1ec3f25c8f93b432a0260276b94b7
[-] Key Deleted : HKCU\Software\ea78a88ee5a5c9eceab729803f7062de
[-] Key Deleted : HKCU\Software\f2be33b5e367f7ac26771cf7c4ff63aa
[-] Key Deleted : HKCU\Software\f58c4ae67804dde5f71e2e33f36c3d00
[-] Key Deleted : HKCU\Software\f706d7b5fa83b13c5dd10aaee625aa12
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3291 bytes] ##########
# AdwCleaner v5.117 - Log soubor vytvořen 22/05/2016 o 10:01:46
# Aktualizováno 15/05/2016 by Xplode
# Databáze : 2016-05-15.2 [Server]
# Operační systém : Windows Vista (TM) Home Basic (X86)
# Jméno uživatele : Prachov - PRACHOV-PC
# Spuštěno z : C:\Users\Prachov\Desktop\adwcleaner_5.117.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
***** [ Webové prohlížeče ] *****
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.BUTTON_STRUCTURE", "[{\"b\":224341181,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224341182,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.prev", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.savedPrev", "true");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=76[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.savedPrev", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.startup.page.tb", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.browser.version.last", "46.0");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.coId", "4a5df8d041e84ccabcbf105a95fcc2d3");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.firstKnownVersion", "7.70.9.23211");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.homepage", "hxxp://hp.myway.com/gounzip/ttab02/index.html?coId=4a5df8d041e84ccabcbf105a95fcc2d3&subId=cze&ln=cs&n=782a7ce5&ptb=7652E10A-DC7E-45E5-93[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.enabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.guardType", "HPR");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.hp.user.defined", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.initialized", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installType", "XPI");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.dlpCountryCode", "CZ");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.installDate", "2016050405");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerId", "^BYI^xdm122^TTAB02^cz");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.partnerSubId", "cze");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.pixelUrl", "hxxp://free.gounzip.com/install_pixels.jhtml?partner=^BYI^xdm122^TTAB02^cz&sub_id=cze&coId=4a5df8d041e84ccabcbf105a95fcc2d3[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.success", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.installation.toolbarId", "7652E10A-DC7E-45E5-9301-6B3368503D5C");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastActivePing", "1462813103465");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.lastKnownVersion", "7.70.9.23211");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.defaultSearch", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.homePageEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.keywordEnabled", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.options.tabEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.partnerPixelFired", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.language", "cs");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/gounzip/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&si=${pa[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.productDeliveryOption.type", "ToolTab");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.successUrl", "hxxp://free.gounzip.com/installComplete.jhtml");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbar.versionChanged", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.toolbarCollapsed", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._dmMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._dmMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.BUTTON_STRUCTURE", "[{\"b\":224244839,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224244840,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.prev", "www.seznam.cz");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.savedPrev", "true");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.homepage.tb", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.savedPrev", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.startup.page.tb", 1);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.browser.version.last", "46.0");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.coId", "6f3ba82523bd4c1cb158af402817141b");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.firstKnownVersion", "7.70.9.25694");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.homepage", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?coId=6f3ba82523bd4c1cb158af402817141b&subId=cze&ln=cs&n=782a7c1a&ptb=34492AB8-C528-4[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.enabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.guardType", "HPR");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.hp.user.defined", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.initialized", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installType", "XPI");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.dlpCountryCode", "CZ");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.installDate", "2016050202");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerId", "^BYR^xdm157^TTAB02^cz");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.partnerSubId", "cze");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.pixelUrl", "hxxp://download.freeradiocast.com/install_pixels.jhtml?partner=^BYR^xdm157^TTAB02^cz&sub_id=cze&coId=6f3ba82523bd4c1cb158af[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.success", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.installation.toolbarId", "34492AB8-C528-4E48-8AE2-28C45CD7F114");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastActivePing", "1462813103432");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.lastKnownVersion", "7.70.9.25694");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.lssState", "{\"previousLocales\":[\"cs\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.defaultSearch", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.homePageEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.keywordEnabled", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.options.tabEnabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.partnerPixelFired", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.language", "cs");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.newTabURL", "hxxp://hp.myway.com/freeradiocast/ttab02/index.html?p2=${partnerID}&n=${installDateHex}&st=tab&ptb=${toolbarID}&s[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.productDeliveryOption.type", "ToolTab");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.successUrl", "hxxp://download.freeradiocast.com/installComplete.jhtml");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbar.versionChanged", false);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.toolbarCollapsed", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallSurveyUrl", "hxxp://www.research.net/r/HYSCVNM?CBID=<!--cob ... oolbarID-->");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark._eeMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._eeMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Prachov\\\\AppData\\[...]
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "gounzip@mindspark.com");
[-] [C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\prefs.js] smazáno : user_pref("extensions.toolbar.mindspark.lastInstalled", "gounzip@mindspark.com");
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [21020 bytes] - [28/09/2015 20:24:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [20516 bytes] - [28/09/2015 20:22:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [17528 bytes] - [21/05/2016 12:37:38]
C:\AdwCleaner\AdwCleaner[S3].txt - [17602 bytes] - [22/05/2016 09:57:41]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21316 bytes] ##########
Re: sestřin noťas
OK
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: sestřin noťas
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22.5.2016
Čas skenování: 11:13:10
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.22.02
Databáze rootkitů: v2016.05.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista
CPU: x86
Souborový systém: NTFS
Uživatel: Prachov
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 326833
Uplynulý čas: 1 hod, 0 min, 31 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.MindSpark, C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\GoUnzip_dm, , [66843d9bc5d4ad89c3b9f396cc374db3],
Soubory: 70
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AcrobatUpdater.exe, , [73772dab7d1c72c42cdd1c6e52afff01],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AdobeARM.exe, , [6f7bc5139603191db2572f5b53ae619f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AdobeARMHelper.exe, , [79716573c3d6122461a8cdbd22df31cf],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\ReaderUpdater.exe, , [ca203a9ef3a6eb4b13f63852ca37fb05],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\AcrobatUpdater.exe, , [d01a8c4cedac3bfba7624248b54c50b0],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\AdobeARM.exe, , [66847c5c663336006d9cf199748d41bf],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\AdobeARMHelper.exe, , [5892f6e2fb9ecc6a37d27e0c04fd34cc],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\ReaderUpdater.exe, , [14d62eaaa9f078beb158e6a4be43916f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\AcrobatUpdater.exe, , [b53523b5fd9c122485841377d52c956b],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\AdobeARM.exe, , [e208c3159ffa8caaeb1e1476c23f956b],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\AdobeARMHelper.exe, , [28c290488c0d76c063a60981be436898],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\ReaderUpdater.exe, , [e802ca0ee3b68da99e6b3d4d06fb1ce4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\AcrobatUpdater.exe, , [2bbf17c1a8f1300655b4a6e43ac7da26],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\AdobeARM.exe, , [c921a92f3366c0769475682245bc44bc],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\AdobeARMHelper.exe, , [4b9f38a02970043239d0325840c149b7],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\ReaderUpdater.exe, , [7d6db523f8a16fc7c346c3c744bddf21],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\AcrobatUpdater.exe, , [a941cb0df3a6ef479970b2d86c95ca36],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\AdobeARM.exe, , [07e3a038abee023443c63b4f37ca7a86],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\AdobeARMHelper.exe, , [1cceecec64350e287693cbbf99681ce4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\ReaderUpdater.exe, , [7e6c5781d8c1999d67a22169e71a8878],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\AcrobatUpdater.exe, , [07e3af29cacf5dd9a465bbcf42bf9769],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\AdobeARM.exe, , [bb2fa4342f6a90a635d42565b44dd22e],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\AdobeARMHelper.exe, , [bf2bf1e75b3ef343ca3fee9c6f92659b],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\ReaderUpdater.exe, , [ba30c90fecadf73f08012a608d747090],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\AcrobatUpdater.exe, , [0edc2aaebadf16202adf9beff11054ac],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\AdobeARM.exe, , [886212c67524dc5a3acf5931fb060cf4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\AdobeARMHelper.exe, , [a248a3358c0dc4723ccdb3d78879d62a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\ReaderUpdater.exe, , [d812667229706bcbdc2de6a405fca15f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\AcrobatUpdater.exe, , [c8226d6b9702cf6718f1b0da17ea06fa],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\AdobeARM.exe, , [ce1ca632178277bf25e4602a0bf6837d],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\AdobeARMHelper.exe, , [39b1993f9ffa221439d0dbaf7d84fe02],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\ReaderUpdater.exe, , [3ab0b12795045ed829e0f89254addf21],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\AcrobatUpdater.exe, , [8f5b9b3dabee62d440c93b4f61a06c94],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\AdobeARM.exe, , [3eac716756432a0cfc0d563412ef06fa],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\AdobeARMHelper.exe, , [d1195286adec9f9731d862281ae7a65a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\ReaderUpdater.exe, , [b03a9e3a7326cc6a27e2aae03ec3966a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\AcrobatUpdater.exe, , [fbef498f57420135b25774164eb337c9],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\AdobeARM.exe, , [21c96d6bd9c06ec890795832e819aa56],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\AdobeARMHelper.exe, , [f8f2e2f62c6d7fb7c544a2e8a8598080],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\ReaderUpdater.exe, , [2fbb2fa98d0c79bd7495dbaf2fd2946c],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\AcrobatUpdater.exe, , [d2185385475262d40efb8a0014ed619f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\AdobeARM.exe, , [a64493455a3f72c4ea1fc4c6e51c51af],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\AdobeARMHelper.exe, , [b1392cac574270c67891bfcb00015ba5],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\ReaderUpdater.exe, , [7a70d008adec81b5cb3e3b4f7988827e],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\AcrobatUpdater.exe, , [608a0dcbeeab3ff750b9593130d17e82],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\AdobeARM.exe, , [9753c0181881ec4a9277107a17eae11f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\AdobeARMHelper.exe, , [c02abb1d0891dc5a22e708825aa76d93],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\ReaderUpdater.exe, , [be2c6f6985147bbb0aff088298693cc4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\AcrobatUpdater.exe, , [8862c8108712082e9871533778896c94],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\AdobeARM.exe, , [b832f4e4a0f963d331d88703e51c6d93],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\AdobeARMHelper.exe, , [37b3696fe4b5290dac5d593161a0d927],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\ReaderUpdater.exe, , [f6f4e8f0b6e365d132d784060ef3b64a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\AcrobatUpdater.exe, , [ea001dbb96034fe720e9e9a123de916f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\AdobeARM.exe, , [6981b91f33665dd92ddc5e2cef1246ba],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\AdobeARMHelper.exe, , [22c8f2e6c5d4d85eab5e7515aa578a76],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\ReaderUpdater.exe, , [a04a15c33366db5b77926e1cf110817f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\AcrobatUpdater.exe, , [de0cc0188a0fa492e22715755fa20ef2],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\AdobeARM.exe, , [01e95c7c2772aa8cf91022685ca55ca4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\AdobeARMHelper.exe, , [fcee1dbb732671c5d5342a605ca546ba],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\ReaderUpdater.exe, , [bc2e3b9d5a3fa1953bceaedc639e9a66],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\AcrobatUpdater.exe, , [a7432dab574246f021e8365426db33cd],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\AdobeARM.exe, , [9b4fc018aeeb0c2ac2475c2e30d1ed13],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\AdobeARMHelper.exe, , [e703ab2d8d0ca0968f7a4b3f4eb37e82],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\ReaderUpdater.exe, , [d1198d4bdfba38febf4aa6e4ad54f20e],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\AcrobatUpdater.exe, , [8a607761425787afa069b0da54adbc44],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\AdobeARM.exe, , [f5f533a52d6c231386830d7dec158080],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\AdobeARMHelper.exe, , [9f4b8256a3f66fc7b9505f2bd9285ea2],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\ReaderUpdater.exe, , [04e601d78c0d2511a168692159a8f50b],
PUP.Optional.MindSpark, C:\Users\Prachov\Downloads\GoUnzipSetup.exe, , [18d25d7b9affd1656b2c96d5c14331cf],
PUP.Optional.MindSpark, C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\GoUnzip_dm\7652E10A-DC7E-45E5-9301-6B3368503D5C.sqlite, , [66843d9bc5d4ad89c3b9f396cc374db3],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 22.5.2016
Čas skenování: 11:13:10
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.22.02
Databáze rootkitů: v2016.05.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista
CPU: x86
Souborový systém: NTFS
Uživatel: Prachov
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 326833
Uplynulý čas: 1 hod, 0 min, 31 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 1
PUP.Optional.MindSpark, C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\GoUnzip_dm, , [66843d9bc5d4ad89c3b9f396cc374db3],
Soubory: 70
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AcrobatUpdater.exe, , [73772dab7d1c72c42cdd1c6e52afff01],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AdobeARM.exe, , [6f7bc5139603191db2572f5b53ae619f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AdobeARMHelper.exe, , [79716573c3d6122461a8cdbd22df31cf],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\ReaderUpdater.exe, , [ca203a9ef3a6eb4b13f63852ca37fb05],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\AcrobatUpdater.exe, , [d01a8c4cedac3bfba7624248b54c50b0],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\AdobeARM.exe, , [66847c5c663336006d9cf199748d41bf],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\AdobeARMHelper.exe, , [5892f6e2fb9ecc6a37d27e0c04fd34cc],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\1164\ReaderUpdater.exe, , [14d62eaaa9f078beb158e6a4be43916f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\AcrobatUpdater.exe, , [b53523b5fd9c122485841377d52c956b],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\AdobeARM.exe, , [e208c3159ffa8caaeb1e1476c23f956b],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\AdobeARMHelper.exe, , [28c290488c0d76c063a60981be436898],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\13333\ReaderUpdater.exe, , [e802ca0ee3b68da99e6b3d4d06fb1ce4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\AcrobatUpdater.exe, , [2bbf17c1a8f1300655b4a6e43ac7da26],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\AdobeARM.exe, , [c921a92f3366c0769475682245bc44bc],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\AdobeARMHelper.exe, , [4b9f38a02970043239d0325840c149b7],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\14010\ReaderUpdater.exe, , [7d6db523f8a16fc7c346c3c744bddf21],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\AcrobatUpdater.exe, , [a941cb0df3a6ef479970b2d86c95ca36],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\AdobeARM.exe, , [07e3a038abee023443c63b4f37ca7a86],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\AdobeARMHelper.exe, , [1cceecec64350e287693cbbf99681ce4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\19777\ReaderUpdater.exe, , [7e6c5781d8c1999d67a22169e71a8878],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\AcrobatUpdater.exe, , [07e3af29cacf5dd9a465bbcf42bf9769],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\AdobeARM.exe, , [bb2fa4342f6a90a635d42565b44dd22e],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\AdobeARMHelper.exe, , [bf2bf1e75b3ef343ca3fee9c6f92659b],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\23372\ReaderUpdater.exe, , [ba30c90fecadf73f08012a608d747090],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\AcrobatUpdater.exe, , [0edc2aaebadf16202adf9beff11054ac],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\AdobeARM.exe, , [886212c67524dc5a3acf5931fb060cf4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\AdobeARMHelper.exe, , [a248a3358c0dc4723ccdb3d78879d62a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\25051\ReaderUpdater.exe, , [d812667229706bcbdc2de6a405fca15f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\AcrobatUpdater.exe, , [c8226d6b9702cf6718f1b0da17ea06fa],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\AdobeARM.exe, , [ce1ca632178277bf25e4602a0bf6837d],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\AdobeARMHelper.exe, , [39b1993f9ffa221439d0dbaf7d84fe02],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\26583\ReaderUpdater.exe, , [3ab0b12795045ed829e0f89254addf21],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\AcrobatUpdater.exe, , [8f5b9b3dabee62d440c93b4f61a06c94],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\AdobeARM.exe, , [3eac716756432a0cfc0d563412ef06fa],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\AdobeARMHelper.exe, , [d1195286adec9f9731d862281ae7a65a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\27888\ReaderUpdater.exe, , [b03a9e3a7326cc6a27e2aae03ec3966a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\AcrobatUpdater.exe, , [fbef498f57420135b25774164eb337c9],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\AdobeARM.exe, , [21c96d6bd9c06ec890795832e819aa56],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\AdobeARMHelper.exe, , [f8f2e2f62c6d7fb7c544a2e8a8598080],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3027\ReaderUpdater.exe, , [2fbb2fa98d0c79bd7495dbaf2fd2946c],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\AcrobatUpdater.exe, , [d2185385475262d40efb8a0014ed619f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\AdobeARM.exe, , [a64493455a3f72c4ea1fc4c6e51c51af],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\AdobeARMHelper.exe, , [b1392cac574270c67891bfcb00015ba5],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\3209\ReaderUpdater.exe, , [7a70d008adec81b5cb3e3b4f7988827e],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\AcrobatUpdater.exe, , [608a0dcbeeab3ff750b9593130d17e82],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\AdobeARM.exe, , [9753c0181881ec4a9277107a17eae11f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\AdobeARMHelper.exe, , [c02abb1d0891dc5a22e708825aa76d93],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4087\ReaderUpdater.exe, , [be2c6f6985147bbb0aff088298693cc4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\AcrobatUpdater.exe, , [8862c8108712082e9871533778896c94],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\AdobeARM.exe, , [b832f4e4a0f963d331d88703e51c6d93],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\AdobeARMHelper.exe, , [37b3696fe4b5290dac5d593161a0d927],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\4466\ReaderUpdater.exe, , [f6f4e8f0b6e365d132d784060ef3b64a],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\AcrobatUpdater.exe, , [ea001dbb96034fe720e9e9a123de916f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\AdobeARM.exe, , [6981b91f33665dd92ddc5e2cef1246ba],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\AdobeARMHelper.exe, , [22c8f2e6c5d4d85eab5e7515aa578a76],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\6493\ReaderUpdater.exe, , [a04a15c33366db5b77926e1cf110817f],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\AcrobatUpdater.exe, , [de0cc0188a0fa492e22715755fa20ef2],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\AdobeARM.exe, , [01e95c7c2772aa8cf91022685ca55ca4],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\AdobeARMHelper.exe, , [fcee1dbb732671c5d5342a605ca546ba],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9425\ReaderUpdater.exe, , [bc2e3b9d5a3fa1953bceaedc639e9a66],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\AcrobatUpdater.exe, , [a7432dab574246f021e8365426db33cd],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\AdobeARM.exe, , [9b4fc018aeeb0c2ac2475c2e30d1ed13],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\AdobeARMHelper.exe, , [e703ab2d8d0ca0968f7a4b3f4eb37e82],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9719\ReaderUpdater.exe, , [d1198d4bdfba38febf4aa6e4ad54f20e],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\AcrobatUpdater.exe, , [8a607761425787afa069b0da54adbc44],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\AdobeARM.exe, , [f5f533a52d6c231386830d7dec158080],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\AdobeARMHelper.exe, , [9f4b8256a3f66fc7b9505f2bd9285ea2],
Trojan.Agent, C:\ProgramData\Adobe\ARM\Reader_10.1.0\9865\ReaderUpdater.exe, , [04e601d78c0d2511a168692159a8f50b],
PUP.Optional.MindSpark, C:\Users\Prachov\Downloads\GoUnzipSetup.exe, , [18d25d7b9affd1656b2c96d5c14331cf],
PUP.Optional.MindSpark, C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default\GoUnzip_dm\7652E10A-DC7E-45E5-9301-6B3368503D5C.sqlite, , [66843d9bc5d4ad89c3b9f396cc374db3],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: sestřin noťas
Zatim MBAM nezavirejte, jen minimalizujte. Najdete tento soubor C:\ProgramData\Adobe\ARM\Reader_10.1.0\5302\AcrobatUpdater.exe (nebo jakykoliv z tech nalezu, ktery se tyka Adobe) a otestujte ho na virustotal a jotti http://forum.viry.cz/viewtopic.php?f=29&t=5846 Vysledky sem zkopirujte, nebo dejte odkaz.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: sestřin noťas
Jotti:
Name: AcrobatUpdater.exe
Size: 413.71kB (423,640 bytes)
Type: PE32 executable (GUI) Intel 80386, for MS Windows
First seen: May 22, 2016 at 12:31:34 PM GMT+2
MD5: c0f0208975f7ab6ea8f44aa0fcc6aab7
SHA1: 1760dd923e60ceb6bd8ffe5f12c39ffd4a734645
Status: Scan finished. 19/19 scanners reported malware.
Scan taken on: May 22, 2016 at 12:31:36 PM GMT+2
a VirusTotal:
SHA256: d3d2ee800ff71b94fd118b6773043241b83c11e055d312387ada29d1ae276c96
File name: AcrobatUpdater.exe
Detection ratio: 54 / 56
Analysis date: 2016-05-22 10:33:21 UTC ( 0 minut ago )
Name: AcrobatUpdater.exe
Size: 413.71kB (423,640 bytes)
Type: PE32 executable (GUI) Intel 80386, for MS Windows
First seen: May 22, 2016 at 12:31:34 PM GMT+2
MD5: c0f0208975f7ab6ea8f44aa0fcc6aab7
SHA1: 1760dd923e60ceb6bd8ffe5f12c39ffd4a734645
Status: Scan finished. 19/19 scanners reported malware.
Scan taken on: May 22, 2016 at 12:31:36 PM GMT+2
a VirusTotal:
SHA256: d3d2ee800ff71b94fd118b6773043241b83c11e055d312387ada29d1ae276c96
File name: AcrobatUpdater.exe
Detection ratio: 54 / 56
Analysis date: 2016-05-22 10:33:21 UTC ( 0 minut ago )
Re: sestřin noťas
OK. Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: sestřin noťas
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22.5.2016
Čas skenování: 13:02:00
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.22.02
Databáze rootkitů: v2016.05.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista
CPU: x86
Souborový systém: NTFS
Uživatel: Prachov
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 327141
Uplynulý čas: 1 hod, 3 min, 13 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 22.5.2016
Čas skenování: 13:02:00
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.05.22.02
Databáze rootkitů: v2016.05.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows Vista
CPU: x86
Souborový systém: NTFS
Uživatel: Prachov
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 327141
Uplynulý čas: 1 hod, 3 min, 13 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: sestřin noťas
MBAM muzete odinstalovat. Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: sestřin noťas
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:22-05-2016
Ran by Prachov (administrator) on PRACHOV-PC (22-05-2016 15:49:30)
Running from C:\Users\Prachov\Desktop
Loaded Profiles: Prachov (Available Profiles: Prachov)
Platform: Microsoft® Windows Vista™ Home Basic (X86) Language: Čeština (Česká republika)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Realtek Semiconductor Corp.) C:\Users\Prachov\AppData\Local\Temp\RtkBtMnt.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2014-12-12] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4423680 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400576 2016-05-12] (AVAST Software)
HKU\S-1-5-21-3444975244-3462179002-3201107855-1000\...\MountPoints2: {b4a1f523-0591-11e6-834f-0016d35950a3} - E:\autorun.exe
HKU\S-1-5-21-3444975244-3462179002-3201107855-1000\...\MountPoints2: {b4a1f536-0591-11e6-834f-0016d35950a3} - E:\autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-05-11] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 04 C:\Windows\system32\napinsp.dll [50176 2006-11-02] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 82.208.56.105
Tcpip\..\Interfaces\{19DBA6F0-4012-41E1-9561-587868692734}: [DhcpNameServer] 93.89.159.2 82.208.56.105
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-3444975244-3462179002-3201107855-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-07] (AVAST Software)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default
FF Homepage: hxxp://seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3444975244-3462179002-3201107855-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Prachov\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3444975244-3462179002-3201107855-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-22] ()
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-05-21] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-11]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (A. Powerups) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2016-05-04]
CHR Extension: (Avast SafePrice) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-05-04]
CHR Extension: (Avast Online Security) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-04]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-11] (AVAST Software)
S2 MsMpSvc; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [17904 2010-03-25] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2015-08-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2014-12-12] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-05-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-05-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-05-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-05-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-05-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-05-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-05-11] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [187208 2016-05-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67216 2016-05-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-05-11] (AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [183912 2006-11-02] (Společnost Microsoft)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [151216 2010-03-25] (Microsoft Corporation)
S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [42368 2010-03-25] (Microsoft Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1060920 2014-12-12] (Společnost Microsoft)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-30] (Samsung Electronics) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 15:49 - 2016-05-22 15:49 - 00010168 _____ C:\Users\Prachov\Desktop\FRST.txt
2016-05-22 15:48 - 2016-05-22 15:49 - 00000000 ____D C:\FRST
2016-05-22 15:47 - 2016-05-22 15:47 - 01733632 _____ (Farbar) C:\Users\Prachov\Desktop\FRST.exe
2016-05-22 10:50 - 2016-05-22 10:50 - 22851472 _____ (Malwarebytes ) C:\Users\Prachov\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-21 12:25 - 2016-05-21 12:25 - 03651136 _____ C:\Users\Prachov\Desktop\adwcleaner_5.117.exe
2016-05-21 12:15 - 2016-05-21 12:16 - 11346936 _____ C:\Users\Prachov\Downloads\CrystalDiskInfo6_8_2-en(1).exe
2016-05-21 12:10 - 2016-05-21 12:10 - 11346936 _____ C:\Users\Prachov\Downloads\CrystalDiskInfo6_8_2-en.exe
2016-05-20 19:45 - 2016-05-20 19:45 - 00000000 ____D C:\rsit
2016-05-20 19:43 - 2016-05-20 19:43 - 01107968 _____ C:\Users\Prachov\Downloads\RSIT(1).exe
2016-05-13 22:12 - 2016-05-13 22:12 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-05-12 13:50 - 2016-05-12 13:50 - 00274512 _____ C:\Users\Prachov\Downloads\20080201035245PND-Meningoko-Roznovsky.pdf
2016-05-11 16:42 - 2016-05-11 16:42 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-05-11 16:42 - 2016-05-11 16:42 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-05-10 18:31 - 2016-05-10 18:31 - 00157751 _____ C:\Users\Prachov\Downloads\Přijetí MŠ.zip
2016-05-09 19:44 - 2016-05-09 19:49 - 81997375 _____ C:\Users\Prachov\Downloads\mateřská-škola-teorie-a-praxe-1.rar
2016-05-09 19:33 - 2016-05-09 19:37 - 62365997 _____ C:\Users\Prachov\Downloads\Dítě-a-mateřská-škola-1.část.pdf
2016-05-09 19:16 - 2016-05-09 19:16 - 00324820 _____ C:\Users\Prachov\Downloads\Skolni_rad_2015_web.pdf
2016-05-09 19:13 - 2016-05-09 19:14 - 05051703 _____ C:\Users\Prachov\Downloads\sb0076-2012_novela_V14_2005(1).pdf
2016-05-09 19:07 - 2016-05-09 19:08 - 05051703 _____ C:\Users\Prachov\Downloads\sb0076-2012_novela_V14_2005.pdf
2016-05-09 19:02 - 2016-05-09 19:02 - 00892576 _____ C:\Users\Prachov\Downloads\sb004_05.pdf
2016-05-08 08:00 - 2016-05-13 21:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-06 17:21 - 2016-05-06 17:21 - 00000104 _____ C:\Users\Prachov\Desktop\Internet – zástupce.lnk
2016-05-05 15:43 - 2016-05-05 16:10 - 00000000 ____D C:\Users\Prachov\Desktop\Nová složka
2016-05-05 15:37 - 2016-05-05 15:37 - 02334295 _____ C:\Users\Prachov\Downloads\Materialy_Stocek_duben(1).zip
2016-05-04 18:03 - 2016-05-05 16:09 - 00000000 ____D C:\Users\Prachov\Desktop\tube tycoon
2016-05-04 18:03 - 2016-05-04 18:03 - 00000000 ____D C:\Users\Prachov\Desktop\translations
2016-05-04 18:03 - 2016-05-04 18:03 - 00000000 ____D C:\Users\Prachov\Desktop\res
2016-05-04 18:03 - 2016-05-02 21:55 - 00637952 ____N C:\Users\Prachov\Desktop\Tube Tycoon.exe
2016-05-04 18:01 - 2016-05-04 18:01 - 00000000 ____D C:\Users\Prachov\AppData\Roaming\TubeTycoon
2016-05-04 16:06 - 2016-05-04 16:06 - 00055222 _____ C:\Users\Prachov\Downloads\Dokument bez názvu.pdf
2016-05-01 20:42 - 2016-05-01 20:42 - 00018329 _____ C:\Users\Prachov\Documents\tabulka 4.2016.xlsx
2016-04-25 18:01 - 2016-04-25 18:01 - 00414805 _____ C:\Users\Prachov\Downloads\Carodejnické pracovní listy.pdf
2016-04-22 17:54 - 2016-05-17 19:21 - 00000000 ____D C:\Users\Prachov\Desktop\studium
2016-04-22 17:12 - 2016-04-22 18:10 - 03589561 _____ C:\Users\Prachov\Downloads\Materialy_Stocek_duben.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 15:48 - 2007-01-08 23:10 - 00529850 _____ C:\Windows\system32\perfh005.dat
2016-05-22 15:48 - 2007-01-08 23:10 - 00109338 _____ C:\Windows\system32\perfc005.dat
2016-05-22 15:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-05-22 15:48 - 2006-11-02 12:33 - 01429090 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-22 15:42 - 2015-09-29 22:02 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-22 15:42 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-22 15:42 - 2006-11-02 14:45 - 00003952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-22 15:42 - 2006-11-02 14:45 - 00003952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-22 15:41 - 2006-11-02 14:58 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-22 15:12 - 2015-10-14 20:16 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-22 15:11 - 2015-09-29 22:02 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 09:57 - 2015-09-28 20:22 - 00000000 ____D C:\AdwCleaner
2016-05-20 19:45 - 2015-09-28 19:06 - 00000000 ____D C:\Program Files\trend micro
2016-05-20 19:35 - 2014-12-11 22:55 - 00000000 ____D C:\Users\Prachov\AppData\Local\VirtualStore
2016-05-19 20:22 - 2016-01-05 18:12 - 00000000 ____D C:\Users\Prachov\Documents\FAKTURY 2016
2016-05-19 20:16 - 2014-12-21 20:10 - 00002675 _____ C:\Users\Prachov\Desktop\Microsoft Office Word 2007.lnk
2016-05-19 20:10 - 2016-04-08 15:25 - 00000000 ___SD C:\Users\Prachov\AppData\LocalLow\Temp
2016-05-18 20:19 - 2016-03-11 16:32 - 00000000 ____D C:\Users\Prachov\Desktop\Kája výpisky
2016-05-13 22:12 - 2014-12-12 20:12 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-13 22:12 - 2014-12-12 20:12 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-13 21:58 - 2014-12-12 20:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-12 17:58 - 2015-09-04 15:18 - 00739447 _____ C:\Users\Prachov\Desktop\Prezentace na hudebku.pptx
2016-05-12 13:38 - 2015-05-05 20:20 - 00000000 ____D C:\Users\Prachov\Desktop\scaner
2016-05-12 03:02 - 2015-09-29 19:18 - 00000000 ____D C:\Windows\system32\MRT
2016-05-12 03:02 - 2006-11-02 12:24 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-05-11 16:42 - 2015-09-29 22:00 - 00449640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00221368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00187208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00067216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-05-11 16:41 - 2016-04-07 17:20 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-05-11 16:41 - 2015-09-29 22:00 - 00815792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-05-06 16:13 - 2015-09-29 22:01 - 00000000 ____D C:\Users\Prachov\AppData\Local\Google
2016-04-28 20:10 - 2015-01-02 16:24 - 00000000 ____D C:\Users\Prachov\Desktop\faktury 2015
==================== Files in the root of some directories =======
2015-09-29 22:09 - 2015-09-29 22:09 - 6420480 _____ () C:\Program Files\GUT3A35.tmp
2015-09-28 19:06 - 2015-09-28 19:06 - 0000680 _____ () C:\Users\Prachov\AppData\Local\d3d9caps.dat
2015-01-25 21:47 - 2015-09-07 07:01 - 0017920 _____ () C:\Users\Prachov\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Users\Prachov\AppData\Local\Temp\libeay32.dll
C:\Users\Prachov\AppData\Local\Temp\msvcr120.dll
C:\Users\Prachov\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Prachov\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-22 15:48
==================== End of FRST.txt ============================
Ran by Prachov (administrator) on PRACHOV-PC (22-05-2016 15:49:30)
Running from C:\Users\Prachov\Desktop
Loaded Profiles: Prachov (Available Profiles: Prachov)
Platform: Microsoft® Windows Vista™ Home Basic (X86) Language: Čeština (Česká republika)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Realtek Semiconductor Corp.) C:\Users\Prachov\AppData\Local\Temp\RtkBtMnt.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2014-12-12] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4423680 2007-03-23] (Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400576 2016-05-12] (AVAST Software)
HKU\S-1-5-21-3444975244-3462179002-3201107855-1000\...\MountPoints2: {b4a1f523-0591-11e6-834f-0016d35950a3} - E:\autorun.exe
HKU\S-1-5-21-3444975244-3462179002-3201107855-1000\...\MountPoints2: {b4a1f536-0591-11e6-834f-0016d35950a3} - E:\autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-05-11] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 04 C:\Windows\system32\napinsp.dll [50176 2006-11-02] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 82.208.56.105
Tcpip\..\Interfaces\{19DBA6F0-4012-41E1-9561-587868692734}: [DhcpNameServer] 93.89.159.2 82.208.56.105
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-3444975244-3462179002-3201107855-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-07] (AVAST Software)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Prachov\AppData\Roaming\Mozilla\Firefox\Profiles\pvagz6wn.default
FF Homepage: hxxp://seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3444975244-3462179002-3201107855-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Prachov\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3444975244-3462179002-3201107855-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-22] ()
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2016-05-21] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-11]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (A. Powerups) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2016-05-04]
CHR Extension: (Avast SafePrice) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-05-04]
CHR Extension: (Avast Online Security) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Prachov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-04]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-16]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-11] (AVAST Software)
S2 MsMpSvc; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [17904 2010-03-25] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2015-08-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2014-12-12] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-05-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-05-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-05-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-05-11] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-05-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [815792 2016-05-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449640 2016-05-11] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [187208 2016-05-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [67216 2016-05-11] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221368 2016-05-11] (AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [38400 2009-03-02] (Samsung Electronics Co., Ltd.) [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [183912 2006-11-02] (Společnost Microsoft)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [151216 2010-03-25] (Microsoft Corporation)
S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [42368 2010-03-25] (Microsoft Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1060920 2014-12-12] (Společnost Microsoft)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2013-04-30] (Samsung Electronics) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 15:49 - 2016-05-22 15:49 - 00010168 _____ C:\Users\Prachov\Desktop\FRST.txt
2016-05-22 15:48 - 2016-05-22 15:49 - 00000000 ____D C:\FRST
2016-05-22 15:47 - 2016-05-22 15:47 - 01733632 _____ (Farbar) C:\Users\Prachov\Desktop\FRST.exe
2016-05-22 10:50 - 2016-05-22 10:50 - 22851472 _____ (Malwarebytes ) C:\Users\Prachov\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-21 12:25 - 2016-05-21 12:25 - 03651136 _____ C:\Users\Prachov\Desktop\adwcleaner_5.117.exe
2016-05-21 12:15 - 2016-05-21 12:16 - 11346936 _____ C:\Users\Prachov\Downloads\CrystalDiskInfo6_8_2-en(1).exe
2016-05-21 12:10 - 2016-05-21 12:10 - 11346936 _____ C:\Users\Prachov\Downloads\CrystalDiskInfo6_8_2-en.exe
2016-05-20 19:45 - 2016-05-20 19:45 - 00000000 ____D C:\rsit
2016-05-20 19:43 - 2016-05-20 19:43 - 01107968 _____ C:\Users\Prachov\Downloads\RSIT(1).exe
2016-05-13 22:12 - 2016-05-13 22:12 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-05-12 13:50 - 2016-05-12 13:50 - 00274512 _____ C:\Users\Prachov\Downloads\20080201035245PND-Meningoko-Roznovsky.pdf
2016-05-11 16:42 - 2016-05-11 16:42 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-05-11 16:42 - 2016-05-11 16:42 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-05-10 18:31 - 2016-05-10 18:31 - 00157751 _____ C:\Users\Prachov\Downloads\Přijetí MŠ.zip
2016-05-09 19:44 - 2016-05-09 19:49 - 81997375 _____ C:\Users\Prachov\Downloads\mateřská-škola-teorie-a-praxe-1.rar
2016-05-09 19:33 - 2016-05-09 19:37 - 62365997 _____ C:\Users\Prachov\Downloads\Dítě-a-mateřská-škola-1.část.pdf
2016-05-09 19:16 - 2016-05-09 19:16 - 00324820 _____ C:\Users\Prachov\Downloads\Skolni_rad_2015_web.pdf
2016-05-09 19:13 - 2016-05-09 19:14 - 05051703 _____ C:\Users\Prachov\Downloads\sb0076-2012_novela_V14_2005(1).pdf
2016-05-09 19:07 - 2016-05-09 19:08 - 05051703 _____ C:\Users\Prachov\Downloads\sb0076-2012_novela_V14_2005.pdf
2016-05-09 19:02 - 2016-05-09 19:02 - 00892576 _____ C:\Users\Prachov\Downloads\sb004_05.pdf
2016-05-08 08:00 - 2016-05-13 21:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-06 17:21 - 2016-05-06 17:21 - 00000104 _____ C:\Users\Prachov\Desktop\Internet – zástupce.lnk
2016-05-05 15:43 - 2016-05-05 16:10 - 00000000 ____D C:\Users\Prachov\Desktop\Nová složka
2016-05-05 15:37 - 2016-05-05 15:37 - 02334295 _____ C:\Users\Prachov\Downloads\Materialy_Stocek_duben(1).zip
2016-05-04 18:03 - 2016-05-05 16:09 - 00000000 ____D C:\Users\Prachov\Desktop\tube tycoon
2016-05-04 18:03 - 2016-05-04 18:03 - 00000000 ____D C:\Users\Prachov\Desktop\translations
2016-05-04 18:03 - 2016-05-04 18:03 - 00000000 ____D C:\Users\Prachov\Desktop\res
2016-05-04 18:03 - 2016-05-02 21:55 - 00637952 ____N C:\Users\Prachov\Desktop\Tube Tycoon.exe
2016-05-04 18:01 - 2016-05-04 18:01 - 00000000 ____D C:\Users\Prachov\AppData\Roaming\TubeTycoon
2016-05-04 16:06 - 2016-05-04 16:06 - 00055222 _____ C:\Users\Prachov\Downloads\Dokument bez názvu.pdf
2016-05-01 20:42 - 2016-05-01 20:42 - 00018329 _____ C:\Users\Prachov\Documents\tabulka 4.2016.xlsx
2016-04-25 18:01 - 2016-04-25 18:01 - 00414805 _____ C:\Users\Prachov\Downloads\Carodejnické pracovní listy.pdf
2016-04-22 17:54 - 2016-05-17 19:21 - 00000000 ____D C:\Users\Prachov\Desktop\studium
2016-04-22 17:12 - 2016-04-22 18:10 - 03589561 _____ C:\Users\Prachov\Downloads\Materialy_Stocek_duben.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-22 15:48 - 2007-01-08 23:10 - 00529850 _____ C:\Windows\system32\perfh005.dat
2016-05-22 15:48 - 2007-01-08 23:10 - 00109338 _____ C:\Windows\system32\perfc005.dat
2016-05-22 15:48 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\inf
2016-05-22 15:48 - 2006-11-02 12:33 - 01429090 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-22 15:42 - 2015-09-29 22:02 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-22 15:42 - 2006-11-02 14:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-22 15:42 - 2006-11-02 14:45 - 00003952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-22 15:42 - 2006-11-02 14:45 - 00003952 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-22 15:41 - 2006-11-02 14:58 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-22 15:12 - 2015-10-14 20:16 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-22 15:11 - 2015-09-29 22:02 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-22 09:57 - 2015-09-28 20:22 - 00000000 ____D C:\AdwCleaner
2016-05-20 19:45 - 2015-09-28 19:06 - 00000000 ____D C:\Program Files\trend micro
2016-05-20 19:35 - 2014-12-11 22:55 - 00000000 ____D C:\Users\Prachov\AppData\Local\VirtualStore
2016-05-19 20:22 - 2016-01-05 18:12 - 00000000 ____D C:\Users\Prachov\Documents\FAKTURY 2016
2016-05-19 20:16 - 2014-12-21 20:10 - 00002675 _____ C:\Users\Prachov\Desktop\Microsoft Office Word 2007.lnk
2016-05-19 20:10 - 2016-04-08 15:25 - 00000000 ___SD C:\Users\Prachov\AppData\LocalLow\Temp
2016-05-18 20:19 - 2016-03-11 16:32 - 00000000 ____D C:\Users\Prachov\Desktop\Kája výpisky
2016-05-13 22:12 - 2014-12-12 20:12 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-13 22:12 - 2014-12-12 20:12 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-05-13 21:58 - 2014-12-12 20:02 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-12 17:58 - 2015-09-04 15:18 - 00739447 _____ C:\Users\Prachov\Desktop\Prezentace na hudebku.pptx
2016-05-12 13:38 - 2015-05-05 20:20 - 00000000 ____D C:\Users\Prachov\Desktop\scaner
2016-05-12 03:02 - 2015-09-29 19:18 - 00000000 ____D C:\Windows\system32\MRT
2016-05-12 03:02 - 2006-11-02 12:24 - 136686448 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-05-11 16:42 - 2015-09-29 22:00 - 00449640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00221368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00187208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00067216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-05-11 16:42 - 2015-09-29 22:00 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-05-11 16:41 - 2016-04-07 17:20 - 00035096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-05-11 16:41 - 2015-09-29 22:00 - 00815792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-05-06 16:13 - 2015-09-29 22:01 - 00000000 ____D C:\Users\Prachov\AppData\Local\Google
2016-04-28 20:10 - 2015-01-02 16:24 - 00000000 ____D C:\Users\Prachov\Desktop\faktury 2015
==================== Files in the root of some directories =======
2015-09-29 22:09 - 2015-09-29 22:09 - 6420480 _____ () C:\Program Files\GUT3A35.tmp
2015-09-28 19:06 - 2015-09-28 19:06 - 0000680 _____ () C:\Users\Prachov\AppData\Local\d3d9caps.dat
2015-01-25 21:47 - 2015-09-07 07:01 - 0017920 _____ () C:\Users\Prachov\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some files in TEMP:
====================
C:\Users\Prachov\AppData\Local\Temp\libeay32.dll
C:\Users\Prachov\AppData\Local\Temp\msvcr120.dll
C:\Users\Prachov\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Prachov\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-22 15:48
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (6.09 KiB) Staženo 70 x
Re: sestřin noťas
Napiste mi velikost adresare plochy (C:\Users\Prachov\Plocha) Odinstalujte MSE a vypnete trvale Windows Defender. Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1006264 2014-12-12] (Microsoft Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [17904 2010-03-25] (Microsoft Corporation)
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-30 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-30 144200]
2016-05-22 10:50 - 2016-05-22 10:50 - 22851472 _____ (Malwarebytes ) C:\Users\Prachov\Downloads\mbam-setup-2.2.1.1043.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Users\Prachov\AppData\Local\Temp:{46007000-7900-5200-5900-700045004400} [960]
AlternateDataStreams: C:\Users\Prachov\AppData\Local\Temp:{4D004300-3200-7000-4600-680054005300} [960]
AlternateDataStreams: C:\Users\Prachov\AppData\Local\Temp:{78002F00-7800-4A00-5900-670073006400} [960]
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?