zpomaleny NTB

Zpráva

strata · #1 Příspěvek od **strata** » 04 pro 2013 22:16

posilam log z RSIT a prosim o kontrolu
diky

Logfile of random's system information tool 1.08 (written by random/random)
Run by radka at 2013-12-04 13:44:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 247 GB (57%) free of 432 GB
Total RAM: 2814 MB (35% free)

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1

ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 4388176
\??\C:\windows\system32\conhost.exe "150865438388427463-643098117-5640352241578971524-8577205761494083906-1267245557
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"c:\progra~2\optimi~1\OptProCrash.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe"
"C:\Users\radka\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
"C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe"
"C:\Users\radka\AppData\Roaming\SearchProtect\bin\cltmng.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
"C:\Users\radka\AppData\Local\Smartbar\Application\QuickShare.exe" startup
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
C:\windows\system32\svchost.exe -k imgsvc
System32\TPHDEXLG64.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2196
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe"
"C:\Program Files (x86)\USB Camera\VM331_STI.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskmgr.exe /3
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=10944.12b6de00.809951003 "C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"

E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 10944 "\\.\pipe\gecko-crash-server-pipe.10944" plugin
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash11092.61C963D8.2135 --host-broker-channel=Flash11092.61C963D8.24752

--host-pid=11092 --host-npapi-version=27 --plugin-path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll"
"C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=2740.0039F574.84198332 --proxy-stub-channel=Flash11092.61C963D8.2135 --plugin-

path="C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer
C:\windows\system32\prevhost.exe {914FEED8-267A-4BAA-B8AA-21E233792679} -Embedding
C:\Windows\SysWOW64\prevhost.exe {DC6EFB56-9CFA-464D-8880-44885D7DC193} -Embedding
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" /b /id 21660_4761 /if pdfshell_prevf6c166c1-d037-42e5-930a-262d82126b2b
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=17800.1.102614894 --type=renderer /b /id 21660_4761 /if pdfshell_prevf6c166c1-d037-42e5-

930a-262d82126b2b
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
{7D28CC07-D1B9-4EAE-8736-6338999C6FA4}
{4041731F-4196-4DA0-9D44-EF104A19BE18}
"C:\Users\radka\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000UA.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
QuickShare WidgetEngine - C:\windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-04 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
QuickShare WidgetEngine - C:\windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53c4024f-5a2e-4f2a-b33e-e8784d730938}]
VisualBee V.12 Toolbar - C:\Program Files (x86)\VisualBee_V.12\prxtbVisu.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-02 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}]
DefaultTab Browser Helper - C:\Users\radka\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll [2013-11-21 462968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-02 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLATOR\WEBIE.DLL [2011-03-09 114688]
{53c4024f-5a2e-4f2a-b33e-e8784d730938} - VisualBee V.12 Toolbar - C:\Program Files (x86)\VisualBee_V.12\prxtbVisu.dll []
{ae07101b-46d4-4a98-af68-0333ea26e113} - QuickShare Widget - C:\windows\system32\mscoree.dll [2010-11-04 444752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-20 10151968]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-04-20 908320]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"TpShocks"=C:\Windows\System32\TpShocks.exe [2010-03-15 231328]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2010-04-12 4462496]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14 20584608]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2012-12-21 1090040]
"Facebook Update"=C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-20 138096]
"BrowserSafeguard"=C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe [2013-10-01 565248]
"SearchProtect"=C:\Users\radka\AppData\Roaming\SearchProtect\bin\cltmng.exe [2013-09-22 3470624]
"Optimizer Pro"=C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2013-09-29 135672]
"Browser Infrastructure Helper"=C:\Users\radka\AppData\Local\Smartbar\Application\QuickShare.exe [2013-08-26 20248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2010-03-18 7056800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2010-10-20 3122528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon]
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [2010-03-02 171104]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-13 98304]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331_STI.EXE [2010-01-15 536576]
"UCam_Menu"=C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"SearchProtectAll"=C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2013-09-22 3470624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-12-04 13:44:02 ----D---- C:\Program Files\trend micro
2013-12-04 13:44:01 ----D---- C:\rsit
2013-11-21 23:18:32 ----A---- C:\windows\SYSWOW64\ieui.dll
2013-11-21 23:18:30 ----A---- C:\windows\system32\ieui.dll
2013-11-21 23:18:28 ----A---- C:\windows\SYSWOW64\iesetup.dll
2013-11-21 23:18:27 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-21 23:18:27 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2013-11-21 23:18:27 ----A---- C:\windows\SYSWOW64\iernonce.dll
2013-11-21 23:18:27 ----A---- C:\windows\system32\iesetup.dll
2013-11-21 23:18:27 ----A---- C:\windows\system32\iernonce.dll
2013-11-21 23:18:26 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2013-11-21 23:18:26 ----A---- C:\windows\system32\iesysprep.dll
2013-11-21 23:18:26 ----A---- C:\windows\system32\ie4uinit.exe
2013-11-21 23:18:25 ----A---- C:\windows\SYSWOW64\iertutil.dll
2013-11-21 23:18:24 ----A---- C:\windows\system32\iertutil.dll
2013-11-21 23:18:21 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2013-11-21 23:18:21 ----A---- C:\windows\system32\msfeeds.dll
2013-11-21 23:18:20 ----A---- C:\windows\system32\jscript.dll
2013-11-21 23:18:19 ----A---- C:\windows\SYSWOW64\jscript.dll
2013-11-21 23:18:18 ----A---- C:\windows\system32\jscript9.dll
2013-11-21 23:18:17 ----A---- C:\windows\SYSWOW64\jscript9.dll
2013-11-21 23:18:16 ----A---- C:\windows\SYSWOW64\urlmon.dll
2013-11-21 23:18:15 ----A---- C:\windows\system32\urlmon.dll
2013-11-21 23:18:12 ----A---- C:\windows\SYSWOW64\wininet.dll
2013-11-21 23:18:12 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2013-11-21 23:18:12 ----A---- C:\windows\system32\jsproxy.dll
2013-11-21 23:18:10 ----A---- C:\windows\system32\wininet.dll
2013-11-21 23:18:07 ----A---- C:\windows\SYSWOW64\ieframe.dll
2013-11-21 23:18:03 ----A---- C:\windows\system32\ieframe.dll
2013-11-21 23:18:01 ----A---- C:\windows\system32\mshtml.dll
2013-11-21 23:17:54 ----A---- C:\windows\SYSWOW64\mshtml.dll
2013-11-21 20:16:48 ----A---- C:\windows\system32\schannel.dll
2013-11-21 20:16:47 ----A---- C:\windows\SYSWOW64\schannel.dll
2013-11-21 20:16:47 ----A---- C:\windows\system32\lsasrv.dll
2013-11-21 20:16:47 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2013-11-21 20:16:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2013-11-21 20:16:47 ----A---- C:\windows\system32\drivers\cng.sys
2013-11-21 20:16:46 ----A---- C:\windows\SYSWOW64\sspicli.dll
2013-11-21 20:16:46 ----A---- C:\windows\system32\sspicli.dll
2013-11-21 20:16:45 ----A---- C:\windows\SYSWOW64\secur32.dll
2013-11-21 20:16:45 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2013-11-21 20:16:45 ----A---- C:\windows\system32\sspisrv.dll
2013-11-21 20:16:45 ----A---- C:\windows\system32\secur32.dll
2013-11-21 20:16:45 ----A---- C:\windows\system32\ncrypt.dll
2013-11-21 20:16:45 ----A---- C:\windows\system32\lsass.exe
2013-11-21 20:16:21 ----A---- C:\windows\system32\crypt32.dll
2013-11-21 20:16:20 ----A---- C:\windows\SYSWOW64\crypt32.dll
2013-11-21 20:15:45 ----A---- C:\windows\system32\drivers\afd.sys
2013-11-21 20:15:40 ----A---- C:\windows\system32\authui.dll
2013-11-21 20:15:39 ----A---- C:\windows\SYSWOW64\authui.dll
2013-11-21 20:15:39 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-21 20:15:38 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-21 20:15:38 ----A---- C:\windows\SYSWOW64\credui.dll
2013-11-21 20:15:38 ----A---- C:\windows\system32\credui.dll
2013-11-21 20:14:50 ----A---- C:\windows\system32\gdi32.dll
2013-11-21 20:14:49 ----A---- C:\windows\SYSWOW64\gdi32.dll
2013-11-21 20:13:37 ----A---- C:\windows\system32\IKEEXT.DLL
2013-11-21 20:13:36 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2013-11-21 20:13:36 ----A---- C:\windows\system32\nshwfp.dll
2013-11-21 20:13:36 ----A---- C:\windows\system32\FWPUCLNT.DLL
2013-11-21 20:13:35 ----A---- C:\windows\SYSWOW64\nshwfp.dll

======List of files/folders modified in the last 1 months======

2013-12-04 13:44:02 ----RD---- C:\Program Files
2013-12-04 13:41:17 ----D---- C:\Users\radka\AppData\Roaming\Skype
2013-12-04 13:27:08 ----D---- C:\windows\Temp
2013-12-04 13:17:16 ----D---- C:\windows\System32
2013-12-04 13:17:16 ----D---- C:\windows\inf
2013-12-04 13:17:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-12-04 11:45:44 ----D---- C:\windows\system32\config
2013-12-04 11:32:47 ----SHD---- C:\System Volume Information
2013-12-04 08:49:55 ----D---- C:\Radka
2013-11-30 20:59:16 ----D---- C:\Program Files (x86)\Browsersafeguard
2013-11-29 21:58:26 ----D---- C:\Program Files (x86)\DefaultTab
2013-11-28 08:35:00 ----SHD---- C:\windows\Installer
2013-11-28 08:34:59 ----D---- C:\ProgramData\Skype
2013-11-28 08:34:50 ----RD---- C:\Program Files (x86)\Skype
2013-11-27 10:27:53 ----D---- C:\windows\system32\drivers
2013-11-27 04:53:50 ----RD---- C:\Program Files (x86)
2013-11-24 10:50:09 ----D---- C:\windows\system32\NDF
2013-11-22 07:49:41 ----D---- C:\Users\radka\AppData\Roaming\vlc
2013-11-22 06:35:47 ----D---- C:\windows\winsxs
2013-11-22 06:30:23 ----D---- C:\windows\SysWOW64
2013-11-22 06:30:23 ----D---- C:\Program Files (x86)\Internet Explorer
2013-11-22 06:30:22 ----D---- C:\Program Files\Internet Explorer
2013-11-22 06:30:21 ----D---- C:\windows\SYSWOW64\cs-CZ
2013-11-22 06:30:21 ----D---- C:\windows\system32\cs-CZ
2013-11-21 23:20:08 ----D---- C:\windows\system32\catroot
2013-11-21 23:19:13 ----D---- C:\windows\system32\catroot2
2013-11-21 23:17:47 ----D---- C:\ProgramData\Microsoft Help
2013-11-21 23:15:10 ----D---- C:\Windows
2013-11-21 23:15:07 ----D---- C:\Program Files\Microsoft Security Client
2013-11-21 23:15:05 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-21 22:56:11 ----D---- C:\windows\system32\MRT
2013-11-21 22:56:07 ----A---- C:\windows\system32\MRT.exe
2013-11-21 17:30:47 ----D---- C:\windows\Prefetch
2013-11-19 03:21:41 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2010-01-15 39008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 Shockprf;Shockprf; C:\windows\System32\DRIVERS\Apsx64.sys [2009-12-09 135264]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-03-15 564824]
R0 TPDIGIMN;TPDIGIMN; C:\windows\System32\DRIVERS\ApsHM64.sys [2009-12-09 23648]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-10-18 28176]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-01-28 116736]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-02-02 3058168]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2010-04-20 2350240]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 vm331avs;Digital Camera 1; C:\windows\System32\Drivers\vm331avs.sys [2010-01-26 214912]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11280]
S1 MpKsl98ac41ca;MpKsl98ac41ca; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DE25F09-4961-4E5F-8BBE-627A7BBBA703}\MpKsl98ac41ca.sys []
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-15 79376]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-13 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384]
S3 btusbflt;Bluetooth USB Filter; C:\windows\system32\drivers\btusbflt.sys [2010-04-08 54824]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-01-14 98344]
S3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2010-01-14 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-14 21288]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 massfilter;Mass Storage Filter Driver; C:\windows\system32\drivers\massfilter.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-11-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-11-09 27136]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2012-11-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-13 12352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 232480]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-11-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-28 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-11-09 9216]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 70e6ca8c;Optimizer Pro Crash Monitor; c:\progra~2\optimi~1\OptProCrash.exe [2013-10-13 143488]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-01-13 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-04-20 903456]
R2 CltMngSvc;Search Protect by Conduit Updater; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-05-07 97056]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DefaultTabUpdate;DefaultTabUpdate; C:\Users\radka\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-10-13 107520]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\windows\System32\TPHDEXLG64.exe [2009-12-09 47712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DefaultTabSearch;DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-10-07 573952]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-16 182768]
S3 IGRS;IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-11-17 575304]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26

64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-11 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-19 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe -k IgrsSvcs []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-03-02 1255736]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 04 pro 2013 22:20

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

strata · #3 Příspěvek od **strata** » 04 pro 2013 23:21

diky. Jrt vygenerovano,ale nyni nespustim mozillu. "Proxy server odmitl spojeni."

#4 Příspěvek od **vyosek** » 05 pro 2013 07:49

Firefox - Moznosti - Moznosti - Rozsirebe - Sit - Nastaveni pripojeni a zkontrolujte toto (klik na obrazek)

Jiny prohlizec funguje?

strata · #5 Příspěvek od **strata** » 05 pro 2013 08:29

Zdravim,
diky mozilla uz chodi.

zde posilam zatim jrt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by radka on st 04.12.2013 at 14:37:05,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\browser infrastructure helper
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\browsersafeguard
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\optimizer pro
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotect
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotectall
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-570883228-2704862597-2836491840-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowser.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\defaulttabbho.defaulttabbrowseractivex.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\defaulttabbho.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\default tab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminent
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarbackup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbarlog
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\visualbee
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\defaulttab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\default tab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\iminent
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\visualbee
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.bho
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.dockingpanel
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.iesmartbarbandobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbardisplaystate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\iesmartbar.smartbarmenuform
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\quickshare_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\defaulttab
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\optimizer pro_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3287811
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{00303E71-ED51-41D2-93A2-A5D31A4DF095}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6D4B4F95-E2F9-43E5-8FA5-98960F200E6D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B13459E4-4159-4F7A-ABC9-2FF4E02AC052}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53c4024f-5a2e-4f2a-b33e-e8784d730938}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{53c4024f-5a2e-4f2a-b33e-e8784d730938}

~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\nsprotector.js"
Successfully deleted: [File] "C:\end"
Successfully deleted: [File] C:\windows\syswow64\shoBF21.tmp

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\ProgramData\visualbee"
Successfully deleted: [Folder] "C:\Users\radka\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Users\radka\AppData\Roaming\optimizer pro"
Successfully deleted: [Folder] "C:\Users\radka\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\radka\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\radka\appdata\local\cre"
Failed to delete: [Folder] "C:\Users\radka\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\radka\appdata\local\visualbeeclient"
Successfully deleted: [Folder] "C:\Users\radka\appdata\local\visualbeeexe"
Successfully deleted: [Folder] "C:\Users\radka\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\radka\appdata\locallow\pricegong"
Failed to delete: [Folder] "C:\Users\radka\appdata\locallow\smartbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\browsersafeguard"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\defaulttab"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Users\radka\documents\optimizer pro"
Successfully deleted: [Empty Folder] C:\Users\radka\appdata\local\{38C9B357-3F3C-4D9E-ABA8-243A5A0E8AEA}
Successfully deleted: [Empty Folder] C:\Users\radka\appdata\local\{46BDE9C1-CE0B-476F-83C1-3CF52F6D5209}
Successfully deleted: [Empty Folder] C:\Users\radka\appdata\local\{8F09462D-2D4E-4279-839A-9B89AD4670A7}
Successfully deleted: [Empty Folder] C:\Users\radka\appdata\local\{9CEA6156-99D9-4D65-8084-C26783FB5E0C}
Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ FireFox

Successfully deleted: [File] C:\Users\radka\AppData\Roaming\mozilla\firefox\profiles\va4qno99.default\extensions\addon@defaulttab.com.xpi
Successfully deleted: [File] C:\Users\radka\AppData\Roaming\mozilla\firefox\profiles\va4qno99.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\radka\AppData\Roaming\mozilla\firefox\profiles\va4qno99.default\searchplugins\askcomsearch.xml
Successfully deleted: [File] C:\Users\radka\AppData\Roaming\mozilla\firefox\profiles\va4qno99.default\searchplugins\conduit.xml
Successfully deleted the following from C:\Users\radka\AppData\Roaming\mozilla\firefox\profiles\va4qno99.default\prefs.js

user_pref("CT3287811.UserID", "UN35062123562409713");
user_pref("CT3287811.fullUserID", "UN35062123562409713.IN.20131013200912");
user_pref("CT3287811.installerVersion", "1.7.1.4");
user_pref("CT3287811.versionFromInstaller", "10.20.1.8");
user_pref("CT3287811.xpeMode", "0");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1365967555409");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent109", "1364479978463");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent111", "1364479978480");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent122", "1364479978499");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1365958144004");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent136", "1363342163022");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent140", "1361141304836");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1365928541129");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1366056769464");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1366056769478");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1366056778083");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1366056769491");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent134", "1365963642443");
user_pref("smartbar.machineId", "R10IN0XJLDZPKDIDSM+/J158WFIXATTYBVLVKLXVA7MG0TODPHIJIOIL0DZHBBVAAVG0OMHTKIYK+AIF4PK+IW");
Emptied folder: C:\Users\radka\AppData\Roaming\mozilla\firefox\profiles\va4qno99.default\minidumps [166 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\radka\appdata\local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Successfully deleted: [Folder] C:\Users\radka\appdata\local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 04.12.2013 at 14:58:30,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

strata · #6 Příspěvek od **strata** » 05 pro 2013 08:48

# AdwCleaner v3.014 - Report created 05/12/2013 at 00:39:30
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : radka - RADKA-PC
# Running from : C:\Users\radka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 70e6ca8c
[#] Service Deleted : CltMngSvc
[#] Service Deleted : DefaultTabSearch
[#] Service Deleted : DefaultTabUpdate

***** [ Files / Folders ] *****

Folder Deleted : C:\Searchprotect
Folder Deleted : C:\Users\radka\AppData\Local\Smartbar
Folder Deleted : C:\Users\radka\AppData\Local\Temp\Smartbar
Folder Deleted : C:\Users\radka\AppData\LocalLow\VisualBee_V.12
Folder Deleted : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default

\CT3287811
Folder Deleted : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default

\Extensions\{53c4024f-5a2e-4f2a-b33e-e8784d730938}
Folder Deleted : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\Extensions

\igdhbblpcellaljokkpfhcjlagemhgjl
File Deleted : C:\Users\radka\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\Local Storage

\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C22E4D13-E98A-488B-A9D8-B51C15A35A23}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-

90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-

0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-

F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C22E4D13-E98A-488B-A9D8-

B51C15A35A23}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-

A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-

AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-

8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C22E4D13-E98A-

488B-A9D8-B51C15A35A23}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-

A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-

6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CDF80C81-

D67D-4A1D-9A9D-20FBF979B777}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2525AE4A-

A3E4-471A-8F35-57CA9DBB9D2A}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{53C4024F-5A2E-4F2A-B33E-

E8784D730938}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{53C4024F-5A2E-

4F2A-B33E-E8784D730938}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{53C4024F-5A2E-4F2A-

B33E-E8784D730938}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{53C4024F-5A2E-4F2A-

B33E-E8784D730938}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-

AF68-0333EA26E113}]
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\VisualBee_V.12
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\VisualBee_V.12
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1B325F70-A984-421E-8407-

06683E6EF03B}
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] -

C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Mozilla Firefox v12.0 (cs)

[ File : C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com Search");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("extensions.helperbar.countryiso", "ca");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
Line Deleted : user_pref("extensions.helperbar.installationid", "bd5cc4fb-09ab-834c-9f27-

58ff5ef6f882");
Line Deleted : user_pref("extensions.helperbar.installdate", "13/10/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "quickobrw");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\radka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [15637 octets] - [05/12/2013 00:37:51]
AdwCleaner[S0].txt - [15581 octets] - [05/12/2013 00:39:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15642 octets] ##########

#7 Příspěvek od **vyosek** » 05 pro 2013 09:07

Poprosim o log z FRSTLauncheru dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

strata · #8 Příspěvek od **strata** » 05 pro 2013 20:49

frst

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013
Ran by radka (administrator) on RADKA-PC on 05-12-2013 12:38:35
Running from C:\Users\radka\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331_STI.EXE
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Nokia) C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(forum.viry.cz) C:\Users\radka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10151968 2010-04-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [908320 2010-04-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\System32\TpShocks.exe [231328 2010-03-15] (Lenovo.)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [4462496 2010-04-12] (Lenovo(beijing) Limited)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKCU\...\Run: [Facebook Update] - C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
MountPoints2: {02eb81e9-e854-11e0-8183-5cff35068656} - E:\AutoRun.exe
MountPoints2: {5a207d98-4d6c-11e0-82fb-002682f1bb4f} - E:\LaunchU3.exe -a
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [331BigDog] - C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
AppInit_DLLs: [ ] ()

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49178;https=127.0.0.1:49178
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLATOR\WEBIE.DLL ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default
FF DefaultSearchEngine: Google
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\radka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\searchplugins\longman-english-dictionary.xml
FF SearchPlugin: C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\searchplugins\lyrics-search.xml
FF SearchPlugin: C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\searchplugins\music-downloader.xml
FF SearchPlugin: C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\searchplugins\pdf-ebook-searches.xml
FF SearchPlugin: C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\searchplugins\wikipedia-eng.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: QuickShare Widget - C:\Users\radka\AppData\Roaming\Mozilla\Firefox\Profiles\va4qno99.default\Extensions\{bd5cc4fb-09ab-834c-9f27-58ff5ef6f882}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR HKLM-x32\...\Chrome\Extension: [jpkgnchjblgnciiopegmabnakdoapgkj] - C:\Users\radka\AppData\Local\CRE\jpkgnchjblgnciiopegmabnakdoapgkj.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [73728 2010-04-14] (Software602 a.s.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [903456 2010-04-20] (Broadcom Corporation.)
S3 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S3 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [575304 2009-11-17] (Lenovo Group Limited)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 PS_MDP; C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
S2 ReadyComm.DirectRouter; C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)

==================== Drivers (Whitelisted) ====================

S3 Bridge0; C:\Windows\System32\drivers\WDBridge.sys [79376 2009-07-15] (Lenovo)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-03-15] (Duplex Secure Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [214912 2010-01-26] (Vimicro Corporation)
R3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [11280 2009-07-16] (Lenovo)
U3 aqtyzu71; C:\Windows\System32\Drivers\aqtyzu71.sys [0 ] (Microsoft Corporation)
U3 BcmSqlStartupSvc;
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U2 IAStorDataMgrSvc;
U2 IviRegMgr;
S3 massfilter; system32\drivers\massfilter.sys [x]
S1 MpKsl98ac41ca; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DE25F09-4961-4E5F-8BBE-627A7BBBA703}\MpKsl98ac41ca.sys [x]
U2 RichVideo;
U3 SQLWriter;
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-05 12:38 - 2013-12-05 12:39 - 00015592 _____ C:\Users\radka\Desktop\FRST.txt
2013-12-05 12:37 - 2013-12-05 12:37 - 00000000 ____D C:\FRST
2013-12-05 12:33 - 2013-12-05 12:33 - 00112640 _____ (forum.viry.cz) C:\Users\radka\Downloads\FRSTLauncher.exe
2013-12-05 12:33 - 2013-12-05 12:33 - 00112640 _____ (forum.viry.cz) C:\Users\radka\Desktop\FRSTLauncher.exe
2013-12-05 12:32 - 2013-12-05 12:32 - 01925140 _____ (Farbar) C:\Users\radka\Desktop\FRST64.exe
2013-12-05 12:31 - 2013-12-05 12:32 - 01925140 _____ (Farbar) C:\Users\radka\Downloads\FRST64.exe
2013-12-05 00:37 - 2013-12-05 00:40 - 00000000 ____D C:\AdwCleaner
2013-12-05 00:36 - 2013-12-05 00:36 - 01110034 _____ C:\Users\radka\Downloads\adwcleaner.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 01110034 _____ C:\Users\radka\Desktop\adwcleaner.exe
2013-12-04 14:58 - 2013-12-04 14:58 - 00014198 _____ C:\Users\radka\Desktop\JRT.txt
2013-12-04 14:36 - 2013-12-04 14:36 - 00000000 ____D C:\windows\ERUNT
2013-12-04 14:31 - 2013-12-05 00:46 - 00000000 ____D C:\Users\radka\Desktop\viry
2013-12-04 14:28 - 2013-12-04 14:29 - 01034531 _____ (Thisisu) C:\Users\radka\Downloads\JRT.exe
2013-12-04 13:44 - 2013-12-04 13:45 - 00000000 ____D C:\rsit
2013-12-04 13:44 - 2013-12-04 13:44 - 00000000 ____D C:\Program Files\trend micro
2013-12-04 13:26 - 2013-12-04 13:27 - 00832273 _____ C:\Users\radka\Downloads\RSITx64.exe
2013-12-02 10:31 - 2013-12-02 10:40 - 81411949 _____ C:\Users\radka\Downloads\Mariah-Carey---Merry-Christmas-(1994).rar
2013-12-02 10:23 - 2013-12-02 10:29 - 107501472 _____ C:\Users\radka\Downloads\Sarah-McLachlan---Wintersong-(2006).rar
2013-12-02 09:49 - 2013-12-02 10:03 - 127154813 _____ C:\Users\radka\Downloads\Vánoční-písně-USA---Christmas-Song---The-best-of-Christmas-USA.rar
2013-12-02 09:45 - 2013-12-02 09:45 - 00001492 _____ C:\Users\radka\Desktop\Skype.lnk
2013-12-01 19:14 - 2013-12-02 07:52 - 135941993 _____ C:\Users\radka\Downloads\The-Big-Blue---Soundtrack.zip
2013-11-28 21:35 - 2013-12-05 10:34 - 00000000 ____D C:\Users\radka\Desktop\cuba_vyber_picasa
2013-11-28 20:52 - 2013-11-28 20:52 - 00016465 _____ C:\Users\radka\Desktop\MojeBanka_transakce dovolena.htm
2013-11-25 19:39 - 2013-11-25 20:19 - 00000000 ____D C:\Users\radka\Desktop\2013_11_25_New York
2013-11-24 20:26 - 2013-11-24 20:26 - 00000000 ____D C:\Users\radka\Desktop\2013_11_21-22_Cancun_Mexico
2013-11-24 20:24 - 2013-11-24 20:25 - 00000000 ____D C:\Users\radka\Desktop\2013_11_22-23_Toronto
2013-11-24 20:21 - 2013-11-24 20:41 - 00000000 ____D C:\Users\radka\Desktop\2013_11_24_New York
2013-11-21 23:18 - 2013-10-12 01:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-21 23:18 - 2013-10-12 01:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-21 23:18 - 2013-10-12 01:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-21 23:18 - 2013-10-12 01:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-11-21 23:18 - 2013-10-12 01:43 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-11-21 23:18 - 2013-10-12 00:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-21 23:18 - 2013-10-12 00:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-11-21 23:18 - 2013-10-12 00:02 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-11-21 23:18 - 2013-10-11 23:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-11-21 23:18 - 2013-10-11 23:08 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-11-21 23:18 - 2013-10-11 22:44 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-11-21 23:18 - 2013-10-11 22:15 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-21 23:17 - 2013-10-12 00:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-21 20:16 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-21 20:16 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-21 20:16 - 2013-09-24 19:26 - 00154560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-11-21 20:16 - 2013-09-24 19:26 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-11-21 20:16 - 2013-09-24 19:23 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-11-21 20:16 - 2013-09-24 19:23 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-11-21 20:16 - 2013-09-24 19:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-11-21 20:16 - 2013-09-24 19:22 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-21 20:16 - 2013-09-24 19:21 - 01447936 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-11-21 20:16 - 2013-09-24 19:21 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-11-21 20:16 - 2013-09-24 18:58 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2013-11-21 20:16 - 2013-09-24 18:57 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-21 20:16 - 2013-09-24 18:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2013-11-21 20:16 - 2013-09-24 18:56 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2013-11-21 20:16 - 2013-09-24 18:03 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-11-21 20:16 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-11-21 20:15 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-11-21 20:15 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-11-21 20:15 - 2013-10-03 19:24 - 01930752 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-21 20:15 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-21 20:15 - 2013-10-03 18:56 - 01796096 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-21 20:15 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2013-11-21 20:15 - 2013-09-27 18:09 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-21 20:14 - 2013-10-02 19:23 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-21 20:14 - 2013-10-02 19:00 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-21 20:13 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-11-21 20:13 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-21 20:13 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-11-21 20:13 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-11-21 20:13 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-11-20 20:26 - 2013-11-28 22:16 - 00000000 ____D C:\Users\radka\Desktop\martin

==================== One Month Modified Files and Folders =======

2013-12-05 12:39 - 2013-12-05 12:38 - 00015592 _____ C:\Users\radka\Desktop\FRST.txt
2013-12-05 12:37 - 2013-12-05 12:37 - 00000000 ____D C:\FRST
2013-12-05 12:35 - 2011-03-04 03:14 - 00000000 ____D C:\Users\radka\AppData\Roaming\Skype
2013-12-05 12:33 - 2013-12-05 12:33 - 00112640 _____ (forum.viry.cz) C:\Users\radka\Downloads\FRSTLauncher.exe
2013-12-05 12:33 - 2013-12-05 12:33 - 00112640 _____ (forum.viry.cz) C:\Users\radka\Desktop\FRSTLauncher.exe
2013-12-05 12:32 - 2013-12-05 12:32 - 01925140 _____ (Farbar) C:\Users\radka\Desktop\FRST64.exe
2013-12-05 12:32 - 2013-12-05 12:31 - 01925140 _____ (Farbar) C:\Users\radka\Downloads\FRST64.exe
2013-12-05 12:30 - 2010-10-20 17:40 - 08116928 _____ C:\windows\system32\TPAPSLOG.LOG
2013-12-05 12:26 - 2010-10-20 16:57 - 01234834 _____ C:\windows\WindowsUpdate.log
2013-12-05 12:07 - 2012-04-11 23:44 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-12-05 12:05 - 2013-09-20 11:00 - 00000928 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000UA.job
2013-12-05 12:05 - 2013-09-20 11:00 - 00000906 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000Core.job
2013-12-05 11:58 - 2011-03-16 23:15 - 00000950 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-05 11:52 - 2010-10-20 17:40 - 00993664 _____ C:\windows\system32\TPHDLOG0.LOG
2013-12-05 10:34 - 2013-11-28 21:35 - 00000000 ____D C:\Users\radka\Desktop\cuba_vyber_picasa
2013-12-05 10:02 - 2009-07-13 21:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-05 10:02 - 2009-07-13 21:45 - 00013632 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-05 09:52 - 2011-03-16 23:15 - 00000946 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-05 09:52 - 2010-10-20 17:52 - 23497434 _____ C:\FaceProv.log
2013-12-05 09:51 - 2013-04-16 05:01 - 00047327 _____ C:\windows\setupact.log
2013-12-05 09:51 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-05 00:46 - 2013-12-04 14:31 - 00000000 ____D C:\Users\radka\Desktop\viry
2013-12-05 00:40 - 2013-12-05 00:37 - 00000000 ____D C:\AdwCleaner
2013-12-05 00:36 - 2013-12-05 00:36 - 01110034 _____ C:\Users\radka\Downloads\adwcleaner.exe
2013-12-05 00:36 - 2013-12-05 00:36 - 01110034 _____ C:\Users\radka\Desktop\adwcleaner.exe
2013-12-04 22:25 - 2010-10-21 00:23 - 00631978 _____ C:\windows\system32\perfh005.dat
2013-12-04 22:25 - 2010-10-21 00:23 - 00122342 _____ C:\windows\system32\perfc005.dat
2013-12-04 22:25 - 2009-07-13 22:13 - 01471850 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-04 15:06 - 2009-07-13 20:20 - 00000000 ____D C:\windows\system32\NDF
2013-12-04 14:58 - 2013-12-04 14:58 - 00014198 _____ C:\Users\radka\Desktop\JRT.txt
2013-12-04 14:47 - 2011-03-23 01:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-04 14:36 - 2013-12-04 14:36 - 00000000 ____D C:\windows\ERUNT
2013-12-04 14:29 - 2013-12-04 14:28 - 01034531 _____ (Thisisu) C:\Users\radka\Downloads\JRT.exe
2013-12-04 13:45 - 2013-12-04 13:44 - 00000000 ____D C:\rsit
2013-12-04 13:44 - 2013-12-04 13:44 - 00000000 ____D C:\Program Files\trend micro
2013-12-04 13:27 - 2013-12-04 13:26 - 00832273 _____ C:\Users\radka\Downloads\RSITx64.exe
2013-12-04 08:49 - 2011-03-10 11:06 - 00000000 ____D C:\Radka
2013-12-02 10:40 - 2013-12-02 10:31 - 81411949 _____ C:\Users\radka\Downloads\Mariah-Carey---Merry-Christmas-(1994).rar
2013-12-02 10:29 - 2013-12-02 10:23 - 107501472 _____ C:\Users\radka\Downloads\Sarah-McLachlan---Wintersong-(2006).rar
2013-12-02 10:03 - 2013-12-02 09:49 - 127154813 _____ C:\Users\radka\Downloads\Vánoční-písně-USA---Christmas-Song---The-best-of-Christmas-USA.rar
2013-12-02 09:45 - 2013-12-02 09:45 - 00001492 _____ C:\Users\radka\Desktop\Skype.lnk
2013-12-02 07:52 - 2013-12-01 19:14 - 135941993 _____ C:\Users\radka\Downloads\The-Big-Blue---Soundtrack.zip
2013-11-28 22:16 - 2013-11-20 20:26 - 00000000 ____D C:\Users\radka\Desktop\martin
2013-11-28 20:52 - 2013-11-28 20:52 - 00016465 _____ C:\Users\radka\Desktop\MojeBanka_transakce dovolena.htm
2013-11-28 08:34 - 2011-03-04 03:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-28 08:34 - 2011-03-04 03:14 - 00000000 ____D C:\ProgramData\Skype
2013-11-27 04:53 - 2011-03-16 23:15 - 00003946 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-27 04:53 - 2011-03-16 23:15 - 00003694 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-26 11:23 - 2013-06-11 12:45 - 00000000 ____D C:\Users\radka\Desktop\roztridit - fotky telefon
2013-11-25 20:19 - 2013-11-25 19:39 - 00000000 ____D C:\Users\radka\Desktop\2013_11_25_New York
2013-11-24 20:41 - 2013-11-24 20:21 - 00000000 ____D C:\Users\radka\Desktop\2013_11_24_New York
2013-11-24 20:26 - 2013-11-24 20:26 - 00000000 ____D C:\Users\radka\Desktop\2013_11_21-22_Cancun_Mexico
2013-11-24 20:25 - 2013-11-24 20:24 - 00000000 ____D C:\Users\radka\Desktop\2013_11_22-23_Toronto
2013-11-22 07:49 - 2011-03-10 11:03 - 00000000 ____D C:\Users\radka\AppData\Roaming\vlc
2013-11-21 23:17 - 2011-03-03 04:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-21 23:15 - 2013-04-16 04:17 - 00001912 _____ C:\windows\epplauncher.mif
2013-11-21 23:15 - 2013-04-16 04:16 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-21 23:15 - 2013-04-16 04:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-21 23:13 - 2013-08-03 05:58 - 00000000 ____D C:\windows\system32\MRT
2013-11-21 22:56 - 2011-03-02 14:53 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-21 19:48 - 2013-10-13 19:17 - 00000270 __RSH C:\Users\radka\ntuser.pol
2013-11-21 19:48 - 2011-03-02 13:57 - 00000000 ____D C:\Users\radka
2013-11-19 03:21 - 2012-01-05 09:41 - 00267936 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2013-11-09 17:12 - 2009-07-13 22:08 - 00032562 _____ C:\windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\radka\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\radka\AppData\Local\Temp\Quarantine.exe
C:\Users\radka\AppData\Local\Temp\System.Data.SQLite.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000Core.job => C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000UA.job => C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\radka\Desktop" je 5980 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirror Tray icon
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#9 Příspěvek od **vyosek** » 06 pro 2013 06:21

Dobre rano

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKCU\...\Run: [Facebook Update] - C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
MountPoints2: {02eb81e9-e854-11e0-8183-5cff35068656} - E:\AutoRun.exe
MountPoints2: {5a207d98-4d6c-11e0-82fb-002682f1bb4f} - E:\LaunchU3.exe -a
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
AppInit_DLLs: [ ] ()

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49178;https=127.0.0.1:49178
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR HKLM-x32\...\Chrome\Extension: [jpkgnchjblgnciiopegmabnakdoapgkj] - C:\Users\radka\AppData\Local\CRE\jpkgnchjblgnciiopegmabnakdoapgkj.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

U3 aqtyzu71; C:\Windows\System32\Drivers\aqtyzu71.sys [0 ] (Microsoft Corporation)
U3 BcmSqlStartupSvc; 
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U2 IAStorDataMgrSvc; 
U2 IviRegMgr; 
S3 massfilter; system32\drivers\massfilter.sys [x]
S1 MpKsl98ac41ca; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DE25F09-4961-4E5F-8BBE-627A7BBBA703}\MpKsl98ac41ca.sys [x]
U2 RichVideo; 
U3 SQLWriter; 
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

C:\Users\radka\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\radka\AppData\Local\Temp\Quarantine.exe
C:\Users\radka\AppData\Local\Temp\System.Data.SQLite.dll

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000Core.job => C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000UA.job => C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

strata · #10 Příspěvek od **strata** » 06 pro 2013 06:33

dobre ranko do cr preji
omlouvam se, ale nerozumim pokynu
"Presunte vytvoreny fixlist vedle FRST"

muzete si prosim nejak blize objasnit.
diky

#11 Příspěvek od **vyosek** » 06 pro 2013 06:34

FRST.exe mate na Plose, takze fixlist.txt ulozte tez na Plochu - aby jej FRST mohl nacist

strata · #12 Příspěvek od **strata** » 06 pro 2013 06:46

ok
a jeste dotaz - spustit FRST64 nebo FRST launcher? asi to druhe, ze?

#13 Příspěvek od **vyosek** » 06 pro 2013 07:01

Prectete si znovu navod, tam je to popsano

Spustte znovu FRST.exe
Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

strata · #14 Příspěvek od **strata** » 06 pro 2013 07:19

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-12-2013
Ran by radka at 2013-12-05 23:12:57 Run:1
Running from C:\Users\radka\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKCU\...\Run: [Facebook Update] - C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
MountPoints2: {02eb81e9-e854-11e0-8183-5cff35068656} - E:\AutoRun.exe
MountPoints2: {5a207d98-4d6c-11e0-82fb-002682f1bb4f} - E:\LaunchU3.exe -a
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NokiaMServer] - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
AppInit_DLLs: [ ] ()

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49178;https=127.0.0.1:49178
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

CHR RestoreOnStartup: "urls_to_restore_on_startup": [
CHR HKLM-x32\...\Chrome\Extension: [jpkgnchjblgnciiopegmabnakdoapgkj] - C:\Users\radka\AppData\Local\CRE\jpkgnchjblgnciiopegmabnakdoapgkj.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

U3 aqtyzu71; C:\Windows\System32\Drivers\aqtyzu71.sys [0 ] (Microsoft Corporation)
U3 BcmSqlStartupSvc;
S3 Huawei; system32\DRIVERS\ewdcsc.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U2 IAStorDataMgrSvc;
U2 IviRegMgr;
S3 massfilter; system32\drivers\massfilter.sys [x]
S1 MpKsl98ac41ca; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3DE25F09-4961-4E5F-8BBE-627A7BBBA703}\MpKsl98ac41ca.sys [x]
U2 RichVideo;
U3 SQLWriter;
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

C:\Users\radka\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\radka\AppData\Local\Temp\Quarantine.exe
C:\Users\radka\AppData\Local\Temp\System.Data.SQLite.dll

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000Core.job => C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000UA.job => C:\Users\radka\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NokiaSuite.exe => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{02eb81e9-e854-11e0-8183-5cff35068656} => Key deleted successfully.
HKCR\CLSID\{02eb81e9-e854-11e0-8183-5cff35068656} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a207d98-4d6c-11e0-82fb-002682f1bb4f} => Key deleted successfully.
HKCR\CLSID\{5a207d98-4d6c-11e0-82fb-002682f1bb4f} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\NokiaMServer => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
CHR RestoreOnStartup: "urls_to_restore_on_startup": [ ==> The Chrome "Settings" can be used to fix the entry.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpkgnchjblgnciiopegmabnakdoapgkj => Key deleted successfully.
"C:\Users\radka\AppData\Local\CRE\jpkgnchjblgnciiopegmabnakdoapgkj.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
aqtyzu71 => Service deleted successfully.
BcmSqlStartupSvc => Service deleted successfully.
Huawei => Service deleted successfully.
hwdatacard => Service deleted successfully.
hwusbdev => Service deleted successfully.
IAStorDataMgrSvc => Service deleted successfully.
IviRegMgr => Service deleted successfully.
massfilter => Service deleted successfully.
MpKsl98ac41ca => Service deleted successfully.
RichVideo => Service deleted successfully.
SQLWriter => Service deleted successfully.
ZTEusbmdm6k => Service deleted successfully.
ZTEusbnmea => Service deleted successfully.
ZTEusbser6k => Service deleted successfully.
C:\Users\radka\AppData\Local\Temp\NOSEventMessages.dll => Moved successfully.
C:\Users\radka\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\radka\AppData\Local\Temp\System.Data.SQLite.dll => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-570883228-2704862597-2836491840-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#15 Příspěvek od **vyosek** » 06 pro 2013 08:56

Fajn, jak se chova PC??

VIRY.CZ

zpomaleny NTB

zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB

Re: zpomaleny NTB