Zdravím,
už je to tu řešené, ale pro jistotu než pořád něco zkoušet na odstranění, zakládám nové téma.
Jako u předešlých případů se mi objevují na stránkách zeleně označené texty, které odkazují na reklamy. Čas od času vyskočí nové okno s reklamou a celkově je práce s internetem pomalejší (na jiných ne-PC zařízení nemám s rychlostí problém).
Přidávám log z FRST.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-01-2014 02
Ran by Jana (administrator) on JANA on 14-01-2014 12:03:59
Running from C:\Users\Jana\Desktop
Windows 8 Pro with Media Center (X64) OS Language: English(UK)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Adblock Pro Team) C:\Program Files\Adblock Pro\abpmain.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\WFWIZ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Dropbox, Inc.) C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Leadtek Research Inc.) C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
(Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [adblock pro] - C:\Program Files\Adblock Pro\abpmain.exe [602112 2010-06-30] (Adblock Pro Team)
HKLM\...\Run: [Greenshot] - C:\Program Files\Greenshot\Greenshot.exe [462848 2012-10-30] (Greenshot)
HKLM-x32\...\Run: [WinFastDTV] - C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [101888 2012-09-10] (Leadtek Research Inc.)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-02-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\WINDOWS\skipmetrosuite.exe,
HKCU\...\Run: [WinFast Schedule] - C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2916352 2012-08-28] (Leadtek Research Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [20203904 2013-12-06] (Google)
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4277896 2013-12-23] (Plex, Inc.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {443d3b14-6278-11e2-be77-0025ab22682c} - "F:\Startme.exe"
HKU\Mcx1-JANA\...\RunOnce: [ctfmon.exe] - ctfmon.exe /n
HKU\Mcx1-JANA\...\Winlogon: [Shell] C:\WINDOWS\eHome\McrMgr.exe [278016 2012-07-26] (Microsoft Corporation) <==== ATTENTION
AppInit_DLLs: C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-07] ()
AppInit_DLLs-x32: c:\progra~2\gsb779~1.ena [3041792 2014-01-07] ()
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jana\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: No Name - {94792A90-75AE-BCD0-C9C8-D2AE94608774} - No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Pro - {F385C231-605B-4d8f-ACA9-DBFF765BBE17} - C:\Program Files\Adblock Pro\AdblockPro.dll (Adblock Pro Team)
BHO: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 188.175.124.254 94.74.192.252
Chrome:
=======
CHR HomePage: about:blank
CHR RestoreOnStartup: "https://www.facebook.com/home.php?ref=home"
CHR DefaultSearchKeyword: google
CHR DefaultSearchURL: http://www.google.com/search?q={searchTerms}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
CHR Extension: (Google Translate) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.5_0 [2013-09-16]
CHR Extension: (Angry Birds) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0 [2013-09-16]
CHR Extension: (Theme Creator) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0 [2013-09-16]
CHR Extension: (Google Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-09-14]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1 [2013-09-14]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1 [2013-09-14]
CHR Extension: (goReatsaver) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkdkgofifcbmmhpcindfflbendonokk\2.7 [2014-01-07]
CHR Extension: (Google Search) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1 [2013-09-14]
CHR Extension: (TV program) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkgjblbjpigonjpmblphnackhfigbo\1.4.0.6_0 [2013-11-03]
CHR Extension: (Facebook for Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp\163 [2014-01-07]
CHR Extension: ( "name": "Mail Checker Plus for Google Mail\u2122") - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffjhibehnempbkeheiccaincokdjbfe\1.3.19_0 [2013-09-16]
CHR Extension: (AdBlock) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.10_0 [2013-10-12]
CHR Extension: (YoutubeAdblocker) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkdogkmpocbebdoabifkeconmominlcj\1.0 [2014-01-07]
CHR Extension: (Google Calendar (by Google)) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich\1.3.1_0 [2013-09-16]
CHR Extension: (YTBoookMaRk) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmeeocblabocfmaphpgmeioejcffjom\1.1 [2014-01-07]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.1_0 [2013-09-16]
CHR Extension: (Clock) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoihofapbdnldlhecnhefifbcddgdkhm\1.2_0 [2013-09-16]
CHR Extension: (Downloads) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb\1_0 [2013-09-16]
CHR Extension: (Calculator) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0 [2013-09-16]
CHR Extension: (Google Mail Checker) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0 [2013-09-16]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-14]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 [2013-09-14]
==================== Services (Whitelisted) =================
U2 1a34a8e0; C:\Program Files (x86)\GSSvc.dll [146768 2014-01-07] ()
U2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
U2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1901752 2013-07-21] (Microsoft Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 mod7700; C:\Windows\system32\DRIVERS\mod7700.sys [907264 2009-11-17] (DiBcom SA)
U3 MODRC; C:\Windows\system32\DRIVERS\modrc.sys [24200 2007-07-13] (DiBcom S.A.)
U3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
U3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [251648 2011-09-02] (Vimicro Corporation)
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-14 12:03 - 2014-01-14 12:04 - 00019955 _____ C:\Users\Jana\Desktop\FRST.txt
2014-01-14 12:03 - 2014-01-14 12:03 - 00000000 ____D C:\FRST
2014-01-14 12:01 - 2014-01-14 12:01 - 02075648 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2014-01-14 12:01 - 2014-01-14 12:01 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2014-01-14 11:59 - 2014-01-14 11:59 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-14 11:59 - 2014-01-14 11:59 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 11:50 - 2014-01-14 11:50 - 00000919 _____ C:\Users\Jana\Desktop\JRT.txt
2014-01-13 21:20 - 2014-01-14 11:42 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2014-01-13 21:02 - 2014-01-13 21:37 - 00000000 ____D C:\Users\Jana\AppData\Roaming\eCyber
2014-01-13 21:02 - 2014-01-13 21:02 - 00000000 ____D C:\WINDOWS\system32\log
2014-01-13 20:56 - 2014-01-14 06:49 - 00207453 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-13 20:55 - 2014-01-13 20:55 - 00006216 _____ C:\WINDOWS\PFRO.log
2014-01-13 18:34 - 2014-01-13 18:34 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-13 18:32 - 2014-01-13 18:32 - 01037068 _____ (Thisisu) C:\Users\Jana\Desktop\JRT.exe
2014-01-13 17:22 - 2014-01-13 17:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Zoner
2014-01-13 17:22 - 2014-01-13 17:22 - 00000000 ____D C:\Users\Jana\AppData\Local\Zoner
2014-01-13 17:21 - 2014-01-13 17:21 - 00000000 ____D C:\ProgramData\Zoner
2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-13 16:59 - 2014-01-13 16:59 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com
2014-01-13 08:15 - 2014-01-13 08:15 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-13 08:15 - 2014-01-13 08:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Malwarebytes
2014-01-13 08:15 - 2014-01-13 08:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-13 08:15 - 2014-01-13 08:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-13 08:15 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-12 06:44 - 2014-01-13 20:56 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-09 12:47 - 2014-01-09 12:57 - 00000000 ____D C:\Users\Jana\AppData\Roaming\XBMC
2014-01-09 11:31 - 2014-01-09 11:31 - 00002015 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enable AppContainer Loopback.lnk
2014-01-09 11:31 - 2014-01-09 11:31 - 00000000 ____D C:\Program Files (x86)\EnableLoopback
2014-01-09 10:52 - 2014-01-09 10:52 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-09 10:52 - 2014-01-09 10:52 - 00000000 ____D C:\Program Files (x86)\Plex
2014-01-08 21:20 - 2014-01-08 21:20 - 00001252 _____ C:\Users\Jana\Desktop\Plex Media Server.lnk
2014-01-08 20:26 - 2014-01-09 10:53 - 00000000 ____D C:\Users\Jana\AppData\Local\Plex Media Server
2014-01-08 15:05 - 2014-01-08 15:05 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Imagenomic
2014-01-07 20:00 - 2014-01-13 20:55 - 00000468 ____H C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job
2014-01-07 20:00 - 2014-01-07 20:00 - 03041792 ____H C:\Program Files (x86)\GS.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 02759168 _____ C:\Program Files (x86)\GS_x64.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 00146768 _____ C:\Program Files (x86)\GSSvc.dll
2014-01-07 20:00 - 2014-01-07 20:00 - 00002706 _____ C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765
2014-01-07 20:00 - 2014-01-07 20:00 - 00000000 ____D C:\ProgramData\SoftWarehouse
2014-01-07 19:59 - 2014-01-13 08:24 - 00000000 ____D C:\ProgramData\grEatsaVeerr
2014-01-07 19:59 - 2014-01-07 20:00 - 00000000 ____D C:\ProgramData\ac1e92e0b0bd4eba
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Torch
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Program Files (x86)\grEatsaVeerr
2014-01-07 19:58 - 2014-01-07 19:58 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-06 19:24 - 2014-01-06 19:24 - 00000020 ___SH C:\Users\Mcx1-JANA\ntuser.ini
2014-01-06 19:24 - 2014-01-06 19:24 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Local\VirtualStore
2014-01-06 19:22 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Local\Google
2014-01-06 19:22 - 2014-01-06 19:24 - 00000000 ____D C:\Users\Mcx1-JANA
2014-01-06 19:22 - 2013-08-08 11:24 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Roaming\Macromedia
2014-01-06 19:22 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\Mcx1-JANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-06 19:22 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\Mcx1-JANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-06 19:22 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\Mcx1-JANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-06 19:22 - 2012-07-26 09:13 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-01 20:24 - 2014-01-01 20:24 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2014-01-01 20:22 - 2014-01-01 20:22 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2014-01-01 20:22 - 2014-01-01 20:22 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
==================== One Month Modified Files and Folders =======
2014-01-14 12:04 - 2014-01-14 12:03 - 00019955 _____ C:\Users\Jana\Desktop\FRST.txt
2014-01-14 12:03 - 2014-01-14 12:03 - 00000000 ____D C:\FRST
2014-01-14 12:02 - 2013-01-04 18:54 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-14 12:01 - 2014-01-14 12:01 - 02075648 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2014-01-14 12:01 - 2014-01-14 12:01 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2014-01-14 12:00 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-14 11:59 - 2014-01-14 11:59 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-14 11:59 - 2014-01-14 11:59 - 00000000 ____D C:\Program Files\CCleaner
2014-01-14 11:50 - 2014-01-14 11:50 - 00000919 _____ C:\Users\Jana\Desktop\JRT.txt
2014-01-14 11:42 - 2014-01-13 21:20 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2014-01-14 11:37 - 2013-01-04 18:03 - 00000904 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 06:49 - 2014-01-13 20:56 - 00207453 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-14 02:00 - 2013-01-05 21:45 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2014-01-13 21:37 - 2014-01-13 21:02 - 00000000 ____D C:\Users\Jana\AppData\Roaming\eCyber
2014-01-13 21:02 - 2014-01-13 21:02 - 00000000 ____D C:\WINDOWS\system32\log
2014-01-13 21:02 - 2013-01-04 08:34 - 00730330 _____ C:\WINDOWS\system32\perfh005.dat
2014-01-13 21:02 - 2013-01-04 08:34 - 00151692 _____ C:\WINDOWS\system32\perfc005.dat
2014-01-13 21:02 - 2012-07-26 08:28 - 01714430 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-13 20:57 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2014-01-13 20:56 - 2014-01-12 06:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-13 20:56 - 2013-11-14 15:15 - 00000000 ___RD C:\Users\Jana\Disk Google
2014-01-13 20:56 - 2013-02-13 18:51 - 00000000 ___RD C:\Users\Jana\Dropbox
2014-01-13 20:56 - 2013-02-13 18:49 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Dropbox
2014-01-13 20:55 - 2014-01-13 20:55 - 00006216 _____ C:\WINDOWS\PFRO.log
2014-01-13 20:55 - 2014-01-07 20:00 - 00000468 ____H C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job
2014-01-13 20:55 - 2013-01-04 18:03 - 00000900 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-13 20:55 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-13 20:54 - 2013-01-05 12:46 - 00000000 ____D C:\Users\Jana\AppData\Roaming\uTorrent
2014-01-13 18:48 - 2013-01-05 12:43 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Winamp
2014-01-13 18:34 - 2014-01-13 18:34 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-13 18:32 - 2014-01-13 18:32 - 01037068 _____ (Thisisu) C:\Users\Jana\Desktop\JRT.exe
2014-01-13 18:31 - 2014-01-13 17:14 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-13 18:31 - 2014-01-13 17:14 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-13 17:22 - 2014-01-13 17:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Zoner
2014-01-13 17:22 - 2014-01-13 17:22 - 00000000 ____D C:\Users\Jana\AppData\Local\Zoner
2014-01-13 17:21 - 2014-01-13 17:21 - 00000000 ____D C:\ProgramData\Zoner
2014-01-13 16:59 - 2014-01-13 16:59 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com
2014-01-13 08:24 - 2014-01-07 19:59 - 00000000 ____D C:\ProgramData\grEatsaVeerr
2014-01-13 08:15 - 2014-01-13 08:15 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-13 08:15 - 2014-01-13 08:15 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Malwarebytes
2014-01-13 08:15 - 2014-01-13 08:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-13 08:15 - 2014-01-13 08:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-13 08:14 - 2013-01-09 17:20 - 00007597 _____ C:\Users\Jana\AppData\Local\resmon.resmoncfg
2014-01-10 16:16 - 2012-07-26 06:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-09 22:33 - 2013-01-04 08:30 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1847768060-1068081996-2511273922-1001
2014-01-09 20:51 - 2013-10-13 14:21 - 00001189 _____ C:\Users\Public\Desktop\GOM Player.lnk
2014-01-09 20:51 - 2013-01-04 22:52 - 00001213 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2014-01-09 12:57 - 2014-01-09 12:47 - 00000000 ____D C:\Users\Jana\AppData\Roaming\XBMC
2014-01-09 11:31 - 2014-01-09 11:31 - 00002015 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Enable AppContainer Loopback.lnk
2014-01-09 11:31 - 2014-01-09 11:31 - 00000000 ____D C:\Program Files (x86)\EnableLoopback
2014-01-09 10:53 - 2014-01-08 20:26 - 00000000 ____D C:\Users\Jana\AppData\Local\Plex Media Server
2014-01-09 10:52 - 2014-01-09 10:52 - 00000000 ____D C:\ProgramData\Package Cache
2014-01-09 10:52 - 2014-01-09 10:52 - 00000000 ____D C:\Program Files (x86)\Plex
2014-01-08 21:20 - 2014-01-08 21:20 - 00001252 _____ C:\Users\Jana\Desktop\Plex Media Server.lnk
2014-01-08 20:26 - 2013-01-05 13:18 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Apple Computer
2014-01-08 20:26 - 2013-01-05 13:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Apple Computer
2014-01-08 15:05 - 2014-01-08 15:05 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Imagenomic
2014-01-08 15:03 - 2013-01-14 22:59 - 00000000 ____D C:\Program Files (x86)\Imagenomic
2014-01-07 20:00 - 2014-01-07 20:00 - 03041792 ____H C:\Program Files (x86)\GS.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 02759168 _____ C:\Program Files (x86)\GS_x64.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 00146768 _____ C:\Program Files (x86)\GSSvc.dll
2014-01-07 20:00 - 2014-01-07 20:00 - 00002706 _____ C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765
2014-01-07 20:00 - 2014-01-07 20:00 - 00000000 ____D C:\ProgramData\SoftWarehouse
2014-01-07 20:00 - 2014-01-07 19:59 - 00000000 ____D C:\ProgramData\ac1e92e0b0bd4eba
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Jana\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Torch
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Google
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Guest
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Users\Administrator\AppData\Local\Comodo
2014-01-07 19:59 - 2014-01-07 19:59 - 00000000 ____D C:\Program Files (x86)\grEatsaVeerr
2014-01-07 19:59 - 2014-01-06 19:22 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Local\Google
2014-01-07 19:59 - 2013-01-19 21:31 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google
2014-01-07 19:59 - 2013-01-04 18:03 - 00000000 ____D C:\Users\Jana\AppData\Local\Google
2014-01-07 19:58 - 2014-01-07 19:58 - 00000000 ____D C:\ProgramData\InstallMate
2014-01-06 19:24 - 2014-01-06 19:24 - 00000020 ___SH C:\Users\Mcx1-JANA\ntuser.ini
2014-01-06 19:24 - 2014-01-06 19:24 - 00000000 ____D C:\Users\Mcx1-JANA\AppData\Local\VirtualStore
2014-01-06 19:24 - 2014-01-06 19:22 - 00000000 ____D C:\Users\Mcx1-JANA
2014-01-06 19:22 - 2013-01-04 21:34 - 00000818 __RSH C:\ProgramData\ntuser.pol
2014-01-01 20:24 - 2014-01-01 20:24 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2014-01-01 20:23 - 2013-01-04 18:03 - 00000000 ____D C:\Program Files (x86)\Google
2014-01-01 20:22 - 2014-01-01 20:22 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2014-01-01 20:22 - 2014-01-01 20:22 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
Files to move or delete:
====================
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
Some content of TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-07 11:01
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:100 GB) (Free:25.49 GB) NTFS
Drive d: () (Fixed) (Total:806.34 GB) (Free:513.8 GB) NTFS
Drive f: (ADATA EXT) (Fixed) (Total:596.02 GB) (Free:435.09 GB) FAT32
Drive g: (WD Elements EXT) (Fixed) (Total:931.51 GB) (Free:864.18 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:596.17 GB) (Free:102.72 GB) NTFS
Available physical RAM: 1716.49 MB
Total physical RAM: 4078.46 MB
Percentage of memory in use: 57%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D5E91E60)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=806 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=25 GB) - (Type=12)
Disk: 1 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: B160F8AB)
Partition 1: (Active) - (Size=596 GB) - (Type=0C)
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 0004A9A0)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 9A266DAC)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job => c:\programdata\softwarehouse\gs.enabler\GS.Enabler.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jana\Desktop" je 3 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Awardhotspot reklamy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Awardhotspot reklamy
- Přílohy
-
- Addition.rar
- (5.95 KiB) Staženo 16 x
Naposledy upravil(a) Piskle1987 dne 14 led 2014 15:46, celkem upraveno 1 x.
Re: Adwardhotspot reklamy
Zdravim, pekne poledne preji a vitam Vas u nas na foru 
Odinstalujte nasledujici - nejsou to moc kvalitni nastroje a defakto zbytecne
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Odinstalujte nasledujici - nejsou to moc kvalitni nastroje a defakto zbytecne
- GridinSoft Trojan Killer
- Spybot - Search & Destroy
- SUPERAntiSpyware
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Adwardhotspot reklamy
Provedeno, zde je výpis:
# AdwCleaner v3.017 - Report created 14/01/2014 at 12:32:23
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : Jana - JANA
# Running from : C:\Users\Jana\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\grEatsaVeerr
Folder Deleted : C:\Program Files (x86)\grEatsaVeerr
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16453
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R2].txt - [1028 octets] - [14/01/2014 12:31:06]
AdwCleaner[S2].txt - [967 octets] - [14/01/2014 12:32:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1026 octets] ##########
# AdwCleaner v3.017 - Report created 14/01/2014 at 12:32:23
# Updated 12/01/2014 by Xplode
# Operating System : Windows 8 Pro with Media Center (64 bits)
# Username : Jana - JANA
# Running from : C:\Users\Jana\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\SoftWarehouse
Folder Deleted : C:\ProgramData\grEatsaVeerr
Folder Deleted : C:\Program Files (x86)\grEatsaVeerr
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16453
-\\ Google Chrome v31.0.1650.63
[ File : C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R2].txt - [1028 octets] - [14/01/2014 12:31:06]
AdwCleaner[S2].txt - [967 octets] - [14/01/2014 12:32:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1026 octets] ##########
Re: Adwardhotspot reklamy
Vidim nainstalovany MBAM, delala jste jim uplnou kontrolu, nase neco?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Adwardhotspot reklamy
Dělala, něco to našlo, nicméně už si nejsem jistá, jak proběhl výsledek (případné smazání či co to má udělat).
Projedu to ještě nyní a poté sem napíšu nějaký ten výsledek.
Projedu to ještě nyní a poté sem napíšu nějaký ten výsledek.
Re: Adwardhotspot reklamy
Supr, log z MBAMu rad uvidim
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Adwardhotspot reklamy
Tak tady to je. Nic to nenašlo :/
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.01.13.09
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Jana :: JANA [administrátor]
Ochrana: Povolena
14/01/14 12:55:53
mbam-log-2014-01-14 (12-55-53).txt
Typ: Kompletní kontrola (C:\|D:\|F:\|G:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 731714
Uplynulý čas: 1 hodin, 43 minut, 45 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
Verze: v2014.01.13.09
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Jana :: JANA [administrátor]
Ochrana: Povolena
14/01/14 12:55:53
mbam-log-2014-01-14 (12-55-53).txt
Typ: Kompletní kontrola (C:\|D:\|F:\|G:\|H:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 731714
Uplynulý čas: 1 hodin, 43 minut, 45 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Re: Adwardhotspot reklamy
Tim lepe, ale jeste to procistime 
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.) HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKCU\...\Run: [AdobeBridge] - [x] HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4277896 2013-12-23] (Plex, Inc.) HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 MountPoints2: {443d3b14-6278-11e2-be77-0025ab22682c} - "F:\Startme.exe" HKU\Mcx1-JANA\...\RunOnce: [ctfmon.exe] - ctfmon.exe /n AppInit_DLLs: C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-07] () AppInit_DLLs-x32: c:\progra~2\gsb779~1.ena [3041792 2014-01-07] () BHO: No Name - {94792A90-75AE-BCD0-C9C8-D2AE94608774} - No File BHO: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File BHO-x32: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File U2 1a34a8e0; C:\Program Files (x86)\GSSvc.dll [146768 2014-01-07] () 2014-01-14 11:50 - 2014-01-14 11:50 - 00000919 _____ C:\Users\Jana\Desktop\JRT.txt 2014-01-13 21:20 - 2014-01-14 11:42 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer 2014-01-13 18:32 - 2014-01-13 18:32 - 01037068 _____ (Thisisu) C:\Users\Jana\Desktop\JRT.exe 2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2014-01-13 16:59 - 2014-01-13 16:59 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com 2014-01-07 20:00 - 2014-01-13 20:55 - 00000468 ____H C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job 2014-01-07 20:00 - 2014-01-07 20:00 - 03041792 ____H C:\Program Files (x86)\GS.Enabler 2014-01-07 20:00 - 2014-01-07 20:00 - 02759168 _____ C:\Program Files (x86)\GS_x64.Enabler 2014-01-07 20:00 - 2014-01-07 20:00 - 00146768 _____ C:\Program Files (x86)\GSSvc.dll 2014-01-07 20:00 - 2014-01-07 20:00 - 00002706 _____ C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765 Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job => c:\programdata\softwarehouse\gs.enabler\GS.Enabler.exe <==== ATTENTION AlternateDataStreams: C:\Windows:nlsPreferences Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Adwardhotspot reklamy
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-01-2014 02
Ran by Jana at 2014-01-14 15:30:59 Run:1
Running from C:\Users\Jana\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4277896 2013-12-23] (Plex, Inc.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {443d3b14-6278-11e2-be77-0025ab22682c} - "F:\Startme.exe"
HKU\Mcx1-JANA\...\RunOnce: [ctfmon.exe] - ctfmon.exe /n
AppInit_DLLs: C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-07] ()
AppInit_DLLs-x32: c:\progra~2\gsb779~1.ena [3041792 2014-01-07] ()
BHO: No Name - {94792A90-75AE-BCD0-C9C8-D2AE94608774} - No File
BHO: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File
BHO-x32: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File
U2 1a34a8e0; C:\Program Files (x86)\GSSvc.dll [146768 2014-01-07] ()
2014-01-14 11:50 - 2014-01-14 11:50 - 00000919 _____ C:\Users\Jana\Desktop\JRT.txt
2014-01-13 21:20 - 2014-01-14 11:42 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2014-01-13 18:32 - 2014-01-13 18:32 - 01037068 _____ (Thisisu) C:\Users\Jana\Desktop\JRT.exe
2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-13 16:59 - 2014-01-13 16:59 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com
2014-01-07 20:00 - 2014-01-13 20:55 - 00000468 ____H C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job
2014-01-07 20:00 - 2014-01-07 20:00 - 03041792 ____H C:\Program Files (x86)\GS.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 02759168 _____ C:\Program Files (x86)\GS_x64.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 00146768 _____ C:\Program Files (x86)\GSSvc.dll
2014-01-07 20:00 - 2014-01-07 20:00 - 00002706 _____ C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job => c:\programdata\softwarehouse\gs.enabler\GS.Enabler.exe <==== ATTENTION
AlternateDataStreams: C:\Windows:nlsPreferences
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Plex Media Server => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{443d3b14-6278-11e2-be77-0025ab22682c} => Key deleted successfully.
HKCR\CLSID\{443d3b14-6278-11e2-be77-0025ab22682c} => Key not found.
HKU\Mcx1-JANA\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ctfmon.exe => Value not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94792A90-75AE-BCD0-C9C8-D2AE94608774} => Key deleted successfully.
HKCR\CLSID\{94792A90-75AE-BCD0-C9C8-D2AE94608774} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key deleted successfully.
HKCR\CLSID\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key not found.
1a34a8e0 => Service deleted successfully.
C:\Users\Jana\Desktop\JRT.txt => Moved successfully.
"C:\Program Files\GridinSoft Trojan Killer" => File/Directory not found.
C:\Users\Jana\Desktop\JRT.exe => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"C:\Program Files (x86)\Spybot - Search & Destroy" => File/Directory not found.
"C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com" => File/Directory not found.
C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job => Moved successfully.
"C:\Program Files (x86)\GS.Enabler" => File/Directory not found.
C:\Program Files (x86)\GS_x64.Enabler => Moved successfully.
C:\Program Files (x86)\GSSvc.dll => Moved successfully.
C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765 => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job not found.
"C:\Windows" => ":nlsPreferences" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by Jana at 2014-01-14 15:30:59 Run:1
Running from C:\Users\Jana\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [WinampAgent] - C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Plex Media Server] - C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [4277896 2013-12-23] (Plex, Inc.)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
MountPoints2: {443d3b14-6278-11e2-be77-0025ab22682c} - "F:\Startme.exe"
HKU\Mcx1-JANA\...\RunOnce: [ctfmon.exe] - ctfmon.exe /n
AppInit_DLLs: C:\Program Files (x86)\GS_x64.Enabler [2759168 2014-01-07] ()
AppInit_DLLs-x32: c:\progra~2\gsb779~1.ena [3041792 2014-01-07] ()
BHO: No Name - {94792A90-75AE-BCD0-C9C8-D2AE94608774} - No File
BHO: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File
BHO-x32: No Name - {F68C6078-E064-9FE1-075E-1B0CF5030AB5} - No File
U2 1a34a8e0; C:\Program Files (x86)\GSSvc.dll [146768 2014-01-07] ()
2014-01-14 11:50 - 2014-01-14 11:50 - 00000919 _____ C:\Users\Jana\Desktop\JRT.txt
2014-01-13 21:20 - 2014-01-14 11:42 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2014-01-13 18:32 - 2014-01-13 18:32 - 01037068 _____ (Thisisu) C:\Users\Jana\Desktop\JRT.exe
2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-13 17:14 - 2014-01-13 18:31 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy
2014-01-13 16:59 - 2014-01-13 16:59 - 00000000 ____D C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com
2014-01-07 20:00 - 2014-01-13 20:55 - 00000468 ____H C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job
2014-01-07 20:00 - 2014-01-07 20:00 - 03041792 ____H C:\Program Files (x86)\GS.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 02759168 _____ C:\Program Files (x86)\GS_x64.Enabler
2014-01-07 20:00 - 2014-01-07 20:00 - 00146768 _____ C:\Program Files (x86)\GSSvc.dll
2014-01-07 20:00 - 2014-01-07 20:00 - 00002706 _____ C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job => c:\programdata\softwarehouse\gs.enabler\GS.Enabler.exe <==== ATTENTION
AlternateDataStreams: C:\Windows:nlsPreferences
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Plex Media Server => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{443d3b14-6278-11e2-be77-0025ab22682c} => Key deleted successfully.
HKCR\CLSID\{443d3b14-6278-11e2-be77-0025ab22682c} => Key not found.
HKU\Mcx1-JANA\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ctfmon.exe => Value not found.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94792A90-75AE-BCD0-C9C8-D2AE94608774} => Key deleted successfully.
HKCR\CLSID\{94792A90-75AE-BCD0-C9C8-D2AE94608774} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key deleted successfully.
HKCR\CLSID\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{F68C6078-E064-9FE1-075E-1B0CF5030AB5} => Key not found.
1a34a8e0 => Service deleted successfully.
C:\Users\Jana\Desktop\JRT.txt => Moved successfully.
"C:\Program Files\GridinSoft Trojan Killer" => File/Directory not found.
C:\Users\Jana\Desktop\JRT.exe => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
"C:\Program Files (x86)\Spybot - Search & Destroy" => File/Directory not found.
"C:\Users\Jana\AppData\Roaming\SUPERAntiSpyware.com" => File/Directory not found.
C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job => Moved successfully.
"C:\Program Files (x86)\GS.Enabler" => File/Directory not found.
C:\Program Files (x86)\GS_x64.Enabler => Moved successfully.
C:\Program Files (x86)\GSSvc.dll => Moved successfully.
C:\WINDOWS\System32\Tasks\GS.Enabler-S-926685765 => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\GS.Enabler-S-926685765.job not found.
"C:\Windows" => ":nlsPreferences" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Adwardhotspot reklamy
Jak se chova nas pacient??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Adwardhotspot reklamy
Bohužel právě pořád stejně 
Re: Adwardhotspot reklamy
Problem je ve vsech prohlizecich??
Na jaky odkaz ty reklamy smeruji??
Na jaky odkaz ty reklamy smeruji??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Awardhotspot reklamy
Tak jsem zkusila IE a tam vše OK, tudíž je to problém chromu.
Jinak na reklamě je napsáno awardhotspot.com po kliknutí na ni na:
Jinak na reklamě je napsáno awardhotspot.com po kliknutí na ni na:
Kód: Vybrat vše
http://click.dealshark.com/ads-clicktrack/click/newjump1.do?affiliate=63659&subid=advertisewp11&terms=telefon&ai=hSWQ0Z1tiewsiijLQJy_naVIYk0YMSWaefD3CxJ8iu6cuO3A1npJbtM3hwu2A8eBjGutqEjuRI8Gn9g--VxS--xMJvUybZukdHiTu62MJZLNrf1y38CKmLJzIiECTbF2cpBBpLKrv_KWLPjCBax23WZwamex6NdjOyYFGSJrDJ52Ydt-zCpr1KE9MRU5F_qtDfG3b_5aHyJQsOvW_t8sqbALQ1EySNx_6VTgnfufudYX_dXr13aoTQHOBQWqLOAj9PiyUenktE0xuhvYYGynqcAptHytLIMj1s95Tqun1fNzOnJFwao91Q&product=intextRe: Awardhotspot reklamy
Zadejte v chrome do adresniho radku chrome://extensions/ Mrknete jestli tam nejsou rozsireni, ktera neznate - pripadne udelejte screen a poslete mi jej na mail Poku bude neco co neznate, tak kliknete na ten odpadkovy kos vedle rozsireni Pak jeste muzeme provest reset profilu Chrome a v novem profilu by jiz nemel byt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
Piskle1987
- Návštěvník
- Příspěvky: 11
- Registrován: 14 led 2014 12:09
Re: Awardhotspot reklamy
Paráda, díky moc za pomoc. Zdá se, že je po problému.
Měla jsem tam rozšíření s názvem YTBoookMaRk, tak to bude asi tím, páč takové rozšíření jsem si do chromu nedávala.
Ještě jednou DÍKY
Měla jsem tam rozšíření s názvem YTBoookMaRk, tak to bude asi tím, páč takové rozšíření jsem si do chromu nedávala.
Ještě jednou DÍKY
Přispějete na provoz fóra?