Prosím o pomoc

[zago33]

Ahojte, prosím o kontrolu mojho PC. Posielam všetko potrebné. Je pomalý, mrzne, vyhadzuje reklamy. Ďakujem:)
Stanka
-----

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
Ran by Stanka (administrator) on STANKA-PC (16-10-2016 11:57:30)
Running from C:\Users\Stanka\Desktop
Loaded Profiles: Stanka (Available Profiles: Stanka & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(The Firebird Project) C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Aztec Media Inc) C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(The Firebird Project) C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Media Player\setup_wm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2687488 2015-09-29] (Sony Corporation)
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {22a11e99-8f65-11e5-9fdf-e652880fedf7} - F:\autorun.exe
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {e4f5754c-4c35-11e6-890b-74f06d8bef6b} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-31] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2015-10-29]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 88.212.8.8 88.212.8.88
Tcpip\..\Interfaces\{2AE5AB33-77F2-4EAB-8805-9C21E42395EA}: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{AEAC9052-EF11-4E39-9A72-0453FCE84845}: [DhcpNameServer] 88.212.8.8 88.212.8.88

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=821&r=2014/04/12&hid=4922191210529511822&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {387874F3-3661-427F-B6D9-552C8B5DEB64} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9677ADF5-02FB-4591-8912-F15531E99340} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: o3effusq.default
FF ProfilePath: C:\Users\Stanka\AppData\Roaming\Mozilla\Firefox\Profiles\o3effusq.default [2015-11-16]
FF Extension: (xRocket Toolbar) - C:\Users\Stanka\AppData\Roaming\Mozilla\Firefox\Profiles\o3effusq.default\Extensions\arthurj8283@gmail.com [2015-11-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [ext@flashenhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Stanka\AppData\Roaming\Mozilla\Firefox\Profiles\o3effusq.default\extensions\arthurj8283@gmail.com
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2340926023-3914224287-3235203910-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.nicesearches.com?type=hp&ts=1460998 ... 9t3b1m3q7w
CHR StartupUrls: Default -> "hxxp://www.nicesearches.com?type=hp&ts=1460998 ... 9t3b1m3q7w"
CHR DefaultSearchURL: Default -> hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}
CHR DefaultSearchKeyword: Default -> nice
CHR Profile: C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default [2016-10-16]
CHR Extension: (Adblock Plus) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-29]
CHR Extension: (Search by Image (by Google)) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-12-21]
CHR Extension: (Chime) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdfkbkkfdhhfnhgbphecddnpfnoedke [2015-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [249856 2010-09-29] () [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [496128 2015-09-29] (Sony Corporation)
R2 SmdmFService; C:\Program Files (x86)\Assets Manager\smdmf\SmdmFService.exe [3570704 2015-01-28] (Aztec Media Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [45968 2015-01-28] (Aztec Media Inc)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-06-25] (StdLib)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-16 11:57 - 2016-10-16 11:58 - 00022214 _____ C:\Users\Stanka\Desktop\FRST.txt
2016-10-16 11:57 - 2016-10-16 11:57 - 00000000 ____D C:\FRST
2016-10-16 11:56 - 2016-10-16 11:56 - 02406912 _____ (Farbar) C:\Users\Stanka\Desktop\FRST64.exe
2016-10-12 20:05 - 2016-10-12 20:16 - 00000000 ____D C:\Windows\Minidump
2016-10-10 21:24 - 2016-10-10 21:24 - 00000000 ____D C:\Users\Stanka\AppData\Local\com

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-16 11:48 - 2015-10-18 11:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-16 11:33 - 2014-03-30 20:00 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-16 11:23 - 2009-07-14 06:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-16 11:23 - 2009-07-14 06:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-16 11:10 - 2015-03-19 21:21 - 00000000 ____D C:\ProgramData\smdmf
2016-10-16 11:10 - 2014-03-30 20:00 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-16 11:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-16 11:09 - 2014-03-31 16:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-12 22:06 - 2014-04-12 18:02 - 00000000 ____D C:\Users\Stanka\AppData\Roaming\vlc
2016-10-12 20:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-10 20:56 - 2009-07-14 07:13 - 00782042 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-16 22:57 - 2014-10-06 20:26 - 00000000 ___RD C:\Users\Stanka\Disk Google

==================== Files in the root of some directories =======

2014-04-12 17:54 - 2014-10-07 15:35 - 0000412 _____ () C:\Users\Stanka\AppData\Roaming\LiveSupport.exe_log.txt
2014-04-12 17:54 - 2014-10-07 16:16 - 0000092 _____ () C:\Users\Stanka\AppData\Roaming\regsvr32.exe_log.txt
2015-10-29 18:41 - 2016-07-17 09:44 - 0000098 _____ () C:\Users\Stanka\AppData\Roaming\WB.CFG

Files to move or delete:
====================
C:\Users\Stanka\Firefox Setup 41.0 (1).exe


Some files in TEMP:
====================
C:\Users\Stanka\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Stanka\AppData\Local\Temp\yacupgrade.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-10 12:10

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[zago33]

Ďakujem za reakciu, posielam log
---
# AdwCleaner v6.021 - Logfile created 16/10/2016 at 21:05:50
# Updated on 06/10/2016 by ToolsLib
# Database : 2016-10-15.3 [Server]
# Operating System : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Stanka - STANKA-PC
# Running from : C:\Users\Stanka\Desktop\adwcleaner_6.021.exe
# Mode: Clean
# Support : https://toolslib.net/forum



***** [ Services ] *****

[-] Service deleted: iSafeKrnlMon
[-] Service deleted: SmdmFService


***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\5500Couuponns
[#] Folder deleted on reboot: C:\ProgramData\Application Data\5500Couuponns
[-] Folder deleted: C:\Program Files (x86)\5500Couuponns
[-] Folder deleted: C:\ProgramData\CuouuupExtenSioon
[#] Folder deleted on reboot: C:\ProgramData\Application Data\CuouuupExtenSioon
[-] Folder deleted: C:\Program Files (x86)\CuouuupExtenSioon
[-] Folder deleted: C:\ProgramData\DeealEXpress
[#] Folder deleted on reboot: C:\ProgramData\Application Data\DeealEXpress
[-] Folder deleted: C:\Program Files (x86)\DeealEXpress
[-] Folder deleted: C:\ProgramData\NetoCaouuupoOn
[#] Folder deleted on reboot: C:\ProgramData\Application Data\NetoCaouuupoOn
[-] Folder deleted: C:\Program Files (x86)\NetoCaouuupoOn
[-] Folder deleted: C:\ProgramData\RaanddomPRiicEe
[#] Folder deleted on reboot: C:\ProgramData\Application Data\RaanddomPRiicEe
[-] Folder deleted: C:\Program Files (x86)\RaanddomPRiicEe
[-] Folder deleted: C:\ProgramData\save Neet
[#] Folder deleted on reboot: C:\ProgramData\Application Data\save Neet
[-] Folder deleted: C:\Program Files (x86)\save Neet
[#] Folder deleted on reboot: C:\ProgramData\5500Couuponns
[#] Folder deleted on reboot: C:\ProgramData\CuouuupExtenSioon
[-] Folder deleted: C:\ProgramData\d5d8351b0748e0ca
[#] Folder deleted on reboot: C:\ProgramData\DeealEXpress
[#] Folder deleted on reboot: C:\ProgramData\NetoCaouuupoOn
[#] Folder deleted on reboot: C:\ProgramData\RaanddomPRiicEe
[#] Folder deleted on reboot: C:\ProgramData\save Neet
[#] Folder deleted on reboot: C:\Users\Stanka\AppData\Local\24335
[-] Folder deleted: C:\Users\Stanka\AppData\Local\32385
[-] Folder deleted: C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
[-] Folder deleted: C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\eebebckgaojahmhphldocgeniedgejig
[-] Folder deleted: C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehimbpplhoacipeaebcidicfeokjekf
[-] Folder deleted: C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekgeolidbhhlipnondociphjciegffin
[-] Folder deleted: C:\Users\Stanka\AppData\Local\BrowserWeb
[#] Folder deleted on reboot: C:\Users\Stanka\AppData\Local\torch
[-] Folder deleted: C:\Users\Stanka\AppData\Roaming\eCyber
[#] Folder deleted on reboot: C:\Users\Stanka\AppData\Roaming\Elex-tech
[-] Folder deleted: C:\Users\Stanka\AppData\Roaming\RHEng
[-] Folder deleted: C:\Users\Stanka\AppData\Roaming\SupTab
[-] Folder deleted: C:\Users\Stanka\AppData\Roaming\WinZiper
[#] Folder deleted on reboot: C:\Users\UpdatusUser\AppData\Local\torch
[-] Folder deleted: C:\Program Files\PCDApp
[-] Folder deleted: C:\ProgramData\House Of Soft
[-] Folder deleted: C:\ProgramData\IePluginServices
[-] Folder deleted: C:\ProgramData\IHProtectUpDate
[#] Folder deleted on reboot: C:\ProgramData\smdmf
[-] Folder deleted: C:\ProgramData\SNT
[-] Folder deleted: C:\ProgramData\WindowsProtectManger
[#] Folder deleted on reboot: C:\ProgramData\Application Data\House Of Soft
[#] Folder deleted on reboot: C:\ProgramData\Application Data\IePluginServices
[#] Folder deleted on reboot: C:\ProgramData\Application Data\IHProtectUpDate
[#] Folder deleted on reboot: C:\ProgramData\Application Data\smdmf
[#] Folder deleted on reboot: C:\ProgramData\Application Data\SNT
[#] Folder deleted on reboot: C:\ProgramData\Application Data\WindowsProtectManger
[-] Folder deleted: C:\Program Files (x86)\AmiExt
[#] Folder deleted on reboot: C:\Program Files (x86)\Assets Manager
[#] Folder deleted on reboot: C:\Program Files (x86)\Elex-tech
[-] Folder deleted: C:\Program Files (x86)\SNT
[#] Folder deleted on reboot: C:\Program Files (x86)\SupTab
[-] Folder deleted: C:\Users\Stanka\AppData\Local\Temp\iSafeRightKeyScan
[-] Folder deleted: C:\Users\Stanka\AppData\Local\com


***** [ Files ] *****

[-] File deleted: C:\Users\Stanka\AppData\Roaming\LiveSupport.exe_log.txt
[-] File deleted: C:\Users\Stanka\AppData\Roaming\regsvr32.exe_log.txt
[-] File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] File deleted: C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[-] File deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk
[-] File deleted: C:\Program Files (x86)\Common Files\config\uninstinethnfd.exe
[-] File deleted: C:\Windows\SysWOW64\installd.exe
[-] File deleted: C:\Users\Stanka\AppData\Local\Temp\mystart-toolbar.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeService
[-] Key deleted: HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.001
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.z
[-] Key deleted: HKLM\SOFTWARE\Classes\WinZippers.zip
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\CLSID\{48B20490-3C06-4984-B594-A6B5CBFF0A6C}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\clean.capture.clean.capture
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\clean.capture.clean.capture.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{86ac6ea1-11f8-42b3-80b6-461fe9beacd0}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\AWinUpd.Win.AWinUpd.Win
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\AWinUpd.Win.AWinUpd.Win.1
[#] Key deleted on reboot: {3A8C08FC-AFB9-4CC1-999C-119667210ED7}
[#] Key deleted on reboot: {99E29823-2F67-41C3-8AA5-6425097A771F}
[#] Key deleted on reboot: {E2343056-CC08-46AC-B898-BFC7ACF4E755}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{9B41579A-1996-42F9-8F84-7B7786818CEF}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{D5F245F0-0E38-49B4-801F-148E0D31EB57}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\IePluginServices
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\IePluginServices
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsProtectManger
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WindowsProtectManger
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Key deleted: HKLM\SOFTWARE\Classes\pc-mechanic
[-] Key deleted: HKLM\SOFTWARE\Classes\speedupmypc
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\pc-mechanic
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\speedupmypc
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB24E92-62C4-4C53-95D2-65F9EED476BC}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Key deleted: HKU\.DEFAULT\Software\Elex-tech
[-] Key deleted: HKU\.DEFAULT\Software\SmdmF
[-] Key deleted: HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKU\S-1-5-19\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\AmiExt
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Linkey
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\SmdmF
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\V9
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key deleted on reboot: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[#] Key deleted on reboot: HKU\S-1-5-18\Software\Elex-tech
[#] Key deleted on reboot: HKU\S-1-5-18\Software\SmdmF
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[#] Key deleted on reboot: HKCU\Software\AmiExt
[#] Key deleted on reboot: HKCU\Software\Linkey
[#] Key deleted on reboot: HKCU\Software\SmdmF
[#] Key deleted on reboot: HKCU\Software\V9
[#] Key deleted on reboot: HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key deleted on reboot: HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key deleted: HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[-] Key deleted: HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
[-] Key deleted: HKLM\SOFTWARE\delta-homesSoftware
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\IHProtect
[-] Key deleted: HKLM\SOFTWARE\MixVideoPlayer
[-] Key deleted: HKLM\SOFTWARE\SmdmF
[-] Key deleted: HKLM\SOFTWARE\SupDp
[-] Key deleted: HKLM\SOFTWARE\SupTab
[-] Key deleted: HKLM\SOFTWARE\supWindowsProtectManger
[-] Key deleted: HKLM\SOFTWARE\Uniblue
[-] Key deleted: HKLM\SOFTWARE\V9
[-] Key deleted: HKLM\SOFTWARE\webssearchesSoftware
[#] Key deleted on reboot: HKLM\SOFTWARE\SUPDP
[#] Key deleted on reboot: HKLM\SOFTWARE\SUPTAB
[-] Key deleted: HKLM\SOFTWARE\MaxPower
[-] Key deleted: HKLM\SOFTWARE\WinZiper
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CF987D06-1DCF-7B36-5B43-13BC8699C44C}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MixVideoPlayer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCData App
[#] Key deleted on reboot: [x64] HKCU\Software\AmiExt
[#] Key deleted on reboot: [x64] HKCU\Software\Linkey
[#] Key deleted on reboot: [x64] HKCU\Software\SmdmF
[#] Key deleted on reboot: [x64] HKCU\Software\V9
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{387874F3-3661-427F-B6D9-552C8B5DEB64}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[#] Data restored on reboot: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9677ADF5-02FB-4591-8912-F15531E99340}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
[-] Key deleted: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{387874F3-3661-427F-B6D9-552C8B5DEB64}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9677ADF5-02FB-4591-8912-F15531E99340}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{387874F3-3661-427F-B6D9-552C8B5DEB64}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF}
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9677ADF5-02FB-4591-8912-F15531E99340}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mystart.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\toolbar.mystart.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mystart.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\toolbar.mystart.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\foxi69.tlscdn.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\pstatic.bestpriceninja.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tlscdn.com
[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\MixVideoPlayer.exe
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [BrowserWeb.exe]


***** [ Web browsers ] *****

[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: default-search.net
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: zapmeta.sk
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: delta-homes
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: v9.com
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: v9
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: nice
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Deleted: hxxp://www.nicesearches.com?type=hp&ts=1460998 ... 9t3b1m3q7w
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fpmeembnagmagppkgghhfjfdfajdfcah
[-] [C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxp://www.nicesearches.com?type=hp&ts=1460998 ... 9t3b1m3q7w


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [23582 Bytes] - [16/10/2016 21:05:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [21575 Bytes] - [16/10/2016 20:57:04]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [23730 Bytes] ##########

[Rudy]

Dejte nový log FRST.

[zago33]

pripájam log
-----
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
Ran by Stanka (administrator) on STANKA-PC (17-10-2016 07:47:40)
Running from C:\Users\Stanka\Desktop
Loaded Profiles: Stanka (Available Profiles: Stanka & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
(The Firebird Project) C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(The Firebird Project) C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2687488 2015-09-29] (Sony Corporation)
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {22a11e99-8f65-11e5-9fdf-e652880fedf7} - F:\autorun.exe
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {e4f5754c-4c35-11e6-890b-74f06d8bef6b} - F:\AutoRun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-31] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 88.212.8.8 88.212.8.88
Tcpip\..\Interfaces\{2AE5AB33-77F2-4EAB-8805-9C21E42395EA}: [DhcpNameServer] 192.168.1.20
Tcpip\..\Interfaces\{AEAC9052-EF11-4E39-9A72-0453FCE84845}: [DhcpNameServer] 88.212.8.8 88.212.8.88

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143437 ... F33E2DEE1A
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403766857&from=amt&uid=ST9320325AS_5VD4Z1B8XXXX5VD4Z1B8&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=821&r=2014/04/12&hid=4922191210529511822&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {387874F3-3661-427F-B6D9-552C8B5DEB64} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1435056220&fr ... earchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9677ADF5-02FB-4591-8912-F15531E99340} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: o3effusq.default
FF ProfilePath: C:\Users\Stanka\AppData\Roaming\Mozilla\Firefox\Profiles\o3effusq.default [2015-11-16]
FF Extension: (xRocket Toolbar) - C:\Users\Stanka\AppData\Roaming\Mozilla\Firefox\Profiles\o3effusq.default\Extensions\arthurj8283@gmail.com [2015-11-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [ext@flashenhancer.com] - C:\Program Files (x86)\AmiExt\flashEnhancer\ff => not found
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Stanka\AppData\Roaming\Mozilla\Firefox\Profiles\o3effusq.default\extensions\arthurj8283@gmail.com
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-08-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-12-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2340926023-3914224287-3235203910-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR StartupUrls: Default -> "hxxp://www.google.sk/"
CHR Profile: C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default [2016-10-17]
CHR Extension: (Adblock Plus) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-29]
CHR Extension: (Search by Image (by Google)) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2014-12-21]
CHR Extension: (Chime) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdfkbkkfdhhfnhgbphecddnpfnoedke [2015-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR HKLM-x32\...\Chrome\Extension: [ijepgjdjkdbopbnaopmlmobimmhjklhd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [249856 2010-09-29] () [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_1_5\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project) [File not signed]
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [496128 2015-09-29] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Assets Manager\smdmf\x64\smdmfmgrc3.cfg [45968 2015-01-28] (Aztec Media Inc)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATK64AMD.sys [13680 2007-08-09] ()
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R1 {3f538614-b636-4023-9ec2-564ada4b07b3}Gw64; C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw64.sys [61112 2014-06-25] (StdLib)
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-17 07:47 - 2016-10-17 07:48 - 00020309 _____ C:\Users\Stanka\Desktop\FRST.txt
2016-10-16 21:07 - 2016-05-19 08:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-10-16 20:54 - 2016-10-16 21:05 - 00000000 ____D C:\AdwCleaner
2016-10-16 20:53 - 2016-10-16 20:53 - 03874368 _____ C:\Users\Stanka\Desktop\adwcleaner_6.021.exe
2016-10-16 11:57 - 2016-10-17 07:47 - 00000000 ____D C:\FRST
2016-10-16 11:56 - 2016-10-16 11:56 - 02406912 _____ (Farbar) C:\Users\Stanka\Desktop\FRST64.exe
2016-10-12 20:05 - 2016-10-12 20:16 - 00000000 ____D C:\Windows\Minidump

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-17 07:46 - 2015-10-18 11:54 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-17 07:44 - 2014-03-31 16:21 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-17 07:44 - 2014-03-30 20:00 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-17 07:44 - 2014-03-30 20:00 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-17 07:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-16 21:15 - 2009-07-14 06:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-16 21:15 - 2009-07-14 06:45 - 00021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-16 21:02 - 2015-06-18 13:31 - 00000000 ____D C:\Windows\system32\log
2016-10-16 20:59 - 2014-09-29 08:34 - 00000000 ____D C:\Users\Stanka\AppData\Local\24335
2016-10-16 20:46 - 2015-03-19 21:21 - 00000000 ____D C:\ProgramData\smdmf
2016-10-12 22:06 - 2014-04-12 18:02 - 00000000 ____D C:\Users\Stanka\AppData\Roaming\vlc
2016-10-12 20:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-10 20:56 - 2009-07-14 07:13 - 00782042 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-10-29 18:41 - 2016-07-17 09:44 - 0000098 _____ () C:\Users\Stanka\AppData\Roaming\WB.CFG

Files to move or delete:
====================
C:\Users\Stanka\Firefox Setup 41.0 (1).exe


Some files in TEMP:
====================
C:\Users\Stanka\AppData\Local\Temp\libeay32.dll
C:\Users\Stanka\AppData\Local\Temp\msvcr120.dll
C:\Users\Stanka\AppData\Local\Temp\sqlite3.dll
C:\Users\Stanka\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Stanka\AppData\Local\Temp\yacupgrade.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-10 12:10

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {22a11e99-8f65-11e5-9fdf-e652880fedf7} - F:\autorun.exe
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {e4f5754c-4c35-11e6-890b-74f06d8bef6b} - F:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=821&r=2014/04/12&hid=4922191210529511822&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {387874F3-3661-427F-B6D9-552C8B5DEB64} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9677ADF5-02FB-4591-8912-F15531E99340} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-2340926023-3914224287-3235203910-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Stanka\AppData\Local\Temp
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {94773B87-F7E1-43A1-987A-7A334F2BCE7D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {3D8F445C-1F21-4D9F-9970-EEB58CBC4CBB} - System32\Tasks\{46242F70-3C4B-48E9-B92A-5E9A922024CD} => pcalua.exe -a C:\Users\Stanka\AppData\Local\Temp\Temp1_TouchPad_WIN7_32_z70510.zip\Setup.exe <==== ATTENTION
Task: {A7370A43-DD60-497A-AE1B-02E9DE3B8C92} - System32\Tasks\browser_app+_v1_shopping_updating_service => C:\Program Files (x86)\Browser App+ v1 shopping\browser_app+_v1_shopping_updating_service.exe <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BB535C87-4F74-4A7B-A153-E6232951F41F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
C:\Users\Stanka\AppData\Local\Akamai
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[zago33]

mam to ale tentoraz som nerobila scan vo frst iba rovno fix, dufam, ze tak je to spravne. ci mal ist scan a potom fix?
kazdopadne prikladam fixlog
-----
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-10-2016
Ran by Stanka (17-10-2016 18:12:54) Run:1
Running from C:\Users\Stanka\Desktop
Loaded Profiles: Stanka (Available Profiles: Stanka & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {22a11e99-8f65-11e5-9fdf-e652880fedf7} - F:\autorun.exe
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\...\MountPoints2: {e4f5754c-4c35-11e6-890b-74f06d8bef6b} - F:\AutoRun.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts ... F33E2DEE1A
SearchScopes: HKLM -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?typ ... VD4Z1B8&q={searchTerms}
SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=821&r=2014/04/12&hid=4922191210529511822&lg=EN&cc=CZ&unqvl=51
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {387874F3-3661-427F-B6D9-552C8B5DEB64} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=143505 ... qfobg3b&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL =
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9677ADF5-02FB-4591-8912-F15531E99340} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2340926023-3914224287-3235203910-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?si ... &src=ds&p={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-2340926023-3914224287-3235203910-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [No File]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Stanka\AppData\Local\Temp
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {94773B87-F7E1-43A1-987A-7A334F2BCE7D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {3D8F445C-1F21-4D9F-9970-EEB58CBC4CBB} - System32\Tasks\{46242F70-3C4B-48E9-B92A-5E9A922024CD} => pcalua.exe -a C:\Users\Stanka\AppData\Local\Temp\Temp1_TouchPad_WIN7_32_z70510.zip\Setup.exe <==== ATTENTION
Task: {A7370A43-DD60-497A-AE1B-02E9DE3B8C92} - System32\Tasks\browser_app+_v1_shopping_updating_service => C:\Program Files (x86)\Browser App+ v1 shopping\browser_app+_v1_shopping_updating_service.exe <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BB535C87-4F74-4A7B-A153-E6232951F41F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
C:\Users\Stanka\AppData\Local\Akamai
End
*****************

"HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{22a11e99-8f65-11e5-9fdf-e652880fedf7}" => key removed successfully
HKCR\CLSID\{22a11e99-8f65-11e5-9fdf-e652880fedf7} => key not found.
"HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4f5754c-4c35-11e6-890b-74f06d8bef6b}" => key removed successfully
HKCR\CLSID\{e4f5754c-4c35-11e6-890b-74f06d8bef6b} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} => key could not remove.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\Wow6432Node\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} => key could not remove.
HKCR\Wow6432Node\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} => key could not remove.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key could not remove.
HKCR\Wow6432Node\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{387874F3-3661-427F-B6D9-552C8B5DEB64} => key could not remove.
HKCR\CLSID\{387874F3-3661-427F-B6D9-552C8B5DEB64} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key could not remove.
HKCR\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key could not remove.
HKCR\CLSID\{425ED333-6083-428a-92C9-0CFC28B9D1BF} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key could not remove.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2} => key could not remove.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9677ADF5-02FB-4591-8912-F15531E99340} => key could not remove.
HKCR\CLSID\{9677ADF5-02FB-4591-8912-F15531E99340} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key could not remove.
HKCR\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key could not remove.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} => key could not remove.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
"HKCR\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKU\S-1-5-21-2340926023-3914224287-3235203910-1000\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1" => key removed successfully
C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll => not found.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\Stanka\AppData\Local\Temp" folder move:

Could not move "C:\Users\Stanka\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94773B87-F7E1-43A1-987A-7A334F2BCE7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94773B87-F7E1-43A1-987A-7A334F2BCE7D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D8F445C-1F21-4D9F-9970-EEB58CBC4CBB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D8F445C-1F21-4D9F-9970-EEB58CBC4CBB}" => key removed successfully
C:\Windows\System32\Tasks\{46242F70-3C4B-48E9-B92A-5E9A922024CD} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{46242F70-3C4B-48E9-B92A-5E9A922024CD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7370A43-DD60-497A-AE1B-02E9DE3B8C92}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7370A43-DD60-497A-AE1B-02E9DE3B8C92}" => key removed successfully
C:\Windows\System32\Tasks\browser_app+_v1_shopping_updating_service => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\browser_app+_v1_shopping_updating_service" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB535C87-4F74-4A7B-A153-E6232951F41F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB535C87-4F74-4A7B-A153-E6232951F41F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => key removed successfully
"C:\Users\Stanka\AppData\Local\Akamai" => not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-10-2016 18:15:32)

C:\Users\Stanka\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:15:32 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[zago33]

dakujem, zatial sa zda, ze ano, ide to o poznanie rychlejsie dam tomu par dni, ale snad je vsetko ok
pomohli ste nam uz viackrat, posleme prispevok
pekny den

[Rudy]

Za příspěvek děkujeme a nemáte zač!