JS Toolbar ve Firefoxu

[Lipicek]

Dobrý den, Eset mi hodil hlášku o potenciálně nechtěné aplikaci, snažil jsem se toho zbavit, ale bohužel bezvýsledně. Mohli by jste mi poradit jak na to? Děkuji.


12.5.2014 22:01:52 Rezidentní ochrana soubor C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com\extensionData\plugins\91.js JS/Toolbar.Crossrider.B potenciálně nechtěná aplikace nelze léčit Lipickovi\Lipicek Tato skutečnost byla zjištěna při pokusu o přístup k souboru aplikací: C:\Program Files\Mozilla Firefox\firefox.exe.

[vyosek]

Zdravim

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Lipicek]

Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-05-2014 01
Ran by Lipicek at 2014-05-12 22:12:56
Running from C:\Users\Lipicek\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.1.0 - IObit)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Any Video Converter 5.5.1 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Ashampoo Burning Studio FREE v.1.12.0 (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.12.0 - Ashampoo GmbH & Co. KG)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.7.8981 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Compiled Driver Disc (Full) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-70548081120E}_is1) (Version: 1.0.9.1 - COMPELSON Labs)
Compiled Driver Disk (Samsung) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 1.0.8.1 - COMPELSON Labs)
Convert MOV to AVI 1.0 (HKLM\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DigitalVideoConverter v2.9.0.53 (HKLM\...\{1AD473D7-7A47-5AEC-B45D-9B87414E7175}) (Version: - )
ESET Smart Security (HKLM\...\{1A8FE52B-983B-46B6-A2EF-9A75DDCAFCEF}) (Version: 7.0.302.26 - ESET, spol s r. o.)
FastStone Image Viewer 4.9 (HKLM\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)
FormatFactory 3.2.1.0 (HKLM\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
Freemake Video Converter verze 4.1.3 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.1.7.2379 - IObit)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
MOBILedit! Support Libraries (HKLM\...\{1A834332-A9EE-440C-9505-2D07F445F05A}) (Version: 4.0.0 - COMPELSON Labs)
MOBILedit! ver. 7.5.4.4232 (HKLM\...\{47DA7D2E-408C-4050-B75F-95F6D2E6A332}_is1) (Version: 7.5.4.4232 - COMPELSON Labs)
Moborobo 2.1.5.855 (HKLM\...\{02B934E4-C574-4605-842B-01CD16295185}_is1) (Version: 2.1.5.855 - Moborobo Inc.)
Mozilla Firefox 28.0 (x86 cs) (HKLM\...\Mozilla Firefox 28.0 (x86 cs)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Ovladače grafiky 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Ovládací panel NVIDIA 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
PDF reDirect (remove only) (HKLM\...\PDF reDirect) (Version: v2.2.6 - EXP Systems LLC)
Phone Drivers Downloader 1.1 (HKLM\...\{BDDB58A5-F98E-4D3C-B554-4A4D31C6D405}_is1) (Version: 1.1.0.0 - COMPELSON Labs)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Rajče průvodce verze 1.59.52.267 (HKLM\...\rajce.net_is1) (Version: - rajce.net)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.2.201402071544 - Sony Mobile Communications AB)
Sony PC Companion 2.10.197 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.197 - Sony)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{A030537D-0034-46AD-A730-B1119786F607}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip (HKLM\...\WinZip) (Version: 9.0 (6028) - WinZip Computing, Inc.)

==================== Restore Points =========================

10-04-2014 10:43:56 Windows Update
16-04-2014 12:18:13 Windows Update
22-04-2014 19:18:59 Installed Java 7 Update 55
22-04-2014 19:22:03 Windows Update
02-05-2014 06:56:58 Windows Update
02-05-2014 17:00:13 Windows Update
02-05-2014 21:30:18 Windows Update
03-05-2014 19:17:01 Windows Update
04-05-2014 17:00:14 Windows Update
12-05-2014 14:08:41 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0BB0C177-5A7E-4B8B-8AB2-6124BA37FDA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {0C128914-F770-41DC-B60B-3DE24DAFB994} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {34074000-1B4F-4979-967F-E31E7D2896EE} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [2013-12-03] (IObit)
Task: {507446F0-268F-4C0D-898E-C0D05A8FC2A6} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe [2014-02-13] (IObit)
Task: {8E07D066-FE0A-4E96-9FB9-FD3A57E6F249} - System32\Tasks\ASC7_SkipUac_Lipicek => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2013-12-16] (IObit)
Task: {9F4F1325-9C2A-4231-A61F-9C37114FEE20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-02] (Adobe Systems Incorporated)
Task: {A164C9BF-624B-4405-B2D6-C5C94B31D515} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-20] (IObit)
Task: {D64FD773-1B9F-44DB-B1B7-EBC07C6BB18E} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe [2014-02-13] (IObit)
Task: {DF6D1B1F-FF14-410C-B8F6-A37BA64E3056} - System32\Tasks\GoogleUpdateTaskMachineUA1cf491fcddd9fb3 => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf491fcddd9fb3.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-16 09:42 - 2013-10-25 13:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2014-02-16 10:45 - 2012-09-18 16:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2007-07-01 19:50 - 2007-07-01 19:50 - 00064976 _____ () C:\Windows\System32\PDFreDirectMonNT.dll
2014-02-16 10:46 - 2012-09-18 16:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2014-03-02 18:53 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\21301libfoxloader.dll
2014-02-16 09:42 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-02-16 09:42 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-02-16 09:42 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-02-16 09:42 - 2013-01-15 19:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2014-02-16 09:39 - 2012-09-05 19:55 - 00892288 _____ () C:\Program Files\IObit\Smart Defrag 3\webres.dll
2014-02-16 20:05 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2014-02-16 20:05 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 15:54 - 2011-07-07 15:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2014-02-16 20:05 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll
2014-01-03 11:38 - 2014-01-03 11:38 - 00571392 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2014-02-16 20:05 - 2013-10-31 12:35 - 00070880 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2014-03-02 18:53 - 2013-04-12 10:13 - 00457208 _____ () C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2014-03-02 18:53 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2014-03-02 18:53 - 2013-04-29 11:54 - 01663000 _____ () C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2014-02-16 09:42 - 2013-12-02 20:06 - 01281312 _____ () C:\Program Files\IObit\Advanced SystemCare 7\Scan.dll
2014-05-02 09:34 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-02 09:34 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-05-02 09:34 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-05-02 09:34 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-02 09:34 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-02 09:34 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2014 09:20:58 PM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 09:09:08 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Program TOTALCMD.EXE verze 7.0.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1504

Čas spuštění: 01cf6e153e970a59

Čas ukončení: 12

Cesta k aplikaci: C:\totalcmd\TOTALCMD.EXE

ID hlášení: d9d49b78-da08-11e3-9c6e-001d926838a8

Error: (05/12/2014 09:06:00 PM) (Source: Application Hang) (User: ) (EventID: 1002)
Description: Program TOTALCMD.EXE verze 7.0.1.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 120

Čas spuštění: 01cf6e14cdafb480

Čas ukončení: 6

Cesta k aplikaci: C:\totalcmd\TOTALCMD.EXE

ID hlášení: 2c738fc1-da08-11e3-9c6e-001d926838a8

Error: (05/12/2014 09:01:56 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Název chybující aplikace: TOTALCMD.EXE, verze: 7.0.1.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18229, časové razítko: 0x51fb10c6
Kód výjimky: 0x0eedfade
Posun chyby: 0x0000812f
ID chybujícího procesu: 0xb08
Čas spuštění chybující aplikace: 0xTOTALCMD.EXE0
Cesta k chybující aplikaci: TOTALCMD.EXE1
Cesta k chybujícímu modulu: TOTALCMD.EXE2
ID zprávy: TOTALCMD.EXE3

Error: (05/12/2014 04:41:22 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/12/2014 04:39:44 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/12/2014 04:39:21 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/12/2014 04:39:02 PM) (Source: SideBySide) (User: ) (EventID: 33)
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1 se nezdařilo.
Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (05/12/2014 04:07:48 PM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/12/2014 02:11:06 PM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/12/2014 09:19:22 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/12/2014 09:19:19 PM) (Source: EventLog) (User: ) (EventID: 6008)
Description: Předchozí vypnutí systému (21:18:10, ‎12.‎5.‎2014) bylo neočekávané.

Error: (05/12/2014 04:06:05 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/12/2014 02:09:23 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/07/2014 00:34:14 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/06/2014 09:07:02 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/06/2014 09:01:19 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/05/2014 03:50:53 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/04/2014 09:48:54 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (05/03/2014 11:52:43 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Služba Aspi32 neuspěla při spuštění v důsledku následující chyby:
%%2


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 67%
Total physical RAM: 1791.24 MB
Available physical RAM: 589.28 MB
Total Pagefile: 3582.48 MB
Available Pagefile: 1751.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:92.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Moje soubory) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 36593658)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[vyosek]

Poprosim i o druhy log s nazvem FRST.txt

[Lipicek]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by Lipicek (administrator) on LIPICKOVI on 12-05-2014 22:12:15
Running from C:\Users\Lipicek\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(C. Ghisler & Co.) C:\totalcmd\TOTALCMD.EXE
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [Advanced SystemCare 7] => C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [86474004B45898B4256EC1FDBC78A82E4D0EF17C._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

==================== Internet (Whitelisted) ====================

URLSearchHook: HKCU - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
SearchScopes: HKCU - {22F783F9-7F24-4995-9B95-6E01F96771AB} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {3BB40C40-4881-412A-89D6-BE718DB3DB64} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {3FC87F42-9B8A-45C0-9F78-FD54702B3821} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {6AB6768D-0468-4DCB-B10C-BEC297302466} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {7E7F838D-3B8A-411A-A81A-1246690D204D} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {81D4241C-2E95-46F0-BDAC-77B0F0531036} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {A4BCEE4B-56A4-44ED-9841-EA247098B599} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {EC1001A6-D5C1-47EB-84B5-15D2D232E1F1} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKCU - {F07053E8-F74B-4751-9676-3C43B8080C07} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default
FF user.js: detected! => C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\user.js
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Lipicek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Apps Hat - C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com [2014-04-08]
FF Extension: Seznam lištička - C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-05-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-15]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=13415
CHR DefaultSearchKeyword: yahoo.com search
CHR DefaultSearchProvider: Yahoo
CHR DefaultSearchURL: http://search.yahoo.com/search?fr=chr-g ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Disk Google) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-02-16]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-02-16]
CHR Extension: (YouTube) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-02-16]
CHR Extension: (AdBlock) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-16]
CHR Extension: (Ads Removal) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2014-02-16]
CHR Extension: (Ebay Shopping Assistant by Spigot) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj [2014-02-16]
CHR Extension: (Domain Error Assistant) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2014-02-16]
CHR Extension: (Slick Savings) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2014-02-16]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-16]
CHR Extension: (Peněženka Google) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-02-16]
CHR Extension: (Amazon Shopping Assistant by Spigot) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp [2014-02-16]
CHR Extension: (Gmail) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-02-16]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-02-16] (IObit)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145280 2014-02-16] (ITE )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
S2 Aspi32; System32\drivers\aspi32.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-12 22:12 - 2014-05-12 22:12 - 00013544 _____ () C:\Users\Lipicek\Downloads\FRST.txt
2014-05-12 22:12 - 2014-05-12 22:12 - 00000000 ____D () C:\FRST
2014-05-12 22:11 - 2014-05-12 22:11 - 01056256 _____ (Farbar) C:\Users\Lipicek\Downloads\FRST.exe
2014-05-12 21:49 - 2014-05-12 21:49 - 00139406 _____ () C:\Users\Lipicek\Desktop\Mozilla.xml
2014-05-03 21:18 - 2014-05-04 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-03 21:18 - 2014-05-03 21:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-03 21:17 - 2014-05-05 15:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-03 21:16 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-03 21:16 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-02 23:30 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 23:30 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 19:01 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-02 19:01 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-02 19:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-02 19:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-02 19:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-02 19:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-02 19:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-02 19:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-02 19:01 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-02 19:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-02 19:01 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-02 19:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-02 19:01 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-02 19:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-02 19:01 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-02 19:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-02 19:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-02 19:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-02 19:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-02 19:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-02 19:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-02 19:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-02 19:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-02 19:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-22 21:48 - 2014-04-22 21:48 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Unity
2014-04-22 21:39 - 2014-04-22 21:39 - 00000000 ____D () C:\Users\Lipicek\AppData\Local\Unity
2014-04-22 21:35 - 2014-04-22 21:35 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Oracle
2014-04-22 21:21 - 2014-04-22 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 21:21 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-22 21:21 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-22 21:21 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-22 21:21 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-22 21:20 - 2014-04-22 21:21 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

==================== One Month Modified Files and Folders =======

2014-05-12 22:12 - 2014-05-12 22:12 - 00013544 _____ () C:\Users\Lipicek\Downloads\FRST.txt
2014-05-12 22:12 - 2014-05-12 22:12 - 00000000 ____D () C:\FRST
2014-05-12 22:11 - 2014-05-12 22:11 - 01056256 _____ (Farbar) C:\Users\Lipicek\Downloads\FRST.exe
2014-05-12 21:49 - 2014-05-12 21:49 - 00139406 _____ () C:\Users\Lipicek\Desktop\Mozilla.xml
2014-05-12 21:35 - 2014-03-01 14:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-12 21:28 - 2014-03-26 20:18 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf491fcddd9fb3.job
2014-05-12 21:26 - 2009-07-14 06:34 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-12 21:26 - 2009-07-14 06:34 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-12 21:24 - 2014-03-11 17:04 - 40333312 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
2014-05-12 21:24 - 2014-03-02 18:53 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Seznam.cz
2014-05-12 21:24 - 2014-02-15 22:38 - 00000000 ____D () C:\Users\Lipicek
2014-05-12 21:24 - 2010-11-20 23:01 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 21:19 - 2014-02-16 00:11 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-12 21:19 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-12 21:10 - 2014-02-15 23:54 - 00000000 ____D () C:\Lipicek
2014-05-12 16:09 - 2014-02-15 22:31 - 01418811 _____ () C:\Windows\WindowsUpdate.log
2014-05-05 15:50 - 2014-05-03 21:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-04 19:01 - 2014-05-03 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-04 10:09 - 2014-02-26 19:53 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\MOBILedit
2014-05-03 21:18 - 2014-05-03 21:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-02 22:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-02 09:35 - 2014-02-18 22:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-02 09:35 - 2014-02-18 22:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-02 09:34 - 2014-02-16 00:15 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 14:48 - 2014-05-02 23:30 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-02 23:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-22 21:48 - 2014-04-22 21:48 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Unity
2014-04-22 21:39 - 2014-04-22 21:39 - 00000000 ____D () C:\Users\Lipicek\AppData\Local\Unity
2014-04-22 21:35 - 2014-04-22 21:35 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Oracle
2014-04-22 21:26 - 2014-02-26 18:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 21:21 - 2014-04-22 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 21:21 - 2014-04-22 21:20 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-22 21:21 - 2014-02-26 18:25 - 00000000 ____D () C:\Program Files\Java
2014-04-19 08:03 - 2014-03-11 23:42 - 39620608 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-19 08:03 - 2014-03-11 23:42 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-19 08:03 - 2014-03-11 23:42 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-19 08:03 - 2014-03-11 23:42 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-16 14:56 - 2014-03-07 20:37 - 00000000 ____D () C:\FFOutput
2014-04-16 14:27 - 2014-03-03 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo
2014-04-16 14:27 - 2014-03-03 19:39 - 00000000 ____D () C:\Program Files\Moborobo
2014-04-14 20:13 - 2014-04-22 21:21 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-22 21:21 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-04-22 21:21 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-04-22 21:21 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-14 04:11 - 2014-05-03 21:16 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-05-03 21:16 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Files to move or delete:
====================
C:\ProgramData\ISTask.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-12 16:35

==================== End Of Log ============================

[vyosek]

Odinstalujte Advanced SystemCare 7 a nasledne i vse od IOBit (LiveUpdate, Smart Defrag, IObit Uninstaller...) - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Lipicek]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Lipicek on st 14.05.2014 at 20:49:22,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EC1001A6-D5C1-47EB-84B5-15D2D232E1F1}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Lipicek\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files\Common Files\spigot"



~~~ FireFox

Successfully deleted: [File] C:\Users\Lipicek\AppData\Roaming\mozilla\firefox\profiles\r322mpa7.default\user.js
Successfully deleted the following from C:\Users\Lipicek\AppData\Roaming\mozilla\firefox\profiles\r322mpa7.default\prefs.js

user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.png%22%3A%7B%22id%22%3A485
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.crossrider.bic", "14538b5da4e5790aff51368c28fbc2c5");



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Lipicek\appdata\local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Folder] C:\Users\Lipicek\appdata\local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Folder] C:\Users\Lipicek\appdata\local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Folder] C:\Users\Lipicek\appdata\local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 14.05.2014 at 20:52:56,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Lipicek]

# AdwCleaner v3.208 - Report created 14/05/2014 at 20:57:10
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Lipicek - LIPICKOVI
# Running from : C:\Users\Lipicek\Downloads\adwcleaner_3.208.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\Extensions\39ed7c16-185d-4f88-b976-666d4928ba01@fe4550c1-7a4f-4a62-ad1c-45e0afdf81a4.com
Folder Deleted : C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\Software\Search Settings

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod

*************************

AdwCleaner[R0].txt - [1790 octets] - [14/05/2014 20:53:58]
AdwCleaner[S0].txt - [1509 octets] - [14/05/2014 20:57:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1569 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Lipicek]

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Lipicek on st 14.05.2014 at 21:41:30,28.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lipicek\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

14.5.2014 21:42:31 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\prefs.js:

Added to C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default

user.js not found
---- Lines a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559 removed from prefs.js ----
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.active", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbar", "NA");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbarenhanced", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb.was_copied", "true");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb.was_copied", "true");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.backgroundver", 16);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.certdomaininstaller", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.value", "%221395595624%2
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.description", "Apps Hat is the cool new Android
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.domain", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.enablesearch", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.homepage", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.changeprevious", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.iframe", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationThankYouPage", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationTime", 1395595624);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.value", "%22ch%22
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.value", "77");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.value", "5");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.expiration", "Tue
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.expiration"
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastDailyReport", "1399923138139");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastUpdate", "1399923133245");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.manifesturl", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.name", "Apps Hat");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.newtab", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.opensearch", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsurl", "http://js.clientstaticserv.com/plu
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsversion", 53);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.publisher", "Nero");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.searchstatus", 0);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.setnewtab", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.thankyou", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.updateinterval", 360);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.ver", 77);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.apps", "48559");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.bic", "14538b5da4e5790aff51368c28fbc2c5");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.cid", 48559);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.FilesValidatorDueTime", "1399923191436");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.firstrun", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.hadappinstalled", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.installationdate", 1396815813);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.modetype", "production");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.reportInstall", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.statsDailyCounter", 3);
---- FireFox user.js and prefs.js backups ----

prefs_14.05.2014_2152_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted
C:\Users\Lipicek\.android deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\ISTask.dll deleted
C:\PROGRA~2\ProductData deleted
C:\Users\Lipicek\AppData\LocalLow\ADSRemoval deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
"C:\Users\Lipicek\AppData\Roaming\Samsung" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U55
290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14
65C1D9F74004E775F9A8598476ABE5EE - C:\Users\Lipicek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
1A4574EF548F0C871013EA5568ACAE05 - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - Foxit Reader Plugin for Mozilla
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[]

Seznam Lištička - Email - Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Box - Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl
AdBlock - Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Seznam Lištička - Rychlá volba - Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{22F783F9-7F24-4995-9B95-6E01F96771AB} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{3BB40C40-4881-412A-89D6-BE718DB3DB64} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{3FC87F42-9B8A-45C0-9F78-FD54702B3821} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{6AB6768D-0468-4DCB-B10C-BEC297302466} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{7E7F838D-3B8A-411A-A81A-1246690D204D} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{81D4241C-2E95-46F0-BDAC-77B0F0531036} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{A4BCEE4B-56A4-44ED-9841-EA247098B599} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{F07053E8-F74B-4751-9676-3C43B8080C07} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd deleted successfully

==== Empty IE Cache ======================

C:\Users\Lipicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lipicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8Z8GVGG will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Lipicek\AppData\Local\Mozilla\Firefox\Profiles\r322mpa7.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9 folders=8 91223 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Lipicek\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Lipicek\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lipicek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S8Z8GVGG" not found

==== EOF on st 14.05.2014 at 21:55:38,84 ======================

[vyosek]

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=24&t=132509

[Lipicek]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-05-2014 01
Ran by Lipicek (administrator) on LIPICKOVI on 14-05-2014 22:13:04
Running from C:\Users\Lipicek\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [86474004B45898B4256EC1FDBC78A82E4D0EF17C._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {22F783F9-7F24-4995-9B95-6E01F96771AB} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {3BB40C40-4881-412A-89D6-BE718DB3DB64} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {3FC87F42-9B8A-45C0-9F78-FD54702B3821} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6AB6768D-0468-4DCB-B10C-BEC297302466} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {7E7F838D-3B8A-411A-A81A-1246690D204D} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {81D4241C-2E95-46F0-BDAC-77B0F0531036} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {A4BCEE4B-56A4-44ED-9841-EA247098B599} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {F07053E8-F74B-4751-9676-3C43B8080C07} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Lipicek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Lipicek\AppData\Roaming\Mozilla\Firefox\Profiles\r322mpa7.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-05-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-15]

Chrome:
=======
CHR Extension: (Peněženka Google) - C:\Users\Lipicek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]

========================== Services (Whitelisted) =================

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-02-16] (IObit)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-02] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [145280 2014-02-16] (ITE )
S2 Aspi32; System32\drivers\aspi32.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-14 21:54 - 2014-05-14 21:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-14 21:42 - 2014-05-14 21:55 - 00020562 _____ () C:\zoek-results.log
2014-05-14 21:40 - 2014-05-14 21:52 - 00000000 ____D () C:\zoek_backup
2014-05-14 21:25 - 2014-05-14 21:25 - 01285120 _____ () C:\Users\Lipicek\Downloads\zoek.exe
2014-05-14 21:00 - 2014-05-14 21:00 - 00001649 _____ () C:\Users\Lipicek\Desktop\AdwCleaner[S0].txt
2014-05-14 20:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-14 20:53 - 2014-05-14 20:57 - 00000000 ____D () C:\AdwCleaner
2014-05-14 20:52 - 2014-05-14 20:53 - 00003447 _____ () C:\Users\Lipicek\Desktop\JRT.txt
2014-05-14 20:49 - 2014-05-14 20:49 - 00000000 ____D () C:\Windows\ERUNT
2014-05-14 20:45 - 2014-05-14 20:45 - 01325827 _____ () C:\Users\Lipicek\Downloads\adwcleaner_3.208.exe
2014-05-14 20:45 - 2014-05-14 20:45 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-05-14 20:44 - 2014-05-14 20:45 - 01016261 _____ (Thisisu) C:\Users\Lipicek\Downloads\JRT.exe
2014-05-14 20:23 - 2014-05-14 21:55 - 00004544 _____ () C:\Windows\PFRO.log
2014-05-12 22:40 - 2014-05-14 21:55 - 00000280 _____ () C:\Windows\setupact.log
2014-05-12 22:40 - 2014-05-12 22:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-12 22:12 - 2014-05-14 22:13 - 00008405 _____ () C:\Users\Lipicek\Downloads\FRST.txt
2014-05-12 22:12 - 2014-05-14 22:13 - 00000000 ____D () C:\FRST
2014-05-12 22:12 - 2014-05-12 22:13 - 00023094 _____ () C:\Users\Lipicek\Downloads\Addition.txt
2014-05-12 22:11 - 2014-05-12 22:11 - 01056256 _____ (Farbar) C:\Users\Lipicek\Downloads\FRST.exe
2014-05-12 21:49 - 2014-05-12 21:49 - 00139406 _____ () C:\Users\Lipicek\Desktop\Mozilla.xml
2014-05-03 21:18 - 2014-05-04 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-03 21:18 - 2014-05-03 21:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-03 21:17 - 2014-05-05 15:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-03 21:16 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-03 21:16 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-02 23:30 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 23:30 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 19:01 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-02 19:01 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-02 19:01 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-02 19:01 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-02 19:01 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-02 19:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-02 19:01 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-02 19:01 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-02 19:01 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-02 19:01 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-02 19:01 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-02 19:01 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-02 19:01 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-02 19:01 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-02 19:01 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-02 19:01 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-02 19:01 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-02 19:01 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-02 19:01 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-02 19:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-02 19:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-02 19:01 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-02 19:01 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-02 19:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-22 21:48 - 2014-04-22 21:48 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Unity
2014-04-22 21:39 - 2014-04-22 21:39 - 00000000 ____D () C:\Users\Lipicek\AppData\Local\Unity
2014-04-22 21:35 - 2014-04-22 21:35 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Oracle
2014-04-22 21:21 - 2014-04-22 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 21:21 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-22 21:21 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-22 21:21 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-22 21:21 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-22 21:20 - 2014-04-22 21:21 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

==================== One Month Modified Files and Folders =======

2014-05-14 22:13 - 2014-05-12 22:12 - 00008405 _____ () C:\Users\Lipicek\Downloads\FRST.txt
2014-05-14 22:13 - 2014-05-12 22:12 - 00000000 ____D () C:\FRST
2014-05-14 22:02 - 2009-07-14 06:34 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-14 22:02 - 2009-07-14 06:34 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-14 22:00 - 2014-03-02 18:53 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Seznam.cz
2014-05-14 21:59 - 2010-11-20 23:01 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-14 21:55 - 2014-05-14 21:42 - 00020562 _____ () C:\zoek-results.log
2014-05-14 21:55 - 2014-05-14 20:23 - 00004544 _____ () C:\Windows\PFRO.log
2014-05-14 21:55 - 2014-05-12 22:40 - 00000280 _____ () C:\Windows\setupact.log
2014-05-14 21:55 - 2014-02-16 00:11 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-14 21:55 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 21:54 - 2014-02-15 22:31 - 01555499 _____ () C:\Windows\WindowsUpdate.log
2014-05-14 21:52 - 2014-05-14 21:40 - 00000000 ____D () C:\zoek_backup
2014-05-14 21:52 - 2014-02-15 22:38 - 00000000 ____D () C:\Users\Lipicek
2014-05-14 21:41 - 2014-05-14 21:54 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-14 21:35 - 2014-03-01 14:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-14 21:28 - 2014-03-26 20:18 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf491fcddd9fb3.job
2014-05-14 21:25 - 2014-05-14 21:25 - 01285120 _____ () C:\Users\Lipicek\Downloads\zoek.exe
2014-05-14 21:00 - 2014-05-14 21:00 - 00001649 _____ () C:\Users\Lipicek\Desktop\AdwCleaner[S0].txt
2014-05-14 20:57 - 2014-05-14 20:53 - 00000000 ____D () C:\AdwCleaner
2014-05-14 20:53 - 2014-05-14 20:52 - 00003447 _____ () C:\Users\Lipicek\Desktop\JRT.txt
2014-05-14 20:49 - 2014-05-14 20:49 - 00000000 ____D () C:\Windows\ERUNT
2014-05-14 20:47 - 2014-02-16 09:10 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\IObit
2014-05-14 20:47 - 2014-02-16 09:10 - 00000000 ____D () C:\Program Files\IObit
2014-05-14 20:45 - 2014-05-14 20:45 - 01325827 _____ () C:\Users\Lipicek\Downloads\adwcleaner_3.208.exe
2014-05-14 20:45 - 2014-05-14 20:45 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-05-14 20:45 - 2014-05-14 20:44 - 01016261 _____ (Thisisu) C:\Users\Lipicek\Downloads\JRT.exe
2014-05-14 20:43 - 2014-02-16 09:10 - 00000000 ____D () C:\ProgramData\IObit
2014-05-12 22:40 - 2014-05-12 22:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-12 22:13 - 2014-05-12 22:12 - 00023094 _____ () C:\Users\Lipicek\Downloads\Addition.txt
2014-05-12 22:11 - 2014-05-12 22:11 - 01056256 _____ (Farbar) C:\Users\Lipicek\Downloads\FRST.exe
2014-05-12 21:49 - 2014-05-12 21:49 - 00139406 _____ () C:\Users\Lipicek\Desktop\Mozilla.xml
2014-05-12 21:24 - 2014-03-11 17:04 - 40333312 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
2014-05-12 21:10 - 2014-02-15 23:54 - 00000000 ____D () C:\Lipicek
2014-05-05 15:50 - 2014-05-03 21:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-05-04 19:01 - 2014-05-03 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-05-04 10:09 - 2014-02-26 19:53 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\MOBILedit
2014-05-03 21:18 - 2014-05-03 21:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-02 22:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-02 09:35 - 2014-02-18 22:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-02 09:35 - 2014-02-18 22:56 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-02 09:34 - 2014-02-16 00:15 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-29 14:48 - 2014-05-02 23:30 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-02 23:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-22 21:48 - 2014-04-22 21:48 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Unity
2014-04-22 21:39 - 2014-04-22 21:39 - 00000000 ____D () C:\Users\Lipicek\AppData\Local\Unity
2014-04-22 21:35 - 2014-04-22 21:35 - 00000000 ____D () C:\Users\Lipicek\AppData\Roaming\Oracle
2014-04-22 21:26 - 2014-02-26 18:33 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 21:21 - 2014-04-22 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 21:21 - 2014-04-22 21:20 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log
2014-04-22 21:21 - 2014-02-26 18:25 - 00000000 ____D () C:\Program Files\Java
2014-04-19 08:03 - 2014-03-11 23:42 - 39620608 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-04-19 08:03 - 2014-03-11 23:42 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-04-19 08:03 - 2014-03-11 23:42 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-04-19 08:03 - 2014-03-11 23:42 - 00024576 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-04-16 14:56 - 2014-03-07 20:37 - 00000000 ____D () C:\FFOutput
2014-04-16 14:27 - 2014-03-03 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moborobo
2014-04-16 14:27 - 2014-03-03 19:39 - 00000000 ____D () C:\Program Files\Moborobo
2014-04-14 20:13 - 2014-04-22 21:21 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-22 21:21 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-14 20:05 - 2014-04-22 21:21 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-14 20:04 - 2014-04-22 21:21 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-14 04:11 - 2014-05-03 21:16 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-05-03 21:16 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-12 16:35

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
  HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [86474004B45898B4256EC1FDBC78A82E4D0EF17C._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
  HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
  HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  
  S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-02-16] (IObit)
  C:\Program Files\IObit
  
  2014-05-14 21:54 - 2014-05-14 21:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-05-14 21:42 - 2014-05-14 21:55 - 00020562 _____ () C:\zoek-results.log
  2014-05-14 21:40 - 2014-05-14 21:52 - 00000000 ____D () C:\zoek_backup
  2014-05-14 21:25 - 2014-05-14 21:25 - 01285120 _____ () C:\Users\Lipicek\Downloads\zoek.exe
  2014-05-14 21:00 - 2014-05-14 21:00 - 00001649 _____ () C:\Users\Lipicek\Desktop\AdwCleaner[S0].txt
  2014-05-14 20:45 - 2014-05-14 20:45 - 01325827 _____ () C:\Users\Lipicek\Downloads\adwcleaner_3.208.exe
  2014-05-14 20:45 - 2014-05-14 20:45 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
  2014-05-14 20:44 - 2014-05-14 20:45 - 01016261 _____ (Thisisu) C:\Users\Lipicek\Downloads\JRT.exe
  2014-05-12 22:12 - 2014-05-14 22:13 - 00008405 _____ () C:\Users\Lipicek\Downloads\FRST.txt
  2014-05-12 22:12 - 2014-05-12 22:13 - 00023094 _____ () C:\Users\Lipicek\Downloads\Addition.txt
  2014-05-14 20:52 - 2014-05-14 20:53 - 00003447 _____ () C:\Users\Lipicek\Desktop\JRT.txt
  2014-05-14 20:43 - 2014-02-16 09:10 - 00000000 ____D () C:\ProgramData\IObit
  2014-05-12 21:24 - 2014-03-11 17:04 - 40333312 _____ () C:\Windows\system32\config\SOFTWARE.iobit
  2014-05-12 21:24 - 2014-03-11 17:04 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iobit
  2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
  2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit
  
  Hosts:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Lipicek]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:15-05-2014
Ran by Lipicek at 2014-05-16 17:25:22 Run:1
Running from C:\Users\Lipicek\Downloads
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [86474004B45898B4256EC1FDBC78A82E4D0EF17C._service_run] => C:\Program Files\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-279618919-707270848-677470778-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lipicek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-02-16] (IObit)
C:\Program Files\IObit

2014-05-14 21:54 - 2014-05-14 21:41 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-14 21:42 - 2014-05-14 21:55 - 00020562 _____ () C:\zoek-results.log
2014-05-14 21:40 - 2014-05-14 21:52 - 00000000 ____D () C:\zoek_backup
2014-05-14 21:25 - 2014-05-14 21:25 - 01285120 _____ () C:\Users\Lipicek\Downloads\zoek.exe
2014-05-14 21:00 - 2014-05-14 21:00 - 00001649 _____ () C:\Users\Lipicek\Desktop\AdwCleaner[S0].txt
2014-05-14 20:45 - 2014-05-14 20:45 - 01325827 _____ () C:\Users\Lipicek\Downloads\adwcleaner_3.208.exe
2014-05-14 20:45 - 2014-05-14 20:45 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-05-14 20:44 - 2014-05-14 20:45 - 01016261 _____ (Thisisu) C:\Users\Lipicek\Downloads\JRT.exe
2014-05-12 22:12 - 2014-05-14 22:13 - 00008405 _____ () C:\Users\Lipicek\Downloads\FRST.txt
2014-05-12 22:12 - 2014-05-12 22:13 - 00023094 _____ () C:\Users\Lipicek\Downloads\Addition.txt
2014-05-14 20:52 - 2014-05-14 20:53 - 00003447 _____ () C:\Users\Lipicek\Desktop\JRT.txt
2014-05-14 20:43 - 2014-02-16 09:10 - 00000000 ____D () C:\ProgramData\IObit
2014-05-12 21:24 - 2014-03-11 17:04 - 40333312 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00249856 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-05-12 21:24 - 2014-03-11 17:04 - 00024576 _____ () C:\Windows\system32\config\SAM.iobit

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKU\S-1-5-21-279618919-707270848-677470778-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => Value deleted successfully.
HKU\S-1-5-21-279618919-707270848-677470778-1001\Software\Microsoft\Windows\CurrentVersion\Run\\86474004B45898B4256EC1FDBC78A82E4D0EF17C._service_run => Value deleted successfully.
HKU\S-1-5-21-279618919-707270848-677470778-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-279618919-707270848-677470778-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-279618919-707270848-677470778-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
LiveUpdateSvc => Service deleted successfully.
C:\Program Files\IObit => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Lipicek\Downloads\zoek.exe => Moved successfully.
C:\Users\Lipicek\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\Users\Lipicek\Downloads\adwcleaner_3.208.exe => Moved successfully.
C:\Windows\Tasks\ImCleanDisabled => Moved successfully.
C:\Users\Lipicek\Downloads\JRT.exe => Moved successfully.
C:\Users\Lipicek\Downloads\FRST.txt => Moved successfully.
C:\Users\Lipicek\Downloads\Addition.txt => Moved successfully.
C:\Users\Lipicek\Desktop\JRT.txt => Moved successfully.
C:\ProgramData\IObit => Moved successfully.
C:\Windows\system32\config\SOFTWARE.iobit => Moved successfully.
C:\Windows\system32\config\DEFAULT.iobit => Moved successfully.
C:\Windows\system32\config\SECURITY.iobit => Moved successfully.
C:\Windows\system32\config\SAM.iobit => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse