Potíže s nefungujícím prohlížečem Seznamu.

[Marwin911]

Ahoj, řeším protíže s nefungujícím prohlížečem Seznamu. Pouzivam Win 8.1 a prohlížeč Firefox.

Problém pravděpodobně vznikl nainstalováním nějakého bordelu což mělo za následek přesměrováním vyhledávání na prohlížeč Yahoo - Safefinder. Nešlo se toho zbavit. Proklikal jsem mraky možností včetně odinstalace doplňků, restart Firefoxu, odinstalace a zpetne instalace Firefoxu, instalace jiných prohližeču IE a Maxthon a dokonce nepomohl ani návrat do bodu obnovení. Situaci jsem se pokusil řešit programy CCleaner, Spyboot, Eset SMART security a Superantispywear.

Safefinder se mi podařilo zbavit ale ted musím každou webstranku manualne potvrzovat. Např:

Vaše připojení není zabezpečené

Majitel serveru www.blabla.cz nakonfiguroval své webové stránky nesprávně. Abychom chránili vaše informace před odcizením, Firefox se k této webové stránce nepřipojil.
Při spojení s www.blabla.cz nastala chyba, protože je používán neplatný bezpečnostní certifikát. Certifikát není důvěryhodný, protože jeho vydavatel je neznámý. Server patrně neposílá patřičné certifikáty zprostředkujících CA. Může být potřeba naimportovat dodatečný kořenový certifikát. (Kód chyby: sec_error_unknown_issuer)

poté musím získat bezpečnostní certifikát a potvrdit vyjímku coz se nekdy nepodaří.

Prohlížeč od Google je v pohodě ale např Youtube take nefunguje.

Prosím pokud máte nejaký napad poradte.

díky

[Márty84]

Zdravim

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[Marwin911]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016
Ran by pefa (administrator) on ASUS (21-02-2016 12:54:31)
Running from C:\Users\pefa\Desktop
Loaded Profiles: pefa & Administrator (Available Profiles: pefa & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Users\pefa\AppData\Roaming\Seznam Browser\Seznam.cz.exe" -surl="%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(forum.viry.cz) C:\Users\pefa\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-12] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Qualcomm®Atheros®)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [Power2GoExpress] => NA
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2016-01-21] (SUPERAntiSpyware)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\MountPoints2: {26649591-bb57-11e5-8264-54271e50ff48} - "F:\autorun.exe"
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\MountPoints2: {c5c53679-fffc-11e3-825b-54271e50ff48} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-4175608963-2615263823-2636743382-500\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-500\...\RunOnce: [InetReg] => "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\S-1-5-21-4175608963-2615263823-2636743382-500\...\MountPoints2: {e39df51d-b032-11e3-824e-806e6f6e6963} - "E:\Ctrun\Start.exe"
AppInit_DLLs: C:\ProgramData\caMyciloP\Zeneco.dll => No File
AppInit_DLLs-x32: C:\ProgramData\caMyciloP\Techsanhome.dll => No File
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 93.153.117.33 93.153.117.1 8.8.8.8
Tcpip\..\Interfaces\{B1831E94-A629-4B1D-A820-D39BD5C7C15E}: [DhcpNameServer] 192.15.128.24
Tcpip\..\Interfaces\{FC9BFEA0-2936-43F0-B334-4E2AB47AAC07}: [DhcpNameServer] 93.153.117.33 93.153.117.1 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130996506897580411&GUID=9CC17205-A4CD-4C4F-A48A-F28B3D12E34A
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}
HKU\S-1-5-21-4175608963-2615263823-2636743382-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130996506898223614&GUID=9CC17205-A4CD-4C4F-A48A-F28B3D12E34A
HKU\S-1-5-21-4175608963-2615263823-2636743382-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
URLSearchHook: [S-1-5-21-4175608963-2615263823-2636743382-500_classes] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4175608963-2615263823-2636743382-1001 -> {07A1AF88-D5DC-4C6A-8244-EEFC38E48803} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-4175608963-2615263823-2636743382-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4175608963-2615263823-2636743382-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartpageing.com/?type=sc&ts=14550 ... J9HF103808

FireFox:
========
FF ProfilePath: C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798
FF Homepage: http://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\8hn385vf.default\extensions\deskCutv2@gmail.com => not found

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2016-01-09] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-11-20] (ESET)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-11-20] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-11-20] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-11-20] (ESET)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
S3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1558528 2013-03-26] (Creative Technology Ltd.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-21 12:54 - 2016-02-21 12:54 - 00022457 _____ C:\Users\pefa\Desktop\FRST.txt
2016-02-21 12:53 - 2016-02-21 12:53 - 00112640 _____ (forum.viry.cz) C:\Users\pefa\Desktop\FRSTLauncher.exe
2016-02-21 10:24 - 2016-02-21 12:54 - 00000000 ____D C:\FRST
2016-02-21 10:20 - 2016-02-21 10:20 - 02371072 _____ (Farbar) C:\Users\pefa\Desktop\FRST64.exe
2016-02-20 18:57 - 2016-02-20 18:57 - 20353728 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-02-20 18:32 - 2016-02-21 10:55 - 00000000 ____D C:\Users\pefa\AppData\Local\Seznam.cz
2016-02-20 18:32 - 2016-02-20 18:32 - 00001907 _____ C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2016-02-20 18:31 - 2016-02-20 18:32 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Seznam Browser
2016-02-20 14:58 - 2016-02-21 06:58 - 00000518 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 6dbf286a-65a2-4f01-acff-adb014a26c18.job
2016-02-20 14:58 - 2016-02-21 02:00 - 00000518 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c9c70383-d7be-40ec-baf5-8f644f7ef4e5.job
2016-02-20 14:58 - 2016-02-20 14:58 - 00003562 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task c9c70383-d7be-40ec-baf5-8f644f7ef4e5
2016-02-20 14:58 - 2016-02-20 14:58 - 00003480 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 6dbf286a-65a2-4f01-acff-adb014a26c18
2016-02-20 14:58 - 2016-02-20 14:58 - 00001822 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\Users\pefa\AppData\Roaming\SUPERAntiSpyware.com
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-02-20 14:57 - 2016-02-20 14:57 - 24683584 _____ (SUPERAntiSpyware) C:\Users\pefa\Desktop\SUPERAntiSpyware.exe
2016-02-19 22:47 - 2016-02-19 22:47 - 00003572 _____ C:\WINDOWS\System32\Tasks\Maxthon Update
2016-02-19 22:47 - 2016-02-19 22:47 - 00001103 _____ C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2016-02-19 22:47 - 2016-02-19 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2016-02-19 22:46 - 2016-02-19 22:47 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Maxthon3
2016-02-19 22:46 - 2016-02-19 22:46 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-02-19 22:45 - 2016-02-19 22:45 - 41283928 _____ (Maxthon International ltd.) C:\Users\pefa\Desktop\mx4.4.8.1000.exe
2016-02-19 20:05 - 2016-02-19 19:14 - 00030896 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160219-200548.backup
2016-02-19 19:14 - 2016-02-19 19:14 - 00031301 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160219-191425.backup
2016-02-19 08:15 - 2016-02-19 08:15 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-19 08:15 - 2016-02-19 08:15 - 00001165 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-19 08:15 - 2016-02-19 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-18 21:42 - 2016-02-18 21:42 - 00000000 ____D C:\Users\pefa\AppData\Local\ESET
2016-02-18 21:23 - 2016-02-18 21:23 - 00002045 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-02-18 21:23 - 2016-02-18 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-02-18 21:23 - 2016-02-18 21:23 - 00000000 ____D C:\ProgramData\ESET
2016-02-18 21:23 - 2016-02-18 21:23 - 00000000 ____D C:\Program Files\ESET
2016-02-18 21:18 - 2016-02-18 21:18 - 02861880 _____ (ESET) C:\Users\pefa\Desktop\eset_smart_security_live_installer_.exe
2016-02-15 18:50 - 2016-02-15 18:51 - 00000000 ____D C:\TEMP
2016-02-12 08:05 - 2016-02-19 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 18:55 - 2016-02-11 18:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-11 18:55 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-02-11 18:52 - 2016-02-19 20:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-11 18:52 - 2016-02-19 18:41 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-11 18:52 - 2016-02-11 18:52 - 00001409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-02-11 18:52 - 2016-02-11 18:52 - 00001397 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-02-11 18:52 - 2016-02-11 18:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-02-11 18:52 - 2016-02-11 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-02-11 18:52 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-02-11 18:51 - 2016-02-11 18:51 - 53870184 _____ C:\Users\pefa\Desktop\spybot-2.4.exe
2016-02-11 01:16 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-11 01:16 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-11 01:16 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-11 01:16 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-11 01:16 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-11 01:16 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-11 01:16 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-11 01:16 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-11 00:49 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-11 00:49 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-11 00:49 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-11 00:49 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-11 00:49 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-11 00:49 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-11 00:49 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-11 00:49 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-11 00:49 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-11 00:49 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-11 00:49 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-11 00:49 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-11 00:49 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-11 00:48 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-11 00:48 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-11 00:48 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-11 00:48 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-11 00:48 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-11 00:48 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-11 00:47 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-11 00:47 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-11 00:47 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-11 00:47 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-11 00:47 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-11 00:47 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-11 00:47 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-11 00:47 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-11 00:47 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-11 00:47 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-11 00:47 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-11 00:47 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-11 00:47 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-11 00:47 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-11 00:47 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-11 00:47 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-11 00:47 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-11 00:46 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-11 00:46 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-11 00:46 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-11 00:46 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-11 00:46 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-11 00:46 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-11 00:46 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-11 00:46 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-11 00:46 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-11 00:46 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-11 00:46 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-11 00:46 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-11 00:46 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-11 00:46 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-11 00:46 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-11 00:46 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-11 00:46 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-11 00:46 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-11 00:46 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-11 00:46 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-11 00:46 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-11 00:46 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-11 00:46 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-11 00:46 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-11 00:46 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-11 00:46 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-11 00:46 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-11 00:46 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-11 00:46 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-11 00:46 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-11 00:46 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-11 00:46 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-11 00:46 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-11 00:46 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-11 00:45 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-11 00:45 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-11 00:45 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-11 00:45 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-11 00:45 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-11 00:45 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-11 00:45 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-11 00:45 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-11 00:45 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-11 00:45 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-11 00:45 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-11 00:45 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-11 00:45 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-11 00:45 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-10 07:15 - 2016-02-12 18:54 - 00000000 ____D C:\ProgramData\caMyciloP
2016-02-10 07:15 - 2016-02-10 07:15 - 00000000 ____D C:\ProgramData\caMyciloPs
2016-02-09 19:41 - 2016-02-11 21:49 - 00000000 ____D C:\ProgramData\9WdM9
2016-02-09 19:41 - 2016-02-09 19:41 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-02-09 19:37 - 2016-02-09 20:06 - 00000000 ____D C:\Users\pefa\AppData\Roaming\avidemux
2016-02-09 19:37 - 2016-02-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)
2016-02-09 19:37 - 2016-02-09 19:37 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.6 - 32 bits
2016-02-09 19:30 - 2016-02-12 18:54 - 00000000 ____D C:\ProgramData\ApplicationHosting
2016-02-09 19:30 - 2016-02-12 18:54 - 00000000 ____D C:\Program Files\BitTorrent
2016-02-09 19:30 - 2016-02-10 07:15 - 00003626 _____ C:\WINDOWS\System32\Tasks\snp
2016-02-09 19:30 - 2016-02-10 07:15 - 00002401 _____ C:\WINDOWS\SysWOW64\findit.xml
2016-02-09 19:30 - 2016-02-09 19:30 - 00041472 _____ C:\Users\pefa\AppData\Local\Yearquadfan.dat
2016-02-09 19:30 - 2016-02-09 19:30 - 00000187 _____ C:\Users\pefa\AppData\Local\Yearquadfan.exe.config
2016-02-09 19:30 - 2016-02-09 19:30 - 00000000 ____D C:\ProgramData\Medlights
2016-02-09 19:28 - 2016-02-09 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-09 19:27 - 2016-02-19 07:58 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Seznam.cz
2016-02-09 19:27 - 2016-02-19 07:58 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-02-09 19:27 - 2016-02-09 19:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-09 19:23 - 2016-02-09 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUGZip
2016-02-09 19:23 - 2016-02-09 19:23 - 00000000 ____D C:\Program Files (x86)\TUGZip
2016-02-09 19:23 - 2007-03-12 23:34 - 00162304 _____ C:\WINDOWS\SysWOW64\ztvunrar36.dll
2016-02-09 19:23 - 2007-03-12 23:34 - 00077312 _____ C:\WINDOWS\SysWOW64\ztvunace26.dll
2016-02-09 19:23 - 2007-03-12 23:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztvcabinet.dll
2016-02-09 18:59 - 2016-02-09 18:59 - 00000000 ____D C:\ProgramData\Pinnacle
2016-02-07 18:36 - 2016-02-07 18:37 - 03001696 _____ C:\Users\pefa\Desktop\SIGMA_BC1612_BC1612sts_Montage.pdf
2016-02-04 21:17 - 2016-02-04 21:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-01-29 20:04 - 2016-01-29 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-01-29 20:04 - 2016-01-29 20:04 - 00000000 ____D C:\Program Files\Defraggler
2016-01-28 18:02 - 2016-01-28 18:02 - 00000000 ____D C:\Users\pefa\Desktop\fr
2016-01-23 18:11 - 2016-02-19 07:56 - 00000000 ____D C:\ProgramData\Freemake
2016-01-23 18:11 - 2016-01-23 18:12 - 00000000 ____D C:\Users\pefa\Documents\Freemake
2016-01-23 18:11 - 2016-01-23 18:11 - 00000000 ____D C:\Program Files\WinPcap
2016-01-23 18:10 - 2016-02-19 07:56 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-01-22 19:43 - 2016-01-22 19:43 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-01-22 18:24 - 2016-02-13 08:51 - 00005632 _____ C:\Users\pefa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-21 12:49 - 2015-03-17 08:02 - 00000000 ____D C:\Users\pefa\Desktop\Render
2016-02-21 12:48 - 2016-01-09 17:11 - 00000000 ____D C:\Users\pefa\AppData\Roaming\vlc
2016-02-21 12:47 - 2016-01-09 14:18 - 00000000 ____D C:\Users\pefa\AppData\Local\CrashDumps
2016-02-21 12:47 - 2014-07-01 20:46 - 00000000 ____D C:\Users\pefa\Desktop\AAA-prenos do PC
2016-02-21 12:29 - 2016-01-09 15:44 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Skype
2016-02-21 12:00 - 2016-01-11 18:03 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-02-21 12:00 - 2016-01-11 18:03 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-02-21 11:57 - 2016-01-09 17:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-21 11:17 - 2016-01-09 11:25 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4175608963-2615263823-2636743382-1001
2016-02-21 10:54 - 2013-12-13 05:05 - 00747350 _____ C:\WINDOWS\system32\perfh005.dat
2016-02-21 10:54 - 2013-12-13 05:05 - 00154554 _____ C:\WINDOWS\system32\perfc005.dat
2016-02-21 10:54 - 2013-12-12 22:01 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-21 10:54 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-21 00:50 - 2014-07-10 19:39 - 21151232 ___SH C:\Users\pefa\Desktop\Thumbs.db
2016-02-20 18:57 - 2016-01-09 17:16 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-20 15:29 - 2016-01-09 11:15 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Atheros
2016-02-20 15:26 - 2016-01-09 11:18 - 00000074 _____ C:\Users\pefa\AppData\Roaming\sp_data.sys
2016-02-20 15:25 - 2016-01-09 11:20 - 00000000 ___DO C:\Users\pefa\SkyDrive
2016-02-20 15:13 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-20 15:13 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-20 08:41 - 2014-07-09 19:01 - 00000000 ___RD C:\Users\pefa\Desktop\programy
2016-02-19 08:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-18 21:25 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-14 14:35 - 2016-01-09 11:13 - 00000000 ____D C:\Users\pefa\AppData\Local\VirtualStore
2016-02-12 18:19 - 2015-09-27 17:01 - 00000000 ____D C:\Users\pefa\AppData\LocalLow\Temp
2016-02-12 08:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 08:13 - 2013-12-13 05:35 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-12 03:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 18:42 - 2013-08-22 15:44 - 00362520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-11 18:37 - 2016-01-10 14:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-11 18:37 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 18:37 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-11 01:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 01:30 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 01:22 - 2016-01-09 13:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 01:20 - 2016-01-09 13:17 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-11 00:41 - 2016-01-10 09:12 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-11 00:41 - 2016-01-10 09:12 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-10 07:15 - 2016-01-09 11:13 - 00001440 _____ C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-10 07:15 - 2013-12-12 22:18 - 00001456 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-09 19:27 - 2016-01-09 16:54 - 00000000 ____D C:\ProgramData\Oracle
2016-02-09 19:26 - 2016-01-09 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 19:26 - 2016-01-09 16:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-09 19:26 - 2015-09-06 18:26 - 00000000 ____D C:\Users\pefa\.oracle_jre_usage
2016-02-09 19:25 - 2016-01-09 16:55 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-07 18:44 - 2016-01-09 15:44 - 00000000 ____D C:\ProgramData\Skype
2016-02-02 03:37 - 2016-01-14 20:06 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2016-01-14 20:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-30 21:24 - 2016-01-16 18:09 - 00000000 ____D C:\Users\pefa\AppData\Roaming\dvdcss
2016-01-30 13:39 - 2015-09-14 20:03 - 00000000 ____D C:\Users\pefa\Desktop\mr cucumber
2016-01-23 00:45 - 2016-01-09 16:13 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Creative
2016-01-22 19:43 - 2016-01-09 12:24 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4

==================== Files in the root of some directories =======

2016-01-09 11:18 - 2016-02-20 15:26 - 0000074 _____ () C:\Users\pefa\AppData\Roaming\sp_data.sys
2016-01-22 18:24 - 2016-02-13 08:51 - 0005632 _____ () C:\Users\pefa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-09 19:30 - 2016-02-09 19:30 - 0041472 _____ () C:\Users\pefa\AppData\Local\Yearquadfan.dat
2016-02-09 19:30 - 2016-02-09 19:30 - 0000187 _____ () C:\Users\pefa\AppData\Local\Yearquadfan.exe.config
2016-01-09 15:57 - 2009-11-17 08:54 - 0002844 _____ () C:\ProgramData\CfSB1240.ini
2016-01-09 15:57 - 2013-03-26 05:54 - 0002844 _____ () C:\ProgramData\CfSB1240A.ini
2014-03-20 14:41 - 2014-03-20 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-12 22:00 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-12 22:00 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-12 22:00 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2016-02-09 19:41 - 2016-02-09 19:41 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2016-01-09 17:30 - 2016-01-09 17:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2016-01-09 17:30 - 2016-01-09 17:30 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 6dbf286a-65a2-4f01-acff-adb014a26c18.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c9c70383-d7be-40ec-baf5-8f644f7ef4e5.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pefa\Desktop" je 9484 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Odinstalujte Spybota, program je zastaraly.

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pefa\Desktop" je 9484 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Marwin911]

# AdwCleaner v5.035 - Logfile created 21/02/2016 at 15:08:49
# Updated 18/02/2016 by Xplode
# Database : 2016-02-20.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : pefa - ASUS
# Running from : C:\Users\pefa\Desktop\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\ApplicationHosting
[-] Folder Deleted : C:\ProgramData\camycilop
[-] Folder Deleted : C:\ProgramData\caMyciloPs
[-] Folder Deleted : C:\ProgramData\Medlights
[-] Folder Deleted : C:\ProgramData\9WdM9

***** [ Files ] *****

[-] File Deleted : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] File Deleted : C:\WINDOWS\SysWOW64\findit.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\pefa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : snp

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Stpro.exe
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fcgnigmofekcllgbiejhmigggmgehkip
[!] Key Not Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\istartpageingSoftware
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2389 bytes] ##########



a zde jsou vysledky z MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21. 2. 2016
Čas skenování: 15:21
Protokol: log MBAM.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.02.21.02
Databáze rootkitů: v2016.02.17.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: pefa

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 647767
Uplynulý čas: 2 hod, 6 min, 12 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 3
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\mtcaMyciloP, , [5ff71f44c1d8979fa2ed342e7b8938c8],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\caMyciloP.exe, , [470fa8bb752462d495f8b3af996bbb45],
PUP.Optional.Linkury, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, , [74e20d56d0c9ef471e2de31a38caa25e],

Hodnoty registru: 4
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}, , [bd99a5bec6d361d597a27d54ac576e92]
PUP.Optional.Linkury, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=apsnapdoam&co=CZ&userid=10f566ed-9f73-a7d5-cb7b-c7891239e04c&searchtype=sc&installDate=10., , [9cba77ecb8e145f13093d32170935ba5]
PUP.Optional.Linkury, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\ENVIRONMENT|SNF, C:\ProgramData\caMyciloPs\snp.sc, , [99bdb9aa2376b77fae14f7fdc43f4eb2]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}, , [2333f27155446bcb191d50815fa411ef]

Data registru: 5
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[ba9c4122009990a6339932bca3612fd1]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}),,[2f277de6663393a3477f88660bf938c8]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}),,[de78b2b1683139fd418514dac44032ce]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}),,[11459fc4eeab38fe8e38b33b24e052ae]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNaVXAdGTZAYinpjZluYuELgvXHl6xNaL_1E6GL9YwKoUBB-MFo5AxdgPZgg69wPB-L__KJpPN7LYRYfLGlQqXCRdB6oFWfc5cEaVPSIUgLN0mTeHPauC5GRJeC80Inp56Y-w3CkqX9IpQJks2hkbs7z78a8YnbR6rdfA9KVbC2ThnnA,,&q={searchTerms}),,[0d49ed76d8c1a0964c7c717d43c115eb]

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (tentokrat uz staci jen Sken hrozeb - bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[Marwin911]

...zde to je:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21. 2. 2016
Čas skenování: 21:10
Protokol: log MBAM 2.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.02.21.04
Databáze rootkitů: v2016.02.17.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: pefa

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 381210
Uplynulý čas: 10 min, 1 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

MBAM odinstalujte


Postupujte podle navodu kolegy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[Marwin911]

Pro jistoru jsem odinstalovat Superantispywear. Nevím jestli mám zakazat nebo odinstalovate take ESET a CCleaner ktere mam online.

...zde JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.3 (02.09.2016)
Operating System: Windows 8.1 x64
Ran by pefa (Administrator) on po 22. 02. 2016 at 8:10:18,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\WINDOWS\prefetch\FREEMAKEUOS.EXE-23B1ECB6.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 22. 02. 2016 at 8:11:43,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


...a zde ZOEK log:


Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by pefa on po 22. 02. 2016 at 8:14:01,86.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\pefa\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22. 2. 2016 8:16:18 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~3\Freemake deleted successfully
C:\Users\pefa\AppData\Local\Adobe deleted successfully
C:\Users\pefa\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");

Added to C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Seznam.cz not found
C:\Users\pefa\AppData\Local\Seznam.cz deleted
C:\Users\pefa\AppData\Roaming\Seznam Browser deleted
C:\PROGRA~3\SetStretch.VBS deleted
C:\Users\pefa\AppData\Local\Yearquadfan.exe.config deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\pefa\AppData\LocalLow\Unity deleted
C:\WINDOWS\Syswow64\tmp4D7E.tmp deleted
C:\WINDOWS\Syswow64\tmp4D8F.tmp deleted

==== Orphaned Tasks deleted from Registry ======================

Cyberlink Trigger Task deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798
6FE651F6E3025AD51CC1D54913AEEADC - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll - Shockwave Flash


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... 8B3D12E34A"
"Use Search Asst"="yes"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID= ... 8B3D12E34A"
"Use Search Asst"="no"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... TR&pc=ASJB
HKCU\SearchScopes\{07A1AF88-D5DC-4C6A-8244-EEFC38E48803} - http://tv.seznam.cz/hledej?w={searchTer ... arch_16194

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Seznam Browser deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\311OFLX2 will be deleted at reboot
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\3BUYOIFC will be deleted at reboot
C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\N12OO7X5 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\pefa\AppData\Local\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2787 folders=991 2755182612 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\pefa\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\pefa\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\311OFLX2" not found
"C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\3BUYOIFC" not found
"C:\Users\pefa\AppData\Local\Microsoft\Windows\INetCache\IE\N12OO7X5" not found

==== EOF on po 22. 02. 2016 at 8:35:28,99 ======================

[Márty84]

Pro jistoru jsem odinstalovat Superantispywear. Nevím jestli mám zakazat nebo odinstalovate take ESET a CCleaner ktere mam online.

CCleaner nechte, Eset taky, pokud k tomu nepouzivate jeste jiny antivir.

Nastala zatim nejaka zmena?

Dejte nove logy z FRST a budem mazat

[Marwin911]

Vypadá to, že jsme na dobré cestě. Prohlížeč od Seznamu už funguje. Stejně tak i Youtube. Bohužel se mi někdy stává že se mi nezobrazí nekterá web videa nebo obrazky. Např. na odkazech zde na Foru na nějaké obrázkové návody. Vidím tam jen slovo Obrazek,ale fotka nikde.

zde log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-02-2016
Ran by pefa (administrator) on ASUS (23-02-2016 17:53:24)
Running from C:\Users\pefa\Desktop
Loaded Profiles: pefa (Available Profiles: pefa & Administrator)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Irfan Skiljan) C:\Program Files\IrfanView\i_view64.exe
(Irfan Skiljan) C:\Program Files\IrfanView\i_view64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_306.exe
(forum.viry.cz) C:\Users\pefa\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-09-11] (Intel Corporation)
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-12] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Qualcomm®Atheros®)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [Power2GoExpress] => NA
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\MountPoints2: {26649591-bb57-11e5-8264-54271e50ff48} - "F:\autorun.exe"
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\MountPoints2: {c5c53679-fffc-11e3-825b-54271e50ff48} - "F:\WD SmartWare.exe" autoplay=true
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.153.117.33 93.153.117.1 8.8.8.8
Tcpip\..\Interfaces\{B1831E94-A629-4B1D-A820-D39BD5C7C15E}: [DhcpNameServer] 192.15.128.24
Tcpip\..\Interfaces\{FC9BFEA0-2936-43F0-B334-4E2AB47AAC07}: [DhcpNameServer] 93.153.117.33 93.153.117.1 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130996506897580411&GUID=9CC17205-A4CD-4C4F-A48A-F28B3D12E34A
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-4175608963-2615263823-2636743382-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4175608963-2615263823-2636743382-1001 -> {07A1AF88-D5DC-4C6A-8244-EEFC38E48803} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\pefa\AppData\Roaming\Mozilla\Firefox\Profiles\0gvecwzp.default-1455864601798
FF NewTab: about:newtab
FF Homepage: http://www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows (R) Win 7 DDK provider) [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2016-01-09] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-09-11] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-09-11] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-09-11] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-09-11] (Intel Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2522616 2015-11-20] (ESET)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3880448 2013-11-13] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70928 2013-12-12] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [143568 2013-09-11] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-09-11] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-09-11] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-09-11] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263528 2015-11-20] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2015-11-20] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2015-11-20] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [142976 2015-11-20] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [206312 2015-11-20] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2015-11-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [69840 2015-11-20] (ESET)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
S3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1558528 2013-03-26] (Creative Technology Ltd.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 17:53 - 2016-02-23 17:53 - 00017667 _____ C:\Users\pefa\Desktop\FRST.txt
2016-02-22 08:37 - 2016-02-22 08:37 - 00008016 _____ C:\Users\pefa\Desktop\zoek-results.txt
2016-02-22 08:31 - 2016-02-22 08:13 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-02-22 08:13 - 2016-02-22 08:29 - 00000000 ____D C:\zoek_backup
2016-02-22 08:13 - 2016-02-22 08:13 - 01309184 _____ C:\Users\pefa\Desktop\zoek.exe
2016-02-22 08:11 - 2016-02-22 08:11 - 00000685 _____ C:\Users\pefa\Desktop\JRT.txt
2016-02-22 07:59 - 2016-02-22 07:59 - 01609216 _____ (Malwarebytes) C:\Users\pefa\Desktop\JRT.exe
2016-02-21 15:18 - 2016-02-21 15:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-21 15:13 - 2016-02-21 15:13 - 00000000 ____D C:\Users\pefa\Desktop\thumbs
2016-02-21 15:07 - 2016-02-21 15:08 - 00000000 ____D C:\AdwCleaner
2016-02-21 15:06 - 2016-02-21 15:06 - 01511424 _____ C:\Users\pefa\Desktop\adwcleaner_5.035.exe
2016-02-21 14:58 - 2016-02-21 14:58 - 00000761 _____ C:\Users\pefa\Desktop\AAA-prenos do PC – zástupce.lnk
2016-02-21 14:58 - 2016-02-21 14:58 - 00000743 _____ C:\Users\pefa\Desktop\hudba na party – zástupce.lnk
2016-02-21 14:58 - 2016-02-21 14:58 - 00000689 _____ C:\Users\pefa\Desktop\programy – zástupce.lnk
2016-02-21 14:58 - 2016-02-21 14:58 - 00000669 _____ C:\Users\pefa\Desktop\Render – zástupce.lnk
2016-02-21 14:11 - 2016-02-21 14:11 - 00001042 _____ C:\Users\pefa\Desktop\jak se naladit – zástupce.lnk
2016-02-21 12:53 - 2016-02-21 12:53 - 00112640 _____ (forum.viry.cz) C:\Users\pefa\Desktop\FRSTLauncher.exe
2016-02-21 10:24 - 2016-02-23 17:52 - 00000000 ____D C:\FRST
2016-02-21 10:20 - 2016-02-21 10:20 - 02371072 _____ (Farbar) C:\Users\pefa\Desktop\FRST64.exe
2016-02-20 18:57 - 2016-02-20 18:57 - 20353728 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-02-20 18:32 - 2016-02-20 18:32 - 00001907 _____ C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\Users\pefa\AppData\Roaming\SUPERAntiSpyware.com
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-02-19 22:47 - 2016-02-19 22:47 - 00003572 _____ C:\WINDOWS\System32\Tasks\Maxthon Update
2016-02-19 22:47 - 2016-02-19 22:47 - 00001103 _____ C:\Users\Public\Desktop\Maxthon Cloud Browser.lnk
2016-02-19 22:47 - 2016-02-19 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2016-02-19 22:46 - 2016-02-19 22:47 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Maxthon3
2016-02-19 22:46 - 2016-02-19 22:46 - 00000000 ____D C:\Program Files (x86)\Maxthon
2016-02-19 20:05 - 2016-02-19 19:14 - 00030896 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160219-200548.backup
2016-02-19 19:14 - 2016-02-19 19:14 - 00031301 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160219-191425.backup
2016-02-19 08:15 - 2016-02-19 08:15 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-19 08:15 - 2016-02-19 08:15 - 00001165 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-19 08:15 - 2016-02-19 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-18 21:42 - 2016-02-18 21:42 - 00000000 ____D C:\Users\pefa\AppData\Local\ESET
2016-02-18 21:23 - 2016-02-18 21:23 - 00002045 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-02-18 21:23 - 2016-02-18 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-02-18 21:23 - 2016-02-18 21:23 - 00000000 ____D C:\ProgramData\ESET
2016-02-18 21:23 - 2016-02-18 21:23 - 00000000 ____D C:\Program Files\ESET
2016-02-15 18:50 - 2016-02-15 18:51 - 00000000 ____D C:\TEMP
2016-02-12 08:05 - 2016-02-19 08:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-11 18:55 - 2016-02-11 18:55 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-11 18:52 - 2016-02-21 15:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-11 18:52 - 2016-02-21 14:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-02-11 18:52 - 2016-02-11 18:52 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-02-11 01:16 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-11 01:16 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-02-11 01:16 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-11 01:16 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-11 01:16 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-11 01:16 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-11 01:16 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-11 01:16 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-11 00:49 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-11 00:49 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-11 00:49 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-02-11 00:49 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-11 00:49 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-02-11 00:49 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-11 00:49 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-02-11 00:49 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2016-02-11 00:49 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-11 00:49 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-02-11 00:49 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-02-11 00:49 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-02-11 00:49 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-02-11 00:48 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-11 00:48 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-11 00:48 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-11 00:48 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-11 00:48 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-02-11 00:48 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-02-11 00:47 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-11 00:47 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-11 00:47 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-11 00:47 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-11 00:47 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-11 00:47 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-11 00:47 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-11 00:47 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-11 00:47 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-11 00:47 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-11 00:47 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-02-11 00:47 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-02-11 00:47 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-02-11 00:47 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-02-11 00:47 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-02-11 00:47 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-11 00:47 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2016-02-11 00:47 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2016-02-11 00:46 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-02-11 00:46 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-11 00:46 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-11 00:46 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-02-11 00:46 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-02-11 00:46 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-02-11 00:46 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-11 00:46 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-02-11 00:46 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-02-11 00:46 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-02-11 00:46 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-02-11 00:46 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-02-11 00:46 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-02-11 00:46 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-11 00:46 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-11 00:46 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-02-11 00:46 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-02-11 00:46 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-02-11 00:46 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-02-11 00:46 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-02-11 00:46 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-02-11 00:46 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-02-11 00:46 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-11 00:46 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-02-11 00:46 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-11 00:46 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-11 00:46 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-02-11 00:46 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-02-11 00:46 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-02-11 00:46 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-11 00:46 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-02-11 00:46 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-11 00:46 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-02-11 00:46 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-11 00:45 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-02-11 00:45 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-11 00:45 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-02-11 00:45 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-02-11 00:45 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-02-11 00:45 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-02-11 00:45 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-02-11 00:45 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-02-11 00:45 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-02-11 00:45 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-02-11 00:45 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-02-11 00:45 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-02-11 00:45 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-02-11 00:45 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-02-09 19:37 - 2016-02-09 20:06 - 00000000 ____D C:\Users\pefa\AppData\Roaming\avidemux
2016-02-09 19:37 - 2016-02-09 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avidemux (32 bits)
2016-02-09 19:37 - 2016-02-09 19:37 - 00000000 ____D C:\Program Files (x86)\Avidemux 2.6 - 32 bits
2016-02-09 19:30 - 2016-02-12 18:54 - 00000000 ____D C:\Program Files\BitTorrent
2016-02-09 19:30 - 2016-02-09 19:30 - 00041472 _____ C:\Users\pefa\AppData\Local\Yearquadfan.dat
2016-02-09 19:28 - 2016-02-09 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-09 19:27 - 2016-02-19 07:58 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Seznam.cz
2016-02-09 19:27 - 2016-02-09 19:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-09 19:23 - 2016-02-09 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUGZip
2016-02-09 19:23 - 2016-02-09 19:23 - 00000000 ____D C:\Program Files (x86)\TUGZip
2016-02-09 19:23 - 2007-03-12 23:34 - 00162304 _____ C:\WINDOWS\SysWOW64\ztvunrar36.dll
2016-02-09 19:23 - 2007-03-12 23:34 - 00077312 _____ C:\WINDOWS\SysWOW64\ztvunace26.dll
2016-02-09 19:23 - 2007-03-12 23:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztvcabinet.dll
2016-02-09 18:59 - 2016-02-09 18:59 - 00000000 ____D C:\ProgramData\Pinnacle
2016-02-07 18:36 - 2016-02-07 18:37 - 03001696 _____ C:\Users\pefa\Desktop\SIGMA_BC1612_BC1612sts_Montage.pdf
2016-02-04 21:17 - 2016-02-04 21:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2016-01-29 20:04 - 2016-01-29 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-01-29 20:04 - 2016-01-29 20:04 - 00000000 ____D C:\Program Files\Defraggler
2016-01-28 18:02 - 2016-01-28 18:02 - 00000000 ____D C:\Users\pefa\Desktop\fr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 17:52 - 2016-01-09 15:44 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Skype
2016-02-23 16:57 - 2016-01-09 17:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-23 12:00 - 2016-01-11 18:03 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-02-23 12:00 - 2016-01-11 18:03 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-02-22 08:48 - 2016-01-09 11:25 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4175608963-2615263823-2636743382-1001
2016-02-22 08:38 - 2016-01-09 11:18 - 00000074 _____ C:\Users\pefa\AppData\Roaming\sp_data.sys
2016-02-22 08:35 - 2016-01-09 11:20 - 00000000 ___DO C:\Users\pefa\SkyDrive
2016-02-22 08:32 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-22 08:32 - 2013-08-22 14:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-02-21 15:20 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-02-21 15:12 - 2016-01-09 11:15 - 00000000 ____D C:\Users\pefa\AppData\Roaming\Atheros
2016-02-21 15:08 - 2016-01-09 11:13 - 00000981 _____ C:\Users\pefa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-21 15:08 - 2013-12-12 22:18 - 00000981 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-21 14:58 - 2014-07-10 19:39 - 21355008 ___SH C:\Users\pefa\Desktop\Thumbs.db
2016-02-21 14:55 - 2016-01-09 14:18 - 00000000 ____D C:\Users\pefa\AppData\Local\CrashDumps
2016-02-21 12:48 - 2016-01-09 17:11 - 00000000 ____D C:\Users\pefa\AppData\Roaming\vlc
2016-02-21 10:54 - 2013-12-13 05:05 - 00747350 _____ C:\WINDOWS\system32\perfh005.dat
2016-02-21 10:54 - 2013-12-13 05:05 - 00154554 _____ C:\WINDOWS\system32\perfc005.dat
2016-02-21 10:54 - 2013-12-12 22:01 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-20 18:57 - 2016-01-09 17:16 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-02-19 08:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-19 07:56 - 2016-01-23 18:10 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-02-18 21:25 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-14 14:35 - 2016-01-09 11:13 - 00000000 ____D C:\Users\pefa\AppData\Local\VirtualStore
2016-02-13 08:51 - 2016-01-22 18:24 - 00005632 _____ C:\Users\pefa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-12 18:19 - 2015-09-27 17:01 - 00000000 ____D C:\Users\pefa\AppData\LocalLow\Temp
2016-02-12 08:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-12 08:13 - 2013-12-13 05:35 - 00000000 ___DC C:\WINDOWS\Panther
2016-02-12 03:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-02-11 18:42 - 2013-08-22 15:44 - 00362520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-02-11 18:37 - 2016-01-10 14:58 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-02-11 18:37 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 18:37 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-02-11 01:30 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-11 01:30 - 2013-08-22 16:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-11 01:22 - 2016-01-09 13:17 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-11 01:20 - 2016-01-09 13:17 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-11 00:41 - 2016-01-10 09:12 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-11 00:41 - 2016-01-10 09:12 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-02-09 19:27 - 2016-01-09 16:54 - 00000000 ____D C:\ProgramData\Oracle
2016-02-09 19:26 - 2016-01-09 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 19:26 - 2016-01-09 16:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-09 19:26 - 2015-09-06 18:26 - 00000000 ____D C:\Users\pefa\.oracle_jre_usage
2016-02-09 19:25 - 2016-01-09 16:55 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-07 18:44 - 2016-01-09 15:44 - 00000000 ____D C:\ProgramData\Skype
2016-02-02 03:37 - 2016-01-14 20:06 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2016-01-14 20:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-30 21:24 - 2016-01-16 18:09 - 00000000 ____D C:\Users\pefa\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2016-01-09 11:18 - 2016-02-22 08:38 - 0000074 _____ () C:\Users\pefa\AppData\Roaming\sp_data.sys
2016-01-22 18:24 - 2016-02-13 08:51 - 0005632 _____ () C:\Users\pefa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-09 19:30 - 2016-02-09 19:30 - 0041472 _____ () C:\Users\pefa\AppData\Local\Yearquadfan.dat
2016-01-09 15:57 - 2009-11-17 08:54 - 0002844 _____ () C:\ProgramData\CfSB1240.ini
2016-01-09 15:57 - 2013-03-26 05:54 - 0002844 _____ () C:\ProgramData\CfSB1240A.ini
2014-03-20 14:41 - 2014-03-20 14:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-12 22:00 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-12 22:00 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2016-01-09 17:30 - 2016-01-09 17:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2016-01-09 17:30 - 2016-01-09 17:30 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.351.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pefa\Desktop" je 244 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

Např. na odkazech zde na Foru na nějaké obrázkové návody. Vidím tam jen slovo Obrazek,ale fotka nikde.

To neni problem u vas, nektere obrazky tam uz opravdu nejsou.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... 8B3D12E34A
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

2016-02-22 08:37 - 2016-02-22 08:37 - 00008016 _____ C:\Users\pefa\Desktop\zoek-results.txt
2016-02-22 08:31 - 2016-02-22 08:13 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-02-22 08:13 - 2016-02-22 08:29 - 00000000 ____D C:\zoek_backup
2016-02-22 08:13 - 2016-02-22 08:13 - 01309184 _____ C:\Users\pefa\Desktop\zoek.exe
2016-02-21 15:18 - 2016-02-21 15:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\Users\pefa\AppData\Roaming\SUPERAntiSpyware.com
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-02-11 18:52 - 2016-02-21 15:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-11 18:52 - 2016-02-21 14:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[cernohous13]

Pardon

Např. na odkazech zde na Foru na nějaké obrázkové návody. Vidím tam jen slovo Obrazek,ale fotka nikde.

Ty obrázky jsou na serveru který mají v Mozille blokovaný - IE a Chrome je zobrazují

[Márty84]

Pardon

Např. na odkazech zde na Foru na nějaké obrázkové návody. Vidím tam jen slovo Obrazek,ale fotka nikde.

Ty obrázky jsou na serveru který mají v Mozille blokovaný - IE a Chrome je zobrazují

Diky za upresneni

[Marwin911]

zde to je:

Fix result of Farbar Recovery Scan Tool (x64) Version:20-02-2016
Ran by pefa (2016-02-25 22:24:44) Run:2
Running from C:\Users\pefa\Desktop
Loaded Profiles: pefa (Available Profiles: pefa & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe

HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID= ... 8B3D12E34A
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB

S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]

2016-02-22 08:37 - 2016-02-22 08:37 - 00008016 _____ C:\Users\pefa\Desktop\zoek-results.txt
2016-02-22 08:31 - 2016-02-22 08:13 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-02-22 08:13 - 2016-02-22 08:29 - 00000000 ____D C:\zoek_backup
2016-02-22 08:13 - 2016-02-22 08:13 - 01309184 _____ C:\Users\pefa\Desktop\zoek.exe
2016-02-21 15:18 - 2016-02-21 15:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\Users\pefa\AppData\Roaming\SUPERAntiSpyware.com
2016-02-20 14:58 - 2016-02-20 14:58 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-02-11 18:52 - 2016-02-21 15:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-02-11 18:52 - 2016-02-21 14:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\RemoteControl10 => value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value not found.
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value not found.
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => value not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4175608963-2615263823-2636743382-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
MBAMSwissArmy => service not found.
"C:\Users\pefa\Desktop\zoek-results.txt" => not found.
"C:\WINDOWS\zoek-delete.exe" => not found.
"C:\zoek_backup" => not found.
"C:\Users\pefa\Desktop\zoek.exe" => not found.
"C:\ProgramData\Malwarebytes" => not found.
"C:\Users\pefa\AppData\Roaming\SUPERAntiSpyware.com" => not found.
"C:\ProgramData\SUPERAntiSpyware.com" => not found.
"C:\Program Files (x86)\Spybot - Search & Destroy 2" => not found.
"C:\ProgramData\Spybot - Search & Destroy" => not found.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 11.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 22:25:14 ====