Zablokovaný prohlížeč

Zpráva

rakato11 · #1 Příspěvek od **rakato11** » 22 pro 2013 15:59

Přeji hezký předvánoční den. Je tomu skoro na den přesně co mi do mého PC vlítnul vír zvaný "Slovenská Polícia" a dnes mi zase nějaký šmejd zablokoval prohlížeč, viz přiložený obrázek.
Prosím zde znalé o pomoc s jeho likvidací.
Před rokem jste mi zde velice dobře a ochotně pomohli. Děkuji.

#2 Příspěvek od **vyosek** » 22 pro 2013 16:03

Zdravim

Zkuste tento postup http://forum.viry.cz/viewtopic.php?f=29&t=132523

rakato11 · #3 Příspěvek od **rakato11** » 22 pro 2013 17:49

Tak jsem nazpět, po menších problémech kdy jsem myslel že už je konec se mi nakonec vše podařilo provézt podle přiloženého návodu, PC po restartu naběhl.
Je to všechno nebo budu muset něco ještě provézt?

#4 Příspěvek od **vyosek** » 22 pro 2013 20:36

Nyni poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

rakato11 · #5 Příspěvek od **rakato11** » 23 pro 2013 08:05

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2013 01
Ran by Otakar Vavrečka (administrator) on PC-OTAKAR on 23-12-2013 07:56:21
Running from C:\Users\Otakar Vavrečka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Seagull Scientific, Inc.) C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\SCANJET\PrecisionScanLT\hppwrsav.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
() C:\Program Files\Seznam.cz\bin\postak.exe
(Alexander Nikiforov) C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Baptiste Girod) C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
(Seagull Scientific, Inc.) C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe
() C:\Program Files\Seagull\BarTender Suite\CmdrSrv.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [x]
HKLM\...\Run: [hppwrsav] - C:\SCANJET\PrecisionScanLT\hppwrsav.exe [23552 1999-06-07] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-09] (Nero AG)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-21] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-14] (Google Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [MP3 Skype Recorder] - C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
HKCU\...\Policies\Explorer: [NoSecurityTab] 1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2801948
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - Plasmoo URL = http://plasmoo.com/index.htm?SearchMash ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 6&tsp=4920
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... }&ch_id=sm
SearchScopes: HKCU - {6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} URL = http://searchtronic.net/Search?query={s ... &tp=chrome
SearchScopes: HKCU - {7a5c188c-c8ec-4042-9a47-4a1420346ffd} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {8f9e7830-5b5d-4811-adfa-1898c733d85d} URL = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
SearchScopes: HKCU - {90e46540-5462-43d7-bacd-b2d72b9ca588} URL = http://www.firmy.cz/phr/{searchTerms}?s ... kSearch_12
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKCU - {A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} URL = http://websearch.ask.com/redirect?clien ... 8F718F9981
SearchScopes: HKCU - {a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} URL = http://search.seznam.cz/?q={searchTerms ... kSearch_12
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Lištička - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll ()
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default
FF user.js: detected! => C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\user.js
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\hledejcenycz.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\speedbit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Funmoods.com - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\ffxtlbr@funmoods.com
FF Extension: DownloadHelper - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Adblock Plus - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://start.funmoods.com/?f=1&a=ddrnw
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 6&tsp=4920"
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http://start.funmoods.com/results.php?f ... earchTerms}
CHR Extension: (Google Docs) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Freemake Video Downloader) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (Google Search) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0
CHR Extension: (avast! Online Security) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0
CHR Extension: (Freemake Video Converter) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (IMPI) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeinlpefandfngbdmdgjgepebkjap\2.0.0.429_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (uTorrentControl2) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0
CHR Extension: (Gmail) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Users\Otakar Vavrečka\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.14.1.0.crx
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Otakar Vavrečka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx

========================== Services (Whitelisted) =================

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 BarTender System Service; C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe [36432 2013-08-07] (Seagull Scientific, Inc.)
R2 Commander Service; C:\Program Files\Seagull\BarTender Suite\CmdrSrv.exe [1272912 2013-08-07] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-21] (ESET)
S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [246584 2010-06-21] ()
R2 Maestro; C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe [232528 2013-08-07] (Seagull Scientific, Inc.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [114688 2009-11-13] (Ricoh co.,Ltd.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2013-02-14] (ESET)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S2 MLPTDR_N; C:\Windows\system32\MLPTDR_N.SYS [18848 2003-07-19] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S2 PPSCAN; C:\Windows\System32\Drivers\PPSCAN.sys [91520 2002-03-29] (Hewlett-Packard Co.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2013-06-03] (Corel Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-10-10] ()
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-23 07:56 - 2013-12-23 07:57 - 00023572 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2013-12-23 07:56 - 2013-12-23 07:56 - 00000000 ____D C:\FRST
2013-12-23 07:49 - 2013-12-23 07:49 - 00112640 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe
2013-12-23 07:48 - 2013-12-23 07:48 - 01061231 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2013-12-22 17:37 - 2013-12-22 17:37 - 00029336 _____ C:\Windows\system32\HitmanPro_20131222_1737.log
2013-12-22 16:43 - 2013-12-22 17:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-22 16:28 - 2013-12-22 16:43 - 09452704 _____ (SurfRight B.V.) C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe
2013-12-21 23:45 - 2013-12-21 23:45 - 00011023 _____ C:\Users\Otakar Vavrečka\Desktop\Vložení odkodovacích klíčů.odt
2013-12-20 08:48 - 2013-12-20 08:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-11 19:54 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:54 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:53 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 19:53 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 19:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-11 19:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-11 19:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-11 19:42 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:42 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:42 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:42 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:42 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:41 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:41 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:41 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:41 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:41 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:41 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:41 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:41 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:41 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:41 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:41 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:41 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:41 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:41 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 19:36 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 19:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 19:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 19:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 19:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 19:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 19:36 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 19:36 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 19:46 - 2013-12-08 19:46 - 105093694 _____ C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom-rar.axx
2013-12-08 19:34 - 2013-12-08 19:34 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom
2013-12-07 08:30 - 2013-12-22 08:35 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job
2013-12-07 08:24 - 2013-12-07 20:06 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Skylink karta

==================== One Month Modified Files and Folders =======

2013-12-23 07:57 - 2013-12-23 07:56 - 00023572 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2013-12-23 07:56 - 2013-12-23 07:56 - 00000000 ____D C:\FRST
2013-12-23 07:49 - 2013-12-23 07:49 - 00112640 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe
2013-12-23 07:48 - 2013-12-23 07:48 - 01061231 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2013-12-23 07:46 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-23 07:46 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-23 07:40 - 2011-02-22 14:31 - 01264741 _____ C:\Windows\WindowsUpdate.log
2013-12-23 07:39 - 2013-10-29 05:18 - 00000490 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2013-12-23 07:39 - 2011-12-12 19:10 - 00000416 _____ C:\Windows\Tasks\DriverCure Startup.job
2013-12-23 07:39 - 2011-05-21 07:43 - 00000039 _____ C:\Windows\VTWAIN.INI
2013-12-23 07:39 - 2011-02-22 15:56 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-23 07:38 - 2013-09-26 11:51 - 00015488 _____ C:\Windows\setupact.log
2013-12-23 07:38 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-22 19:54 - 2011-02-22 23:03 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-12-22 19:35 - 2011-12-14 23:14 - 00001002 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job
2013-12-22 19:31 - 2013-10-12 07:21 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job
2013-12-22 19:31 - 2012-04-03 10:08 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-22 18:00 - 2011-12-12 19:10 - 00000464 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2013-12-22 17:42 - 2013-12-22 16:43 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-22 17:37 - 2013-12-22 17:37 - 00029336 _____ C:\Windows\system32\HitmanPro_20131222_1737.log
2013-12-22 16:44 - 2011-02-22 14:51 - 01594916 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-22 16:43 - 2013-12-22 16:28 - 09452704 _____ (SurfRight B.V.) C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe
2013-12-22 15:29 - 2012-01-12 08:08 - 00000000 ____D C:\Shoty
2013-12-22 08:35 - 2013-12-07 08:30 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job
2013-12-21 23:45 - 2013-12-21 23:45 - 00011023 _____ C:\Users\Otakar Vavrečka\Desktop\Vložení odkodovacích klíčů.odt
2013-12-20 17:24 - 2012-05-03 12:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 08:48 - 2013-12-20 08:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 13:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 11:30 - 2013-04-10 07:18 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-12-19 11:11 - 2013-08-20 08:42 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-19 10:38 - 2013-09-26 09:06 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Složky
2013-12-14 19:27 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-12 08:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-11 19:45 - 2009-07-14 05:33 - 00313056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 19:41 - 2013-08-14 06:58 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 19:37 - 2011-02-23 08:18 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 23:31 - 2012-04-03 10:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 23:31 - 2011-05-18 11:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-09 16:22 - 2011-12-12 19:10 - 00000400 _____ C:\Windows\Tasks\DriverCure.job
2013-12-08 19:46 - 2013-12-08 19:46 - 105093694 _____ C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom-rar.axx
2013-12-08 19:34 - 2013-12-08 19:34 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom
2013-12-07 20:06 - 2013-12-07 08:24 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Skylink karta
2013-12-06 05:33 - 2011-02-22 16:02 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-03 23:55 - 2013-06-21 14:27 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Audacity
2013-12-02 19:36 - 2012-03-07 11:43 - 00012800 _____ C:\Users\Otakar Vavrečka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-29 08:43 - 2009-07-14 05:53 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-26 11:11 - 2013-12-11 19:41 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-11 19:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-11 19:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-11 19:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-11 19:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-11 19:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:38 - 2013-12-11 19:41 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:36 - 2013-12-11 19:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-11 19:42 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-11 19:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-11 19:41 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-11 19:41 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 19:41 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-11 19:42 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:11 - 2013-11-20 08:14 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Fotky svatba
2013-11-26 08:32 - 2013-12-11 19:41 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 19:41 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-11 19:41 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 19:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-11 19:41 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 20:00 - 2011-02-22 23:03 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 19:59 - 2011-02-22 23:03 - 00000000 ___RD C:\Program Files\Skype
2013-11-23 19:26 - 2013-12-11 19:53 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 16:33 - 2013-11-20 08:15 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\RAR svatba

Some content of TEMP:
====================
C:\Users\Otakar Vavrečka\AppData\Local\temp\HitmanPro_x64.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Kickstarter.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\SkypeSetup.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Update.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.1-win32.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.2-win32.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverCure Startup.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\DriverCure.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job => C:\Users\Otakar Vavre
ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job => C:\Users\Otakar Vavre
ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Security Center ==================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Otakar Vavre�ka\Desktop" je 11970 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KONICA MINOLTA PagePro 1300WStatusDisplay
C:\Windows\system32\MSTMON_N.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak
"C:\Program Files\Seznam.cz\postak.exe" -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Scheduler for Proteus Professional 7.lnk
C:\PROGRA~1\LABCEN~1\PROTEU~1\BIN\UDSCHED.EXE "Proteus Professional" 7 [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

rakato11 · #6 Příspěvek od **rakato11** » 23 pro 2013 08:35

Jinak při dnešním spuštění PC jsem si všimnul absenci "miniaplikací".

#7 Příspěvek od **vyosek** » 24 pro 2013 10:09

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-09] (Nero AG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-14] (Google Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [MP3 Skype Recorder] - C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
HKCU\...\Policies\Explorer: [NoSecurityTab] 1

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
SearchScopes: HKCU - Plasmoo URL = http://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C8B9C417FE29AFA8&affID=120669&tt=180613_ndt6&tsp=4920
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
SearchScopes: HKCU - {6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} URL = http://searchtronic.net/Search?query={searchTerms}&i=61&tp=chrome
SearchScopes: HKCU - {7a5c188c-c8ec-4042-9a47-4a1420346ffd} URL = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
SearchScopes: HKCU - {8f9e7830-5b5d-4811-adfa-1898c733d85d} URL = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12
SearchScopes: HKCU - {90e46540-5462-43d7-bacd-b2d72b9ca588} URL = http://www.firmy.cz/phr/{searchTerms}?sourceid=QuickSearch_12
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKCU - {A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^CZ&apn_uid=70c703f4-00d2-4370-a5ae-958cd4839eeb&apn_sauid=2538BA5B-7C96-45EA-8BA8-A78F718F9981
SearchScopes: HKCU - {a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} URL = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12
BHO: Lištička - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll ()
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File

FF user.js: detected! => C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\user.js
F SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\hledejcenycz.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\speedbit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml
FF Extension: Funmoods.com - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\ffxtlbr@funmoods.com

CHR HomePage: hxxp://start.funmoods.com/?f=1&a=ddrnw
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=C8B9C417FE29AFA8&affID=120669&tt=180613_ndt6&tsp=4920"
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http://start.funmoods.com/results.php?f=4&a=ddrnw&q={searchTerms}
CHR Extension: (uTorrentControl2) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Users\Otakar Vavrečka\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.14.1.0.crx

S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [246584 2010-06-21] ()
R2 Commander Service; C:\Program Files\Seagull\BarTender Suite\CmdrSrv.exe [1272912 2013-08-07] ()

DisableService: NAUpdate

2013-12-22 16:43 - 2013-12-22 17:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-22 16:28 - 2013-12-22 16:43 - 09452704 _____ (SurfRight B.V.) C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe
C:\Program Files\ICQ6Toolbar
C:\Users\Otakar Vavrečka\AppData\Local\temp\HitmanPro_x64.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Kickstarter.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\SkypeSetup.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Update.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.1-win32.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.2-win32.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverCure Startup.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\DriverCure.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job => C:\Users\Otakar Vavre
ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job => C:\Users\Otakar Vavre
ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Scheduler for Proteus Professional 7.lnk" /f

Hosts:
CMD: shutdown /r /f /t 2

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

rakato11 · #8 Příspěvek od **rakato11** » 24 pro 2013 13:36

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-12-2013 01
Ran by Otakar Vavrečka at 2013-12-24 13:31:02 Run:1
Running from C:\Users\Otakar Vavrečka\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-09] (Nero AG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-14] (Google Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [MP3 Skype Recorder] - C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
HKCU\...\Policies\Explorer: [NoSecurityTab] 1

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2801948
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - Plasmoo URL = http://plasmoo.com/index.htm?SearchMash ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 6&tsp=4920
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... }&ch_id=sm
SearchScopes: HKCU - {6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} URL = http://searchtronic.net/Search?query={s ... &tp=chrome
SearchScopes: HKCU - {7a5c188c-c8ec-4042-9a47-4a1420346ffd} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {8f9e7830-5b5d-4811-adfa-1898c733d85d} URL = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
SearchScopes: HKCU - {90e46540-5462-43d7-bacd-b2d72b9ca588} URL = http://www.firmy.cz/phr/{searchTerms}?s ... kSearch_12
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKCU - {A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^CZ&apn_uid=70c703f4-00d2-4370-a5ae-958cd4839eeb&apn_sauid=2538BA5B-7C96-45EA-8BA8-A78F718F9981
SearchScopes: HKCU - {a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} URL = http://search.seznam.cz/?q={searchTerms ... kSearch_12
BHO: Lištička - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll ()
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File

FF user.js: detected! => C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\user.js
F SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\hledejcenycz.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\speedbit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml
FF Extension: Funmoods.com - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\ffxtlbr@funmoods.com

CHR HomePage: hxxp://start.funmoods.com/?f=1&a=ddrnw
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 6&tsp=4920"
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http://start.funmoods.com/results.php?f ... earchTerms}
CHR Extension: (uTorrentControl2) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Users\Otakar Vavrečka\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.14.1.0.crx

S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [246584 2010-06-21] ()
R2 Commander Service; C:\Program Files\Seagull\BarTender Suite\CmdrSrv.exe [1272912 2013-08-07] ()

DisableService: NAUpdate

2013-12-22 16:43 - 2013-12-22 17:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-22 16:28 - 2013-12-22 16:43 - 09452704 _____ (SurfRight B.V.) C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe
C:\Program Files\ICQ6Toolbar
C:\Users\Otakar Vavrečka\AppData\Local\temp\HitmanPro_x64.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Kickstarter.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\SkypeSetup.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Update.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.1-win32.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.2-win32.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverCure Startup.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\DriverCure.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job => C:\Users\Otakar Vavre
#ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job => C:\Users\Otakar Vavre
#ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Scheduler for Proteus Professional 7.lnk" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SynTPEnh => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Seznam Postak => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MP3 Skype Recorder => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{37483b40-c254-4a72-bda4-22ee90182c1e} => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Plasmoo => Key deleted successfully.
HKCR\Wow6432Node\CLSID\Plasmoo => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7a5c188c-c8ec-4042-9a47-4a1420346ffd} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{7a5c188c-c8ec-4042-9a47-4a1420346ffd} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8f9e7830-5b5d-4811-adfa-1898c733d85d} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8f9e7830-5b5d-4811-adfa-1898c733d85d} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{90e46540-5462-43d7-bacd-b2d72b9ca588} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{90e46540-5462-43d7-bacd-b2d72b9ca588} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => Key deleted successfully.
HKCR\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => Key deleted successfully.
HKCR\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{AF3D7884-B142-414E-943D-75D8D54E1FFF} => Value deleted successfully.
HKCR\CLSID\{AF3D7884-B142-414E-943D-75D8D54E1FFF} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} => Value deleted successfully.
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} => Value deleted successfully.
HKCR\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} => Value deleted successfully.
HKCR\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Value deleted successfully.
HKCR\CLSID\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Key not found.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\user.js => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\badoo.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\BrowserDefender.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\delta.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\funmoods.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\hledejcenycz.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icq-search.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-1.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-10.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-11.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-12.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-13.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-14.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-15.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-16.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-17.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-18.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-19.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-20.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-21.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-22.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-23.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-24.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-4.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-5.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-6.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-7.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-8.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-9.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\mixidj.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\speedbit.xml => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\ffxtlbr@funmoods.com => Moved successfully.
CHR HomePage: hxxp://start.funmoods.com/?f=1&a=ddrnw ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 6&tsp=4920" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Search ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://start.funmoods.com/results.php?f ... earchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaakfopmidbfddimafofbdngbkidf => Key deleted successfully.
"C:\Users\Otakar Vavrečka\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.14.1.0.crx" => File/Directory not found.
ICQ Service => Service deleted successfully.
Commander Service => Service deleted successfully.
NAUpdate service was disabled
C:\ProgramData\HitmanPro => Moved successfully.
C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe => Moved successfully.
C:\Program Files\ICQ6Toolbar => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\HitmanPro_x64.exe => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\Kickstarter.exe => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\SkypeSetup.exe => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\Update.exe => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.1-win32.exe => Moved successfully.
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.2-win32.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\DriverCure Startup.job => Moved successfully.
C:\Windows\Tasks\DriverCure.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job => Moved successfully.
C:\Windows\Tasks\ParetoLogic Registration3.job => Moved successfully.
C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => Moved successfully.
C:\Windows\Tasks\ParetoLogic Update Version3.job => Moved successfully.
C:\Windows\System32 => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
C:\ProgramData\TEMP => ":1CE11B51" ADS removed successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Scheduler for Proteus Professional 7.lnk" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

The system needs a manual reboot.

==== End of Fixlog ====

#9 Příspěvek od **vyosek** » 24 pro 2013 13:54

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

rakato11 · #10 Příspěvek od **rakato11** » 24 pro 2013 22:07

# AdwCleaner v3.016 - Report created 24/12/2013 at 22:03:36
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Otakar Vavrečka - PC-OTAKAR
# Running from : C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\DriverCure
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Funmoods
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Program Files\ParetoLogic
Folder Deleted : C:\Program Files\RegClean Pro
Folder Deleted : C:\Program Files\Uniblue\SpeedUpMyPC
Folder Deleted : C:\Program Files\Windows Searchqu Toolbar
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Program Files\Common Files\ParetoLogic
Folder Deleted : C:\Program Files\Common Files\Plasmoo
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Local\PackageAware
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\LocalLow\Searchqutoolbar
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\CRMixiDJTB
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Conduit
Folder Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\ICQToolbarData
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\bProtector_extensions.rdf
File Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\invalidprefs.js
File Deleted : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\NCH Software
File Deleted : C:\Windows\System32\Tasks\paretologic registration3
File Deleted : C:\Windows\System32\Tasks\paretologic update version3
File Deleted : C:\Windows\System32\Tasks\RegClean Pro
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F75235F6-DA81-4B6D-A424-771AEB8A2B4B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F75235F6-DA81-4B6D-A424-771AEB8A2B4B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B19FDAF-9418-48E7-BAED-EF87B2A46802}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D9ACD64-5B36-4415-8743-62A7B5374687}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B19FDAF-9418-48E7-BAED-EF87B2A46802}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0EB59273-D10C-45C4-8EED-0648D2A20260}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EB59273-D10C-45C4-8EED-0648D2A20260}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26F86EC3-9B38-45DD-90A7-8E2331E7D59E}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26F86EC3-9B38-45DD-90A7-8E2331E7D59E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Key Deleted : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\8e8cd0e76eb917
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A8E5842E-102B-4289-9D57-3B3F5B5E15D3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Funmoods
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\prefs.js ]

Line Deleted : user_pref("CT3289075_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1371545111491,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2801948");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2475029");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "myashampoo");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Mar 29 2011 11:14:50 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Mar 29 2011 12:14:58 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Mar 29 2011 11:14:48 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "fa9be087-645c-4440-9dcd-f0095370513c");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.speedbit.com/search.aspx?s=D5Aa&q=");
Line Deleted : user_pref("browser.startup.homepage_override_url", "hxxp://search.speedbit.com/?s=D5Aa");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "cs");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "c8b9cbef000000000000c417fe29afa8");
Line Deleted : user_pref("extensions.delta.instlDay", "15877");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.58:32:12");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=120669&tt=180613_ndt6&tsp=4920");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.funmoods_i.aflt", "ddrnw");
Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Line Deleted : user_pref("extensions.funmoods_i.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=ddrnw");
Line Deleted : user_pref("extensions.funmoods_i.id", "c8b9cbef000000000000c417fe29afa8");
Line Deleted : user_pref("extensions.funmoods_i.instlDay", "16018");
Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=ddrnw");
Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods_i.tlbrSrchUrl", "hxxp://start.funmoods.com/results.php?f=3&a=ddrnw&q=");
Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1617:15:13");
Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
Line Deleted : user_pref("smartbar.machineId", "FUODJFCSP/6WYULEJRENDFW+CGWLFVAPBUFDQN4TS/22EF5P0QVWSC9UCLHBDHRLU+5OAB1UTSEDL7LRAOBVSQ");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup
Deleted : homepage
Deleted : search_url

*************************

AdwCleaner[R0].txt - [17543 octets] - [24/12/2013 22:02:46]
AdwCleaner[S0].txt - [17941 octets] - [24/12/2013 22:03:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18002 octets] ##########

#11 Příspěvek od **vyosek** » 24 pro 2013 22:53

Poprosim o novy log z FRSTLauncheru

rakato11 · #12 Příspěvek od **rakato11** » 25 pro 2013 08:43

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 22-12-2013 01
Ran by Otakar Vavrečka at 2013-12-25 08:39:32 Run:2
Running from C:\Users\Otakar Vavrečka\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [] - [x]
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-09] (Nero AG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [Google Update] - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-14] (Google Inc.)
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()
HKCU\...\Run: [MP3 Skype Recorder] - C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [1975296 2011-11-17] (Alexander Nikiforov)
HKCU\...\Policies\Explorer: [NoSecurityTab] 1

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.funmoods.com/?f=1&a=ddrnw
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
URLSearchHook: HKCU - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2801948
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - Plasmoo URL = http://plasmoo.com/index.htm?SearchMash ... earchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 6&tsp=4920
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... }&ch_id=sm
SearchScopes: HKCU - {6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} URL = http://searchtronic.net/Search?query={s ... &tp=chrome
SearchScopes: HKCU - {7a5c188c-c8ec-4042-9a47-4a1420346ffd} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = http://start.funmoods.com/results.php?f ... earchTerms}
SearchScopes: HKCU - {8f9e7830-5b5d-4811-adfa-1898c733d85d} URL = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
SearchScopes: HKCU - {90e46540-5462-43d7-bacd-b2d72b9ca588} URL = http://www.firmy.cz/phr/{searchTerms}?s ... kSearch_12
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} URL = http://dts.search-results.com/sr?src=ie ... 14&sr=0&q={searchTerms}
SearchScopes: HKCU - {A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^CZ&apn_uid=70c703f4-00d2-4370-a5ae-958cd4839eeb&apn_sauid=2538BA5B-7C96-45EA-8BA8-A78F718F9981
SearchScopes: HKCU - {a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} URL = http://search.seznam.cz/?q={searchTerms ... kSearch_12
BHO: Lištička - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\bin\listicka.dll ()
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - No Name - {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - No File
Toolbar: HKLM - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\bin\toolbar\toolbar.dll ()
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} - No File

FF user.js: detected! => C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\user.js
F SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\funmoods.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\hledejcenycz.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-10.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-11.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-22.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-23.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-24.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\speedbit.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml
FF Extension: Funmoods.com - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\ffxtlbr@funmoods.com

CHR HomePage: hxxp://start.funmoods.com/?f=1&a=ddrnw
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 6&tsp=4920"
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http://start.funmoods.com/results.php?f ... earchTerms}
CHR Extension: (uTorrentControl2) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.19.11_0
CHR HKLM\...\Chrome\Extension: [aaaaaakfopmidbfddimafofbdngbkidf] - C:\Users\Otakar Vavrečka\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.14.1.0.crx

S2 ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [246584 2010-06-21] ()
R2 Commander Service; C:\Program Files\Seagull\BarTender Suite\CmdrSrv.exe [1272912 2013-08-07] ()

DisableService: NAUpdate

2013-12-22 16:43 - 2013-12-22 17:42 - 00000000 ____D C:\ProgramData\HitmanPro
2013-12-22 16:28 - 2013-12-22 16:43 - 09452704 _____ (SurfRight B.V.) C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe
C:\Program Files\ICQ6Toolbar
C:\Users\Otakar Vavrečka\AppData\Local\temp\HitmanPro_x64.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Kickstarter.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\SkypeSetup.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\Update.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.1-win32.exe
C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.2-win32.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverCure Startup.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\DriverCure.job => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job => C:\Users\Otakar Vavre
ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job => C:\Users\Otakar Vavre
ka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

AlternateDataStreams: C:\Windows\System32:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Scheduler for Proteus Professional 7.lnk" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SynTPEnh => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Seznam Postak => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MP3 Skype Recorder => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSecurityTab => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\ICQ Search => Value not found.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{37483b40-c254-4a72-bda4-22ee90182c1e} => Value not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key not found.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Plasmoo => Key not found.
HKCR\Wow6432Node\CLSID\Plasmoo => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found.
HKCR\Wow6432Node\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCR\Wow6432Node\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} => Key not found.
HKCR\Wow6432Node\CLSID\{6ADBA5DE-2737-4D97-9696-2AEE01D5CDAB} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7a5c188c-c8ec-4042-9a47-4a1420346ffd} => Key not found.
HKCR\Wow6432Node\CLSID\{7a5c188c-c8ec-4042-9a47-4a1420346ffd} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B} => Key not found.
HKCR\Wow6432Node\CLSID\{8A244612-A1F7-11E0-95C0-E71F4824019B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8f9e7830-5b5d-4811-adfa-1898c733d85d} => Key not found.
HKCR\Wow6432Node\CLSID\{8f9e7830-5b5d-4811-adfa-1898c733d85d} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{90e46540-5462-43d7-bacd-b2d72b9ca588} => Key not found.
HKCR\Wow6432Node\CLSID\{90e46540-5462-43d7-bacd-b2d72b9ca588} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key not found.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} => Key not found.
HKCR\Wow6432Node\CLSID\{A3EBC54D-29A2-4E25-9D3C-78EACD063B9B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} => Key not found.
HKCR\Wow6432Node\CLSID\{a9bcd73f-ca79-4fa4-a722-e0ae69ece4c2} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => Key not found.
HKCR\CLSID\{EA837F48-5AD1-443E-AE34-FFE03CBF3099} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => Key not found.
HKCR\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value not found.
HKCR\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{AF3D7884-B142-414E-943D-75D8D54E1FFF} => Value not found.
HKCR\CLSID\{AF3D7884-B142-414E-943D-75D8D54E1FFF} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} => Value not found.
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} => Value not found.
HKCR\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} => Value not found.
HKCR\CLSID\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Value not found.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Value not found.
HKCR\CLSID\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Key not found.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\user.js => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\badoo.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\BrowserDefender.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\delta.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\funmoods.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\hledejcenycz.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icq-search.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-1.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-10.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-11.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-12.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-13.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-14.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-15.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-16.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-17.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-18.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-19.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-20.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-21.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-22.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-23.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-24.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-4.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-5.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-6.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-7.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-8.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin-9.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\icqplugin.xml" => not found.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\mixidj.xml" => not found.
Could not move "C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup" => Scheduled to move on reboot.
"C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\speedbit.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\babylon.xml" => not found.
"C:\Program Files\mozilla firefox\searchplugins\butterscotch_igeared.xml" => not found.
C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\ffxtlbr@funmoods.com => not found.
CHR HomePage: hxxp://start.funmoods.com/?f=1&a=ddrnw ==> The Chrome "Settings" can be used to fix the entry.
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntr ... 6&tsp=4920" ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchProvider: Search ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://start.funmoods.com/results.php?f ... earchTerms} ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaakfopmidbfddimafofbdngbkidf => Key not found.
"C:\Users\Otakar Vavrečka\AppData\Local\APN\GoogleCRXs\aaaaaakfopmidbfddimafofbdngbkidf_7.14.1.0.crx" => File/Directory not found.
ICQ Service => Service not found.
Commander Service => Service not found.
NAUpdate service was disabled
"C:\ProgramData\HitmanPro" => File/Directory not found.
"C:\Users\Otakar Vavrečka\Desktop\HitmanPro.exe" => File/Directory not found.
"C:\Program Files\ICQ6Toolbar" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\HitmanPro_x64.exe" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\jre-7u45-windows-i586-iftw.exe" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\Kickstarter.exe" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\SkypeSetup.exe" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\Update.exe" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.1-win32.exe" => File/Directory not found.
"C:\Users\Otakar Vavrečka\AppData\Local\temp\vlc-2.1.2-win32.exe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
C:\Windows\Tasks\DriverCure Startup.job not found.
C:\Windows\Tasks\DriverCure.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03.job not found.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA.job not found.
C:\Windows\Tasks\ParetoLogic Registration3.job not found.
C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job not found.
C:\Windows\Tasks\ParetoLogic Update Version3.job not found.
"C:\Windows\System32" => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS not found.
"C:\ProgramData\TEMP" => ":1CE11B51" ADS not found.
"C:\ProgramData\TEMP" => ":373E1720" ADS not found.
"C:\ProgramData\TEMP" => ":56E2E879" ADS not found.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Scheduler for Proteus Professional 7.lnk" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2013-12-25 08:41:46)<=

C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\searchplugins\searchplugins-backup => Moved successfully.

==== End of Fixlog ====

#13 Příspěvek od **vyosek** » 25 pro 2013 12:28

To jste udelal znovu fixlist, ja bych rad o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

rakato11 · #14 Příspěvek od **rakato11** » 25 pro 2013 12:47

Promiňte, nyní to bude asi dobře.
Nevím proč, ale vyskočil mi ještě jeden, dám i ten druhý za ním.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2013 01
Ran by Otakar Vavrečka (administrator) on PC-OTAKAR on 25-12-2013 12:39:38
Running from C:\Users\Otakar Vavrečka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Seagull Scientific, Inc.) C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\SCANJET\PrecisionScanLT\hppwrsav.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Seagull Scientific, Inc.) C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe
() C:\Program Files\Seznam.cz\bin\postak.exe
(Baptiste Girod) C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hppwrsav] - C:\SCANJET\PrecisionScanLT\hppwrsav.exe [23552 1999-06-07] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-21] (ESET)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()

==================== Internet (Whitelisted) ====================

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DownloadHelper - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Adblock Plus - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http://www.google.com
CHR Extension: (Google Docs) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Freemake Video Downloader) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (Google Search) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0
CHR Extension: (avast! Online Security) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0
CHR Extension: (Freemake Video Converter) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (IMPI) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeinlpefandfngbdmdgjgepebkjap\2.0.0.429_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Otakar Vavrečka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx

========================== Services (Whitelisted) =================

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 BarTender System Service; C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe [36432 2013-08-07] (Seagull Scientific, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-21] (ESET)
R2 Maestro; C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe [232528 2013-08-07] (Seagull Scientific, Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [114688 2009-11-13] (Ricoh co.,Ltd.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2013-02-14] (ESET)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S2 MLPTDR_N; C:\Windows\system32\MLPTDR_N.SYS [18848 2003-07-19] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S2 PPSCAN; C:\Windows\System32\Drivers\PPSCAN.sys [91520 2002-03-29] (Hewlett-Packard Co.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2013-06-03] (Corel Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-10-10] ()
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-25 12:39 - 2013-12-25 12:40 - 00012073 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2013-12-25 08:36 - 2013-12-25 08:36 - 00029696 _____ C:\Users\Otakar Vavrečka\AppData\Local\MSGBOX.EXE
2013-12-25 08:36 - 2013-12-25 08:36 - 00015327 _____ C:\Users\Otakar Vavrečka\Desktop\LM.bat
2013-12-24 22:02 - 2013-12-24 22:20 - 00000000 ____D C:\AdwCleaner
2013-12-24 22:01 - 2013-12-24 22:01 - 01233962 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
2013-12-23 08:03 - 2013-12-23 08:03 - 00006783 _____ C:\Users\Otakar Vavrečka\Desktop\Addition.rar
2013-12-23 07:56 - 2013-12-25 08:41 - 00000000 ____D C:\FRST
2013-12-23 07:49 - 2013-12-23 07:49 - 00112640 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe
2013-12-23 07:48 - 2013-12-23 07:48 - 01061231 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2013-12-22 17:37 - 2013-12-22 17:37 - 00029336 _____ C:\Windows\system32\HitmanPro_20131222_1737.log
2013-12-21 23:45 - 2013-12-21 23:45 - 00011023 _____ C:\Users\Otakar Vavrečka\Desktop\Vložení odkodovacích klíčů.odt
2013-12-20 08:48 - 2013-12-20 08:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-11 19:54 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:54 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:53 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 19:53 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 19:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-11 19:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-11 19:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-11 19:42 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:42 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:42 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:42 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:42 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:41 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:41 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:41 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:41 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:41 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:41 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:41 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:41 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:41 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:41 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:41 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:41 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:41 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:41 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 19:36 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 19:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 19:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 19:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 19:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 19:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 19:36 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 19:36 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 19:46 - 2013-12-08 19:46 - 105093694 _____ C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom-rar.axx
2013-12-08 19:34 - 2013-12-08 19:34 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom
2013-12-07 08:24 - 2013-12-07 20:06 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Skylink karta

==================== One Month Modified Files and Folders =======

2013-12-25 12:40 - 2013-12-25 12:39 - 00012073 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2013-12-25 09:36 - 2011-02-22 14:51 - 01594916 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 09:35 - 2013-04-10 07:18 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-12-25 09:23 - 2011-02-22 14:31 - 01382803 _____ C:\Windows\WindowsUpdate.log
2013-12-25 08:47 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-25 08:47 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-25 08:41 - 2013-12-23 07:56 - 00000000 ____D C:\FRST
2013-12-25 08:41 - 2011-05-21 07:43 - 00000039 _____ C:\Windows\VTWAIN.INI
2013-12-25 08:40 - 2013-09-26 11:51 - 00016048 _____ C:\Windows\setupact.log
2013-12-25 08:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 08:36 - 2013-12-25 08:36 - 00029696 _____ C:\Users\Otakar Vavrečka\AppData\Local\MSGBOX.EXE
2013-12-25 08:36 - 2013-12-25 08:36 - 00015327 _____ C:\Users\Otakar Vavrečka\Desktop\LM.bat
2013-12-24 22:20 - 2013-12-24 22:02 - 00000000 ____D C:\AdwCleaner
2013-12-24 22:03 - 2013-01-17 06:29 - 00000000 ____D C:\Program Files\Uniblue
2013-12-24 22:01 - 2013-12-24 22:01 - 01233962 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
2013-12-24 21:20 - 2011-02-22 23:03 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-12-24 20:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-23 08:03 - 2013-12-23 08:03 - 00006783 _____ C:\Users\Otakar Vavrečka\Desktop\Addition.rar
2013-12-23 07:49 - 2013-12-23 07:49 - 00112640 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe
2013-12-23 07:48 - 2013-12-23 07:48 - 01061231 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2013-12-22 17:37 - 2013-12-22 17:37 - 00029336 _____ C:\Windows\system32\HitmanPro_20131222_1737.log
2013-12-22 15:29 - 2012-01-12 08:08 - 00000000 ____D C:\Shoty
2013-12-21 23:45 - 2013-12-21 23:45 - 00011023 _____ C:\Users\Otakar Vavrečka\Desktop\Vložení odkodovacích klíčů.odt
2013-12-20 17:24 - 2012-05-03 12:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 08:48 - 2013-12-20 08:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 13:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 11:11 - 2013-08-20 08:42 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-19 10:38 - 2013-09-26 09:06 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Složky
2013-12-12 08:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-11 19:45 - 2009-07-14 05:33 - 00313056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 19:41 - 2013-08-14 06:58 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 19:37 - 2011-02-23 08:18 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 23:31 - 2012-04-03 10:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 23:31 - 2011-05-18 11:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-08 19:46 - 2013-12-08 19:46 - 105093694 _____ C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom-rar.axx
2013-12-08 19:34 - 2013-12-08 19:34 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom
2013-12-07 20:06 - 2013-12-07 08:24 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Skylink karta
2013-12-06 05:33 - 2011-02-22 16:02 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-03 23:55 - 2013-06-21 14:27 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Audacity
2013-12-02 19:36 - 2012-03-07 11:43 - 00012800 _____ C:\Users\Otakar Vavrečka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-29 08:43 - 2009-07-14 05:53 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-26 12:25 - 2011-02-22 15:10 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-26 11:11 - 2013-12-11 19:41 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-11 19:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-11 19:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-11 19:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-11 19:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-11 19:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:38 - 2013-12-11 19:41 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:36 - 2013-12-11 19:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-11 19:42 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-11 19:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-11 19:41 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-11 19:41 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 19:41 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-11 19:42 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:11 - 2013-11-20 08:14 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Fotky svatba
2013-11-26 08:32 - 2013-12-11 19:41 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 19:41 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-11 19:41 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 19:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-11 19:41 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-25 20:00 - 2011-02-22 23:03 - 00000000 ____D C:\ProgramData\Skype
2013-11-25 19:59 - 2011-02-22 23:03 - 00000000 ___RD C:\Program Files\Skype

Some content of TEMP:
====================
C:\Users\Otakar Vavrečka\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-20 09:58

==================== End Of Log ============================

Druhý log:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-12-2013 01
Ran by Otakar Vavrečka at 2013-12-25 12:40:58
Running from C:\Users\Otakar Vavrečka\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

µTorrent (Version: 3.3.0.29677)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) - Czech (Version: 11.0.05)
Ashampoo Burning Studio 6 FREE v.6.84 (Version: 6.8.4)
Audacity 2.0.5 (Version: 2.0.5)
AxCrypt 1.7.2976.0 (Version: 1.7.2976.0)
BarTender 10.1 (Version: 10.1.2934)
Broadcom 802.11 Wireless LAN Adapter (Version: )
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.9.0.6)
Canon PhotoRecord
Canon RAW Codec (Version: 1.7.0.56)
Canon Utilities CameraWindow DC 8 (Version: 8.8.0.17)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10)
Canon Utilities ImageBrowser EX (Version: 1.2.1.13)
Canon Utilities ZoomBrowser EX (Version: 04.00.00024)
Canon Utilities ZoomBrowser EX (Version: 6.9.0.1)
CCleaner (Version: 3.15)
CDBurnerXP (Version: 4.3.8.2568)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
ConvertXtoDVD 4.1.19.365 (Version: 4.1.19.365)
Cryptext (Remove Only)
Debut Video Capture Software
doPDF 7.2 printer
EAGLE 5.6.0 (Version: 5.6.0)
ESET Smart Security (Version: 6.0.316.2)
Eusing Free MP3 Cutter
EVEREST Ultimate Edition v5.50 (Version: 5.50)
FastStone Image Viewer 4.6 (Version: 4.6)
Free DVD Video Converter version 1.5.15.602
Free Studio version 2013 (Version: 6.1.1.430)
Free Video Converter V 3.1 (Version: 3.1.0.0)
Free Video Dub version 1.8.12.804
Free Video to DVD Converter version 1.6.21.602
Free YouTube Download version 2.10.41.721
GIMP 2.6.11 (Version: 2.6.11)
Google Drive (Version: 1.13.5782.599)
Google Chrome (Version: 31.0.1650.63)
Google Talk Plugin (Version: 4.9.1.16010)
Google Update Helper (Version: 1.3.22.3)
HP PrecisionScan LT Software
HP Web Camera (Version: 1.0.0)
HP Webcam (Version: 1.0)
Chinese Traditional Fonts Support For Adobe Reader X (Version: 10.0.0)
ICQ7.6 (Version: 7.6)
Integrated Camera Driver Installer Package Ver.1.33.110.0 (Version: 1.33.110.0)
IrfanView (remove only) (Version: 4.36)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.1.1 (Version: 2.1.1)
KONICA MINOLTA PagePro 1300W
LSI HDA Modem (Version: 2.2.100)
Marvell Miniport Driver (Version: 11.45.4.3)
Microsoft .NET Framework 4.5 CSY Language Pack (Version: 4.5.50709)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 26.0 (x86 cs) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MP3 Skype Recorder (Version: 3.1.3)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nero 7 Ultra Edition (Version: 7.02.6446)
Nero Update (Version: 11.0.11800.31.0)
neroxml (Version: 1.0.0)
OpenOffice.org 3.3 (Version: 3.3.9567)
Proteus 7 Professional (Version: 7.01.0200)
QCAD Professional Demo 2.2.2.0 (Version: 2.2.2.0)
Recuva (Version: 1.48)
Revo Uninstaller Pro 2.5.8 (Version: 2.5.8)
Secure Folder 7.4.1 (Version: 7.4.1)
Seznam Lištička (Všichni uživatelé tohoto počítače.)
Seznam Pošťák 2 (Všichni uživatelé tohoto počítače.)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.11 (Version: 6.11.102)
Sound Organizer (Version: 1.4.0.11260)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
Total Commander (Remove or Repair) (Version: 7.56a)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.88)
Uninstall 1.0.0.1
Uschovna.cz 1.1.0 (Version: 1.1.0)
VideoPad Video Editor
VLC media player 2.1.2 (Version: 2.1.2)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
X-Lite 3.0

==================== Restore Points =========================

08-11-2013 06:28:49 Windows Update
09-11-2013 18:52:47 Revo Uninstaller Pro's restore point - JDownloader 0.9
09-11-2013 19:33:51 Revo Uninstaller Pro's restore point - Ulož.to File Manager verze 1.6
10-11-2013 17:39:14 Revo Uninstaller Pro's restore point - Audacity 1.3.12 (Unicode)
11-11-2013 08:24:49 Revo Uninstaller Pro's restore point - LAME v3.99.3 (for Windows)
11-11-2013 08:27:08 Revo Uninstaller Pro's restore point - Free MP3 Cutter and Editor 2.6
12-11-2013 05:56:18 Windows Update
14-11-2013 10:49:54 Windows Update
15-11-2013 16:41:38 Revo Uninstaller Pro's restore point - McAfee Security Scan Plus
19-11-2013 06:04:41 Windows Update
19-11-2013 09:41:58 Windows Update
21-11-2013 07:41:01 Windows Zálohování
21-11-2013 09:16:40 Installed AxCrypt 1.7.2976.0
21-11-2013 09:24:08 Revo Uninstaller Pro's restore point - TuneUp Utilities 2014
22-11-2013 20:52:53 Windows Update
26-11-2013 06:54:55 Windows Update
29-11-2013 07:46:10 Windows Update
03-12-2013 12:45:41 Windows Update
07-12-2013 06:55:43 Windows Update
10-12-2013 07:41:37 Windows Update
11-12-2013 18:37:02 Windows Update
11-12-2013 18:53:39 Windows Update
17-12-2013 06:57:00 Windows Update
20-12-2013 07:03:04 Windows Update
22-12-2013 08:28:20 Windows Zálohování
24-12-2013 08:32:29 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2013-12-25 08:39 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01047422-95F6-4E41-84A4-87D3D7C76CB2} - System32\Tasks\{4C8D54F2-DDF6-4479-8A11-A98C6C789A9B} => C:\Users\Otakar Vavrečka\Desktop\irfanview_plugins_428_setup.exe
Task: {0A7BBC7F-EA44-49DA-9F98-DFDF996615CC} - System32\Tasks\{8837DE81-A262-4804-A9DA-948CC5CFBF46} => C:\Users\Otakar Vavrečka\Desktop\dotnetfx35.exe
Task: {134F6F98-8CE4-459F-BDF5-D2C56B9F0796} - System32\Tasks\{FF406F8A-6A3E-44F5-95D2-358E780EBEB1} => C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [2011-11-17] (Alexander Nikiforov)
Task: {19BEF07A-955C-49B9-86E7-3D1E4776595E} - System32\Tasks\{F10D7645-90FB-4D11-A4AA-2B5B2F604664} => C:\Program Files\YTD\ytd.exe [2011-12-31] (Pepak)
Task: {1B37094A-8A26-4970-9610-9CF981C4AFB2} - System32\Tasks\{F0150743-E3C6-4235-96B0-40D74873D707} => C:\Users\Otakar Vavrečka\Desktop\JDownloaderSetup.exe
Task: {1DE01025-3372-47F9-88C1-6D253B3C4001} - System32\Tasks\{13FBC005-0AF3-4F20-9DF1-36508DE5DFDB} => C:\Users\Otakar Vavrečka\Desktop\MP3SkypeRecorderSetup.exe
Task: {1E97DEFE-56CD-43DA-9D17-E238D9194780} - System32\Tasks\DriverCure => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: {207358A3-F3B5-426D-8DEE-266E2C025C95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22] (Google Inc.)
Task: {2C32BA44-7ED8-4882-9A19-2EFAD9607464} - System32\Tasks\GoogleUpdateTaskMachineUA1cec7133d9e20a7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-02-22] (Google Inc.)
Task: {319C6C21-DA9D-40B9-8EDD-6E7F490B1911} - System32\Tasks\{11AB4839-9909-4AA7-AD14-EA2EAFA4D911} => C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
Task: {357FCF13-A78C-46A3-AF20-4EAB85C83F36} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000UA => C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {7D380409-659D-4A8E-978C-AAEC2BAEC392} - System32\Tasks\Start Registry Reviver => C:\Program Files\Reviversoft\Registry Reviver\RegistryReviver.exe
Task: {82EDEADF-7EFD-425A-B27A-B00936ED9D8A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {8EA61841-0156-4EEB-8C34-501C86807912} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9052753E-B964-4F7D-9F1A-9F914FD7F9C6} - System32\Tasks\{1F3A9C16-7D5A-43D2-B156-63EEC906B679} => C:\Users\Otakar Vavrečka\Desktop\postak-ff-2.5.1.exe
Task: {A3A33684-C8AE-4437-8D62-145F4C74EC7C} - System32\Tasks\DriverCure Startup => C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe
Task: {A949EBC3-90AC-4902-ABFD-74CBF6D6FFBB} - System32\Tasks\{7478DCFE-FF91-47C5-9F7A-ED2100B4BE61} => C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe [2011-11-17] (Alexander Nikiforov)
Task: {AFAB917C-7917-4910-A65F-4572249321EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-505298747-3480647553-2469496864-1000Core1cef31e32efcb03 => C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-14] (Google Inc.)
Task: {B18AD166-8E83-4F2C-AD31-009ECC0EF616} - System32\Tasks\{9D52FDE3-F20B-4686-8DD0-2EBF00DB6704} => C:\Program Files\LibreOffice 3\program\soffice.exe
Task: {BB8D6DC3-4848-4482-BC04-349C3860819C} - System32\Tasks\{98A70D07-498F-4BC2-AF84-3310688F2CFE} => C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe [2010-10-04] ()
Task: {BDC105AB-4519-47C0-9E9C-EA6A7E595921} - System32\Tasks\{DB39F503-5081-4645-94B0-FE40C9C0E720} => D:\Programy-1\MP3SkypeRecorderSetup.exe [2013-10-10] ()
Task: {C794E32C-A489-4CBD-A342-4D6B010D9689} - System32\Tasks\{B826E4A4-24ED-4F5A-97A7-8F68847BCD73} => C:\Users\Otakar Vavrečka\Desktop\JDownloaderSetup.exe
Task: {DA372757-FD2E-4146-A764-A902379CD7CD} - System32\Tasks\{9B039347-33BD-49D9-80C0-367F2A397655} => C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe [2010-10-04] ()
Task: {E13D5956-1075-42EB-807A-4ECEE387EF5D} - System32\Tasks\{4377EADB-F2F3-4484-B7AB-4681C56FD068} => C:\Users\Otakar Vavrečka\Desktop\dotNetFx35setup.exe
Task: {F6D60C21-7223-4D85-8B87-5181AC472DFA} - System32\Tasks\{BD8B9751-91CF-4733-8234-8642163D0119} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {FF2CB3C2-4BEB-481B-A68C-E501384883FD} - System32\Tasks\{110C381A-5642-470B-A060-54393638CE8D} => C:\Users\Otakar Vavrečka\Desktop\dotNetFx35setup.exe

==================== Loaded Modules (whitelisted) =============

2011-02-28 22:44 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
1999-04-23 03:21 - 1999-04-23 03:21 - 00142848 _____ () C:\Windows\system32\ShellExt\Cryptext.dll
2011-06-26 09:18 - 2011-06-26 09:18 - 00006144 _____ () C:\Users\Otakar Vavrečka\AppData\Local\temp\rad682F1.tmp\bin\Gadget.Interop.dll
2013-12-25 08:41 - 2011-06-26 09:18 - 01259008 _____ () C:\Users\Otakar Vavrečka\AppData\Local\temp\rad0FE18.tmp\bin\x86\sharpwrapi_Win32.dll
2012-08-30 12:39 - 2013-01-29 18:45 - 00112128 _____ () C:\Program Files\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-01-10 19:20 - 2012-04-16 16:35 - 00818712 _____ () C:\Program Files\Seznam.cz\bin\email.4.dll
2012-01-10 19:20 - 2012-04-16 16:35 - 01152024 _____ () C:\Program Files\Seznam.cz\bin\core.4.dll
2013-12-20 08:48 - 2013-12-20 08:48 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-10 23:31 - 2013-12-10 23:31 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/24/2013 01:16:06 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/22/2013 05:59:06 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/20/2013 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy H:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (12/17/2013 05:21:53 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 25.0.1.5064, časové razítko: 0x5282f204
Název chybujícího modulu: xul.dll, verze: 25.0.1.5064, časové razítko: 0x5282f10e
Kód výjimky: 0xc0000005
Posun chyby: 0x00118f87
ID chybujícího procesu: 0x13a8
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (12/11/2013 08:23:31 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 25.0.1.5064, časové razítko: 0x5282f204
Název chybujícího modulu: xul.dll, verze: 25.0.1.5064, časové razítko: 0x5282f10e
Kód výjimky: 0xc0000005
Posun chyby: 0x00118f87
ID chybujícího procesu: 0x167c
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (12/10/2013 11:37:52 PM) (Source: Application Hang) (User: )
Description: Program firefox.exe verze 25.0.1.5064 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 3d8

Čas spuštění: 01cef57fd02eeefc

Čas ukončení: 78

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: ae839332-61eb-11e3-9c59-00271361010a

Error: (12/09/2013 05:05:02 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 25.0.1.5064, časové razítko: 0x5282f204
Název chybujícího modulu: xul.dll, verze: 25.0.1.5064, časové razítko: 0x5282f10e
Kód výjimky: 0xc0000005
Posun chyby: 0x00118f87
ID chybujícího procesu: 0x148c
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (12/05/2013 07:35:43 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: Skype.exe, verze: 6.11.0.102, časové razítko: 0x5284fb74
Název chybujícího modulu: Skype.exe, verze: 6.11.0.102, časové razítko: 0x5284fb74
Kód výjimky: 0xc0000005
Posun chyby: 0x00212433
ID chybujícího procesu: 0x1660
Čas spuštění chybující aplikace: 0xSkype.exe0
Cesta k chybující aplikaci: Skype.exe1
Cesta k chybujícímu modulu: Skype.exe2
ID zprávy: Skype.exe3

Error: (11/20/2013 07:00:02 PM) (Source: Windows Backup) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy H:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (11/20/2013 07:33:47 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 25.0.1.5064, časové razítko: 0x5282f204
Název chybujícího modulu: xul.dll, verze: 25.0.1.5064, časové razítko: 0x5282f10e
Kód výjimky: 0xc0000005
Posun chyby: 0x00118f87
ID chybujícího procesu: 0x16f0
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

System errors:
=============
Error: (12/25/2013 00:35:18 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (12/25/2013 08:40:21 AM) (Source: Service Control Manager) (User: )
Description: Služba MLPTDR_N závisí na skupině Parallel arbitrator a žádný člen této skupiny nebyl spuštěn.

Error: (12/25/2013 08:40:18 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (12/25/2013 08:40:18 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (12/25/2013 08:21:43 AM) (Source: Service Control Manager) (User: )
Description: Služba MLPTDR_N závisí na skupině Parallel arbitrator a žádný člen této skupiny nebyl spuštěn.

Error: (12/25/2013 08:21:40 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (12/25/2013 08:21:40 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (12/24/2013 10:04:44 PM) (Source: Service Control Manager) (User: )
Description: Služba MLPTDR_N závisí na skupině Parallel arbitrator a žádný člen této skupiny nebyl spuštěn.

Error: (12/24/2013 10:04:40 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (12/24/2013 10:04:40 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Microsoft Office Sessions:
=========================
Error: (12/24/2013 01:16:06 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"I:\HitmanPro_x64.exe

Error: (12/22/2013 05:59:06 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"H:\HitmanPro_x64.exe

Error: (12/20/2013 07:00:02 PM) (Source: Windows Backup)(User: )
Description: H:\Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006)

Error: (12/17/2013 05:21:53 PM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f8713a801cefb420de746e5C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll56bbdfbb-6737-11e3-9f38-00271361010a

Error: (12/11/2013 08:23:31 AM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f87167c01cef64097a3cffeC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll22a3d18a-6235-11e3-9b71-00271361010a

Error: (12/10/2013 11:37:52 PM) (Source: Application Hang)(User: )
Description: firefox.exe25.0.1.50643d801cef57fd02eeefc78C:\Program Files\Mozilla Firefox\firefox.exeae839332-61eb-11e3-9c59-00271361010a

Error: (12/09/2013 05:05:02 PM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f87148c01cef4f3d3042552C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dlla8c6ace9-60eb-11e3-92f5-00271361010a

Error: (12/05/2013 07:35:43 PM) (Source: Application Error)(User: )
Description: Skype.exe6.11.0.1025284fb74Skype.exe6.11.0.1025284fb74c000000500212433166001cef1d3ebeb41bbC:\Program Files\Skype\Phone\Skype.exeC:\Program Files\Skype\Phone\Skype.exe0bd9ca4b-5ddc-11e3-9abe-00271361010a

Error: (11/20/2013 07:00:02 PM) (Source: Windows Backup)(User: )
Description: H:\Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006)

Error: (11/20/2013 07:33:47 AM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f8716f001cee5ba3c60f3abC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dllb55242f5-51ad-11e3-a03d-00271361010a

==================== Memory info ===========================

Percentage of memory in use: 52%
Total physical RAM: 3066.27 MB
Available physical RAM: 1448.95 MB
Total Pagefile: 6130.82 MB
Available Pagefile: 4398.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:154.29 GB) (Free:8.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Nový zväzok) (Fixed) (Total:126.51 GB) (Free:14.84 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.92 GB) FAT32
Drive g: (HP_RECOVERY) (Fixed) (Total:15 GB) (Free:1.1 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DCB86D34)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=300 MB) - (Type=42)
Partition 3: (Not Active) - (Size=154 GB) - (Type=42)
Partition 4: (Not Active) - (Size=144 GB) - (Type=42)

==================== End Of Log ============================

rakato11 · #15 Příspěvek od **rakato11** » 26 pro 2013 08:55

Vkládám novy log z FRSTLauncheru pro kontrolu.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-12-2013 01
Ran by Otakar Vavrečka (administrator) on PC-OTAKAR on 26-12-2013 08:42:27
Running from C:\Users\Otakar Vavrečka\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(LSI Corporation) C:\Program Files\LSI SoftModem\agrsmsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Seagull Scientific, Inc.) C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
() C:\SCANJET\PrecisionScanLT\hppwrsav.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Seznam.cz\bin\postak.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Baptiste Girod) C:\Users\Otakar Vavrečka\Desktop\Gmail Notifier Plus.exe
(Alexander Nikiforov) C:\Program Files\MP3 Skype Recorder\MP3 Skype Recorder.exe
(Seagull Scientific, Inc.) C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hppwrsav] - C:\SCANJET\PrecisionScanLT\hppwrsav.exe [23552 1999-06-07] ()
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5078504 2013-03-21] (ESET)
HKCU\...\Run: [Seznam Postak] - C:\Program Files\Seznam.cz\bin\postak.exe [491040 2012-01-10] ()

==================== Internet (Whitelisted) ====================

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\MP3 Skype Recorder\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Otakar Vavrečka\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DownloadHelper - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Seznam lištička - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Adblock Plus - C:\Users\Otakar Vavrečka\AppData\Roaming\Mozilla\Firefox\Profiles\fslv0uhv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Search
CHR DefaultSearchURL: http://www.google.com
CHR Extension: (Google Docs) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Freemake Video Downloader) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf\1.0.0_0
CHR Extension: (Google Search) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh\1.0.0_0
CHR Extension: (avast! Online Security) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.6_0
CHR Extension: (Freemake Video Converter) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0
CHR Extension: (IMPI) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeinlpefandfngbdmdgjgepebkjap\2.0.0.429_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\Users\Otakar Vavrečka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Otakar Vavrečka\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx

========================== Services (Whitelisted) =================

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [26112 2009-12-03] (LSI Corporation)
R2 BarTender System Service; C:\Program Files\Seagull\BarTender Suite\BtSystem.Service.exe [36432 2013-08-07] (Seagull Scientific, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664 2013-03-21] (ESET)
R2 Maestro; C:\Program Files\Seagull\BarTender Suite\Maestro.Service.exe [232528 2013-08-07] (Seagull Scientific, Inc.)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

==================== Drivers (Whitelisted) ====================

R3 5U876UVC; C:\Windows\System32\DRIVERS\5U876.sys [114688 2009-11-13] (Ricoh co.,Ltd.)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [171680 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [122240 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [150080 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [46056 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [47568 2013-02-14] (ESET)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()
S2 MLPTDR_N; C:\Windows\system32\MLPTDR_N.SYS [18848 2003-07-19] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S2 PPSCAN; C:\Windows\System32\Drivers\PPSCAN.sys [91520 2002-03-29] (Hewlett-Packard Co.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2013-06-03] (Corel Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-10-10] ()
S3 StarOpen; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-26 08:34 - 2013-12-26 08:34 - 00112107 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\VerzeOS.exe
2013-12-25 12:40 - 2013-12-25 12:41 - 00023183 _____ C:\Users\Otakar Vavrečka\Desktop\Addition.txt
2013-12-25 12:39 - 2013-12-26 08:43 - 00011978 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2013-12-25 08:36 - 2013-12-25 08:36 - 00029696 _____ C:\Users\Otakar Vavrečka\AppData\Local\MSGBOX.EXE
2013-12-25 08:36 - 2013-12-25 08:36 - 00015327 _____ C:\Users\Otakar Vavrečka\Desktop\LM.bat
2013-12-24 22:02 - 2013-12-24 22:20 - 00000000 ____D C:\AdwCleaner
2013-12-24 22:01 - 2013-12-24 22:01 - 01233962 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
2013-12-23 08:03 - 2013-12-26 08:35 - 00006783 _____ C:\Users\Otakar Vavrečka\Desktop\Addition.rar
2013-12-23 07:56 - 2013-12-25 08:41 - 00000000 ____D C:\FRST
2013-12-23 07:49 - 2013-12-23 07:49 - 00112640 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe
2013-12-23 07:48 - 2013-12-23 07:48 - 01061231 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2013-12-22 17:37 - 2013-12-22 17:37 - 00029336 _____ C:\Windows\system32\HitmanPro_20131222_1737.log
2013-12-21 23:45 - 2013-12-21 23:45 - 00011023 _____ C:\Users\Otakar Vavrečka\Desktop\Vložení odkodovacích klíčů.odt
2013-12-20 08:48 - 2013-12-20 08:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-11 19:54 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:54 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:53 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 19:53 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 19:53 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-11 19:53 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-11 19:53 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-12-11 19:42 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:42 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:42 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:42 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:42 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:41 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:41 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:41 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:41 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:41 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:41 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:41 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:41 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:41 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:41 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:41 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:41 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:41 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:41 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 19:36 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 19:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 19:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 19:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 19:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 19:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 19:36 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 19:36 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 19:46 - 2013-12-08 19:46 - 105093694 _____ C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom-rar.axx
2013-12-08 19:34 - 2013-12-08 19:34 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom
2013-12-07 08:24 - 2013-12-07 20:06 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Skylink karta

==================== One Month Modified Files and Folders =======

2013-12-26 08:43 - 2013-12-25 12:39 - 00011978 _____ C:\Users\Otakar Vavrečka\Desktop\FRST.txt
2013-12-26 08:35 - 2013-12-23 08:03 - 00006783 _____ C:\Users\Otakar Vavrečka\Desktop\Addition.rar
2013-12-26 08:34 - 2013-12-26 08:34 - 00112107 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\VerzeOS.exe
2013-12-26 08:04 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 08:04 - 2009-07-14 05:34 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 07:58 - 2011-02-22 14:31 - 01434739 _____ C:\Windows\WindowsUpdate.log
2013-12-26 07:57 - 2013-09-26 11:51 - 00016328 _____ C:\Windows\setupact.log
2013-12-26 07:57 - 2011-05-21 07:43 - 00000039 _____ C:\Windows\VTWAIN.INI
2013-12-26 07:57 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-26 00:27 - 2011-02-22 23:03 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Skype
2013-12-25 12:41 - 2013-12-25 12:40 - 00023183 _____ C:\Users\Otakar Vavrečka\Desktop\Addition.txt
2013-12-25 09:36 - 2011-02-22 14:51 - 01594916 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-25 09:35 - 2013-04-10 07:18 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\vlc
2013-12-25 08:41 - 2013-12-23 07:56 - 00000000 ____D C:\FRST
2013-12-25 08:36 - 2013-12-25 08:36 - 00029696 _____ C:\Users\Otakar Vavrečka\AppData\Local\MSGBOX.EXE
2013-12-25 08:36 - 2013-12-25 08:36 - 00015327 _____ C:\Users\Otakar Vavrečka\Desktop\LM.bat
2013-12-24 22:20 - 2013-12-24 22:02 - 00000000 ____D C:\AdwCleaner
2013-12-24 22:03 - 2013-01-17 06:29 - 00000000 ____D C:\Program Files\Uniblue
2013-12-24 22:01 - 2013-12-24 22:01 - 01233962 _____ C:\Users\Otakar Vavrečka\Desktop\adwcleaner.exe
2013-12-24 20:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-23 07:49 - 2013-12-23 07:49 - 00112640 _____ (forum.viry.cz) C:\Users\Otakar Vavrečka\Desktop\FRSTLauncher.exe
2013-12-23 07:48 - 2013-12-23 07:48 - 01061231 _____ (Farbar) C:\Users\Otakar Vavrečka\Desktop\FRST.exe
2013-12-22 17:37 - 2013-12-22 17:37 - 00029336 _____ C:\Windows\system32\HitmanPro_20131222_1737.log
2013-12-22 15:29 - 2012-01-12 08:08 - 00000000 ____D C:\Shoty
2013-12-21 23:45 - 2013-12-21 23:45 - 00011023 _____ C:\Users\Otakar Vavrečka\Desktop\Vložení odkodovacích klíčů.odt
2013-12-20 17:24 - 2012-05-03 12:42 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 08:48 - 2013-12-20 08:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-19 13:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-19 11:11 - 2013-08-20 08:42 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-12-19 10:38 - 2013-09-26 09:06 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Složky
2013-12-12 08:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-11 19:45 - 2009-07-14 05:33 - 00313056 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-11 19:41 - 2013-08-14 06:58 - 00000000 ____D C:\Windows\system32\MRT
2013-12-11 19:37 - 2011-02-23 08:18 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-10 23:31 - 2012-04-03 10:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-10 23:31 - 2011-05-18 11:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-08 19:46 - 2013-12-08 19:46 - 105093694 _____ C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom-rar.axx
2013-12-08 19:34 - 2013-12-08 19:34 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Leuška se sáňkuje na Čiernom
2013-12-07 20:06 - 2013-12-07 08:24 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Skylink karta
2013-12-06 05:33 - 2011-02-22 16:02 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-03 23:55 - 2013-06-21 14:27 - 00000000 ____D C:\Users\Otakar Vavrečka\AppData\Roaming\Audacity
2013-12-02 19:36 - 2012-03-07 11:43 - 00012800 _____ C:\Users\Otakar Vavrečka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-29 08:43 - 2009-07-14 05:53 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-26 12:25 - 2011-02-22 15:10 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-26 11:11 - 2013-12-11 19:41 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 10:23 - 2013-12-11 19:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 10:22 - 2013-12-11 19:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 09:53 - 2013-12-11 19:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 09:52 - 2013-12-11 19:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 09:38 - 2013-12-11 19:42 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 09:38 - 2013-12-11 19:41 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 09:36 - 2013-12-11 19:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 09:32 - 2013-12-11 19:42 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 09:29 - 2013-12-11 19:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 09:29 - 2013-12-11 19:41 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 09:28 - 2013-12-11 19:41 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:16 - 2013-12-11 19:41 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:13 - 2013-12-11 19:42 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:11 - 2013-11-20 08:14 - 00000000 ____D C:\Users\Otakar Vavrečka\Desktop\Fotky svatba
2013-11-26 08:32 - 2013-12-11 19:41 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:26 - 2013-12-11 19:41 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 07:34 - 2013-12-11 19:41 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:33 - 2013-12-11 19:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:27 - 2013-12-11 19:41 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

Some content of TEMP:
====================
C:\Users\Otakar Vavrečka\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-20 09:58

==================== End Of Log ============================

VIRY.CZ

Zablokovaný prohlížeč

Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč

Re: Zablokovaný prohlížeč