Prosím o kontrolu logu

[libork]

Dobrý den, prosím o kontrolu logu. Při ptevření internetových stránek vyskakuje jakási reklama.
Děkuju

info.txt logfile of random's system information tool 1.09 2014-04-12 08:09:17

======Uninstall list======

-->C:\PROGRA~2\INSTAL~1\{0DD95~1\Setup.exe /remove /q0
-->C:\PROGRA~2\INSTAL~1\{2B20C~1\Setup.exe /remove /q0
-->C:\PROGRA~2\INSTAL~1\{67EF3~1\Setup.exe /remove /q0
ABBYY FineReader 9.0 Sprint-->MsiExec.exe /I {F9000000-0018-0000-0000-074957833700}
ABBYY FineReader 9.0 Sprint-->MsiExec.exe /X{F9000000-0018-0000-0000-074957833700}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 12 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe -maintain activex
Adobe Flash Player 12 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe -maintain plugin
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader X (10.1.6) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Any Video Converter 3.3.5-->"C:\Program Files\AnvSoft\Any Video Converter\unins000.exe"
Bing Bar-->MsiExec.exe /X{D322A9E3-758B-4D60-A7C4-65C88FD378D0}
Canon ScanGear Starter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}\SETUP.EXE" -l0x9 anything
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Download Navigator-->MsiExec.exe /X{D0353B68-A142-4F89-A46E-1C9A7745D636}
Epson Easy Photo Print 2-->"C:\Program Files\InstallShield Installation Information\{30E01116-5666-4807-8EF1-D80E9FF16717}\SETUP.EXE" -runfromtemp -l0x0409 UNINST -removeonly
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)-->"C:\Program Files\InstallShield Installation Information\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}\setup.exe" -runfromtemp -l0x0409 -removeonly
Epson Event Manager-->MsiExec.exe /X{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
EPSON XP-202 203 206 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSIME.EXE /R /APD /P:"EPSON XP-202 203 206 Series"
EpsonNet Print-->C:\Program Files\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe -runfromtemp -l0x0009 -EPSON -removeonly
Google Earth-->MsiExec.exe /X{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\33.0.1750.154\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_8CA8B41417E66DEB.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
LibreOffice 4.1.1.2-->MsiExec.exe /I{F1EE568A-171F-4C06-9BE6-2395BED067A3}
Logitech Vid HD-->C:\Program Files\Logitech\Vid HD\uninst.exe
Logitech Webcam Software-->MsiExec.exe /I{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{B44F3823-52DD-45CA-A916-8B320778715D}
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{17CA32D1-73BD-4990-B8F6-369D8D34B05D}
Microsoft Office 365 - cs-cz-->"C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe" scenario=install baseurl="C:\Program Files\Microsoft Office 15" platform=x86 version=15.0.4605.1003 culture=cs-cz productstoremove=O365HomePremRetail_cs-cz_x-none
Microsoft PowerPoint Viewer-->MsiExec.exe /X{95140000-00AF-0405-0000-0000000FF1CE}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}
Microsoft Security Client-->MsiExec.exe /X{36A345C9-0691-45A1-AEEF-29ECEC8B5014}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox 28.0 (x86 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwu.dll,WuUninstall
Office 15 Click-to-Run Extensibility Component-->MsiExec.exe /X{90150000-008C-0000-0000-0000000FF1CE}
Office 15 Click-to-Run Licensing Component-->MsiExec.exe /I{90150000-007E-0000-0000-0000000FF1CE}
Office 15 Click-to-Run Localization Component-->MsiExec.exe /X{90150000-008C-0405-0000-0000000FF1CE}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
PDF Architect-->MsiExec.exe /I{80A07844-CA64-4DE4-AB61-D37DDBE8074F}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
PdfConvertor-->"C:\Program Files\PdfConvertor\unins000.exe"
PDFCreator-->C:\Program Files\PDFCreator\unins000.exe
Příručka pro síť EPSON XP-202 203 206 Series-->"C:\Program Files\Epson Software\Epson Manual\EPSON XP-202 203 206 Series\cs\Netg\DocUnins.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 6.11-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
SNT-->"C:\ProgramData\SNT\salN7Kbcllt.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""
Sonic Foundry ACID Pro 3.0 Crack-->C:\Windows\ACID3C~1\UNWISE.EXE C:\Windows\ACID3C~1\INSTALL.LOG
Sonic Foundry ACID Pro 3.0-->MsiExec.exe /I{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Steinberg Cubase VST32-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51-->"C:\Program Files\eRightSoft\SUPER\unins000.exe"
SW_Booster-->"c:\programdata\greenapp\sw_booster\sw_booster.exe" /uninstall
SW_Sustainer 1.80-->"C:\Windows\system32\RUNDLL32.EXE" "C:\PROGRA~1\SW_BOO~1\ASSIST~1.DLL",_uninstall /un
Uživatelská příručka EPSON XP-202 203 206 Series-->"C:\Program Files\Epson Software\Epson Manual\EPSON XP-202 203 206 Series\cs\Useg\DocUnins.exe"
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Family Safety-->MsiExec.exe /I{28A25E3A-2855-4A39-B72B-50BF80FB86C5}
Windows Live Family Safety-->MsiExec.exe /X{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live Messenger-->MsiExec.exe /X{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{454F5782-A4C3-480E-A629-D435795DEFD8}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{0891B708-EF3F-4D7E-9724-265245F46276}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
WinRAR 4.20 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
WinZip 17.5-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}
YoutubeAdblocker-->"C:\ProgramData\YoutubeAdblocker\ssHA9qKOutF.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""

======System event log======

Computer Name: Libor-PC
Event Code: 20010
Message: Došlo ke změně jednoho nebo více podsystémů služby Plug and Play.

Povolený instalační podsystém služby PlugPlay: 'false'
Povolený podsystém mezipaměti služby PlugPlay: 'false'

Record Number: 319970
Source Name: Microsoft-Windows-UserPnp
Time Written: 20131208122626.090515-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Libor-PC
Event Code: 7036
Message: Stav služby Protokol PNRP (Peer Name Resolution Protocol) byl změněn na: Zastaveno
Record Number: 319969
Source Name: Service Control Manager
Time Written: 20131208122626.090515-000
Event Type: Informace
User:

Computer Name: Libor-PC
Event Code: 7036
Message: Stav služby Seskupování v sítích peer-to-peer byl změněn na: Zastaveno
Record Number: 319968
Source Name: Service Control Manager
Time Written: 20131208122626.028115-000
Event Type: Informace
User:

Computer Name: Libor-PC
Event Code: 7036
Message: Stav služby Správce identit sítě rovnocenných počítačů byl změněn na: Zastaveno
Record Number: 319967
Source Name: Service Control Manager
Time Written: 20131208122625.965715-000
Event Type: Informace
User:

Computer Name: Libor-PC
Event Code: 7036
Message: Stav služby Hostitel diagnostické služby byl změněn na: Zastaveno
Record Number: 319966
Source Name: Service Control Manager
Time Written: 20131208122625.950115-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: Libor-PC
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.


Record Number: 84707
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20130913222519.859733-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Libor-PC
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 84706
Source Name: Microsoft-Windows-Winlogon
Time Written: 20130913222248.000000-000
Event Type: Informace
User:

Computer Name: Libor-PC
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0x40010004).
Record Number: 84705
Source Name: Desktop Window Manager
Time Written: 20130913222204.000000-000
Event Type: Informace
User:

Computer Name: Libor-PC
Event Code: 1001
Message: Chybný blok 3805303143, typ 5
Název události: MpTelemetry
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
P2: 4.2.223.0
P3: TimeOut
P4: 1.1.9800.0
P5: fixed
P6: 2 / 2048
P7: 5 / not boot
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\MPInstrumentation\client_manifest.txt

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Microsoft Securi_f9f11a47175f419e7641d6854d926449f0777a_cab_03017179

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: a42ef139-1cc2-11e3-b433-5404a6627f89
Stav hlášení: 0
Record Number: 84704
Source Name: Windows Error Reporting
Time Written: 20130913222151.000000-000
Event Type: Informace
User:

Computer Name: Libor-PC
Event Code: 1001
Message: Chybný blok , typ 0
Název události: MpTelemetry
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: Microsoft Security Essentials (EDB4FA23-53B8-4AFA-8C5D-99752CCA7094)
P2: 4.2.223.0
P3: TimeOut
P4: 1.1.9800.0
P5: fixed
P6: 2 / 2048
P7: 5 / not boot
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\MPInstrumentation\client_manifest.txt

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_Microsoft Securi_f9f11a47175f419e7641d6854d926449f0777a_cab_03017179

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: a42ef139-1cc2-11e3-b433-5404a6627f89
Stav hlášení: 4
Record Number: 84703
Source Name: Windows Error Reporting
Time Written: 20130913222023.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Libor-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 62408
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130913222140.242548-000
Event Type: Úspěšný audit
User:

Computer Name: Libor-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LIBOR-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x23c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 62407
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130913222140.242548-000
Event Type: Úspěšný audit
User:

Computer Name: Libor-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 62406
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130913221508.294448-000
Event Type: Úspěšný audit
User:

Computer Name: Libor-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: LIBOR-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x23c
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 62405
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130913221508.294448-000
Event Type: Úspěšný audit
User:

Computer Name: Libor-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-726496295-2317986126-1619368687-1000
Název účtu: Libor
Název domény: Libor-PC
ID přihlášení: 0x22130
Record Number: 62404
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130913215624.787148-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
"SERINUMB"=DC110710
"WBSET"=Done

-----------------EOF-----------------

[vyosek]

Zdravim

Dejte i druhy log s nazvem log.txt, najdete jej v c:\rsit

[libork]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Libor at 2014-04-12 08:08:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 332 GB (71%) free of 469 GB
Total RAM: 2013 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:09:14, on 12.4.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIME.EXE
C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Libor\Downloads\RSIT.exe
C:\Program Files\trend micro\Libor.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.amaizingsearches.info/ ... Z&unqvl=51
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: SNT - {87224A78-7D2B-B226-FAD9-9B0EA3F676B2} - C:\Program Files\SNT\aihJFO8704.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: YoutubeAdblocker - {EF47EDC1-2604-9048-57BF-D93A0B00C6F9} - C:\Program Files\YoutubeAdblocker\m_u5_OUQNB.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-202 203 206 Series"
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LiveSupport] "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\sw_boo~1\assist~1.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 9311 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SW_Booster-S-1278479691.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://websearch.amaizingsearches.info/ ... =51&l=1&q="

"FFPDFArchitectConverter@pdfarchitect.com"=C:\Program Files\PDF Architect\FFPDFArchitectExt


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\extensions\
agvqo9@zlag-.org
g2a2nf@ieoeki.com
tzzbndcoqr@tmsh-bvpmg.org
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\searchplugins\
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files\PDF Architect\PDFIEHelper.dll [2013-01-09 92232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2}]
SNT - C:\Program Files\SNT\aihJFO8704.dll [2014-04-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 319488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-29 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-04-08 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF47EDC1-2604-9048-57BF-D93A0B00C6F9}]
YoutubeAdblocker - C:\Program Files\YoutubeAdblocker\m_u5_OUQNB.dll [2013-04-07 423936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-29 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-10 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-10 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-10 170520]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-07-07 10754664]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 951576]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [2012-02-29 249440]
"cz.seznam.software.szndesktop"=C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-12-12 39408]
"LiveSupport"=C:\Program Files\LiveSupport\LiveSupport.exe /noshow /log []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" c:\progra~1\sw_boo~1\assist~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-29 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=i420vfw.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.yv12"=yv12vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-12 08:08:42 ----D---- C:\rsit
2014-04-10 17:52:00 ----A---- C:\Windows\system32\iologmsg.dll
2014-04-10 17:52:00 ----A---- C:\Windows\system32\drivers\storport.sys
2014-04-10 17:52:00 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-04-10 17:52:00 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-04-10 17:51:57 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-04-10 17:51:56 ----A---- C:\Windows\system32\kernel32.dll
2014-04-10 17:51:55 ----A---- C:\Windows\system32\mshtml.dll
2014-04-07 10:16:29 ----A---- C:\Users\Libor\AppData\Roaming\LiveSupport.exe_log.txt
2014-04-07 10:16:28 ----A---- C:\Users\Libor\AppData\Roaming\regsvr32.exe_log.txt
2014-04-07 10:16:07 ----D---- C:\Users\Libor\AppData\Roaming\SkypEmoticons
2014-04-07 10:15:30 ----D---- C:\Program Files\SW_Booster
2014-04-07 10:15:04 ----D---- C:\ProgramData\YoutubeAdblocker
2014-04-07 10:15:03 ----D---- C:\Program Files\YoutubeAdblocker
2014-04-07 10:14:55 ----D---- C:\ProgramData\sAfeweeB
2014-04-07 10:14:55 ----D---- C:\Program Files\sAfeweeB
2014-04-07 10:14:43 ----D---- C:\ProgramData\SNT
2014-04-07 10:14:43 ----D---- C:\ProgramData\ffc528956dd39ef7
2014-04-07 10:14:42 ----D---- C:\Program Files\SNT
2014-04-07 10:12:33 ----D---- C:\ProgramData\GreenApp

======List of files/folders modified in the last 1 month======

2014-04-12 08:08:53 ----D---- C:\Windows\Prefetch
2014-04-12 08:08:44 ----D---- C:\Program Files\trend micro
2014-04-12 08:06:44 ----D---- C:\Windows\Temp
2014-04-12 08:06:44 ----D---- C:\Windows
2014-04-12 06:53:53 ----D---- C:\Windows\system32\config
2014-04-12 06:37:51 ----D---- C:\Windows\System32
2014-04-12 06:37:51 ----D---- C:\Windows\inf
2014-04-12 06:37:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-12 06:36:47 ----D---- C:\Users\Libor\AppData\Roaming\Seznam.cz
2014-04-12 06:32:43 ----D---- C:\Windows\system32\FxsTmp
2014-04-11 07:03:38 ----D---- C:\Windows\debug
2014-04-11 06:29:37 ----D---- C:\Windows\system32\drivers
2014-04-11 06:18:15 ----D---- C:\Windows\winsxs
2014-04-11 06:16:49 ----D---- C:\Windows\system32\cs-CZ
2014-04-11 06:16:47 ----D---- C:\Windows\system32\DriverStore
2014-04-10 18:02:44 ----SHD---- C:\Windows\Installer
2014-04-10 18:01:01 ----D---- C:\Windows\system32\MRT
2014-04-10 18:00:58 ----A---- C:\Windows\system32\MRT.exe
2014-04-10 18:00:30 ----SHD---- C:\System Volume Information
2014-04-10 17:51:50 ----D---- C:\Windows\system32\catroot2
2014-04-10 17:51:50 ----D---- C:\Windows\system32\catroot
2014-04-08 20:28:28 ----D---- C:\Windows\Microsoft.NET
2014-04-08 20:27:39 ----RSD---- C:\Windows\assembly
2014-04-08 20:17:29 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-04-08 20:15:34 ----D---- C:\Program Files\Microsoft Office 15
2014-04-08 06:36:30 ----RD---- C:\Program Files
2014-04-07 10:16:07 ----D---- C:\ProgramData\InstallMate
2014-04-07 10:15:36 ----D---- C:\Windows\Tasks
2014-04-07 10:15:36 ----D---- C:\Windows\system32\Tasks
2014-04-07 10:15:04 ----HD---- C:\ProgramData
2014-04-07 10:14:41 ----RD---- C:\Users
2014-04-03 07:50:30 ----D---- C:\Program Files\Microsoft Security Client
2014-03-29 13:06:18 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-03-29 10:23:01 ----D---- C:\Program Files\Mozilla Firefox
2014-03-26 08:56:04 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 231960]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-07-29 9023488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-07-07 3531176]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2011-08-11 88176]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2011-08-17 137472]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 280f2936;SW_Sustainer; c:\progra~1\sw_boo~1\AssistantSvc.dll [2014-04-07 174928]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2014-03-30 1520824]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [2012-02-21 142432]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2011-12-12 122000]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 22216]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-02 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12 257928]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-02 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-05-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-01 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-03-29 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-08-20 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-08-20 4846168]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

[vyosek]

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[libork]

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Libor on so 12.04.2014 at 9:43:01,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Libor\AppData\Roaming\mozilla\firefox\profiles\cozz22r6.default\prefs.js

user_pref("extensions.VxN0obcJUOJZ.url", "hxxp://getsync.info/sync2/?q=hfZ9ofV9CShEAen0rjs6rGhTB6lKDzt4okqAtNtVh7n0rjnEqda6rdYFqdk8tMFHhd9Fqda9rjsEqdrFrHwMDMlGojUMAe4Uojs6qTw9



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 12.04.2014 at 9:47:48,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.009 - Report created 20/10/2013 at 20:32:34
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\ProgramData\DSearchLink
Folder Found C:\Users\Libor\AppData\Roaming\SpeedAnalysis3

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : icon_url
Found : search_url
Found : keyword

*************************

AdwCleaner[R1].txt - [2094 octets] - [20/10/2013 20:32:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2154 octets] ##########

# AdwCleaner v3.023 - Report created 12/04/2014 at 09:33:07
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Downloads\adwcleaner(1).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Users\Libor\AppData\Local\torch
Folder Found C:\Users\Libor\AppData\Roaming\SkypEmoticons
Folder Found C:\Users\Libor\AppData\Roaming\Solvusoft

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Found : user_pref("browser.search.defaulturl", "hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/07&hid=7926011461526132113&lg=EN&cc=CZ&unqvl=51&l=1&q=");
Line Found : user_pref("browser.search.order.1", "WebSearch");
Line Found : user_pref("browser.search.order.1,S", "WebSearch");
Line Found : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Found : user_pref("extensions.20zFRZs962LZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Line Found : user_pref("extensions.VxN0obcJUOJZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Line Found : user_pref("extensions.bdYp61.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumo[...]
Line Found : user_pref("keyword.URL", "hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/07&hid=7926011461526132113&lg=EN&cc=CZ&unqvl=51&l=1&q=");

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : icon_url
Found : search_url
Found : keyword

*************************

AdwCleaner[R1].txt - [2234 octets] - [20/10/2013 20:32:34]
AdwCleaner[R2].txt - [3042 octets] - [12/04/2014 09:33:07]
AdwCleaner[S1].txt - [2333 octets] - [20/10/2013 20:33:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3162 octets] ##########

# AdwCleaner v3.009 - Report created 20/10/2013 at 20:33:31
# Updated 19/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\Users\Libor\AppData\Roaming\SpeedAnalysis3

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7825CFB6-490A-436B-9F26-4A7B5CFC01A9}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R1].txt - [2234 octets] - [20/10/2013 20:32:34]
AdwCleaner[S1].txt - [2193 octets] - [20/10/2013 20:33:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2253 octets] ##########

# AdwCleaner v3.023 - Report created 12/04/2014 at 09:33:51
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Libor\AppData\Local\torch
Folder Deleted : C:\Users\Libor\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\Libor\AppData\Roaming\Solvusoft

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (cs)

[ File : C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/07&hid=7926011461526132113&lg=EN&cc=CZ&unqvl=51&l=1&q=");
Line Deleted : user_pref("browser.search.order.1", "WebSearch");
Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
Line Deleted : user_pref("extensions.20zFRZs962LZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Line Deleted : user_pref("extensions.VxN0obcJUOJZ.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Line Deleted : user_pref("extensions.bdYp61.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("keyword.URL", "hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/07&hid=7926011461526132113&lg=EN&cc=CZ&unqvl=51&l=1&q=");

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R1].txt - [2234 octets] - [20/10/2013 20:32:34]
AdwCleaner[R2].txt - [3242 octets] - [12/04/2014 09:33:07]
AdwCleaner[S1].txt - [2333 octets] - [20/10/2013 20:33:31]
AdwCleaner[S2].txt - [3217 octets] - [12/04/2014 09:33:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [3277 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[libork]

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Libor on so 12.04.2014 at 10:05:30,96.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Libor\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.4.2014 10:07:16 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2} deleted successfully
HKEY_USERS\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default

user.js not found
---- Lines SpeedAnalysis removed from prefs.js ----
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.id", "\"5f3a61fb-b68e-0328-fa17-6350fdc157da\"");
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.mzID", "81");
user_pref("extensions.speedanalysis03@SpeedAnalysis.com.uuid", "\"89ab1bfd-1cb5-11e3-8099-0025901ef77c\"");
---- Lines extensions.20zFRZs962LZ removed from prefs.js ----
user_pref("extensions.20zFRZs962LZ.epoch", "1397363530");
user_pref("extensions.20zFRZs962LZ.url", "http://groupstyleusa.info/sync2/?q=hfZ9 ... Hhd9Fqda9r
---- Lines extensions.VxN0obcJUOJZ removed from prefs.js ----
user_pref("extensions.VxN0obcJUOJZ.epoch", "1397363529");
---- Lines extensions.bdYp61 removed from prefs.js ----
user_pref("extensions.bdYp61.epoch", "1397363529");
user_pref("extensions.bdYp61.url", "http://solutionprojob.info/sync2/?q=hfZ ... rjnEqdwGrd
---- Lines FFPDFArchitectConverter@pdfarchitect.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"FFPDFArchitectConverter@pdfarchitect.com\":{\"descriptor\":\"C:\\
---- FireFox user.js and prefs.js backups ----

prefs_12.04.2014_1018_.backup

==== Deleting Files \ Folders ======================

C:\Users\Libor\AppData\LocalLow\{87224A78-7D2B-B226-FAD9-9B0EA3F676B2} deleted
C:\Users\Libor\AppData\LocalLow\{EF47EDC1-2604-9048-57BF-D93A0B00C6F9} deleted
C:\Program Files\office.tmp deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\SummerSoft deleted
C:\Users\Libor\AppData\LocalLow\searchcoreband deleted
C:\Users\Libor\AppData\LocalLow\searchcoretoolbar deleted
C:\Users\Libor\Downloads\Theme - Bonanza.exe deleted
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\extensions\agvqo9@zlag-.org deleted
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\extensions\g2a2nf@ieoeki.com deleted
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\extensions\tzzbndcoqr@tmsh-bvpmg.org deleted
"C:\PROGRA~2\ffc528956dd39ef7\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~2\ffc528956dd39ef7\{497C131E-2032-051B-B32A-C69A960FBB13}" deleted
"C:\PROGRA~2\ffc528956dd39ef7\{497C131E-2032-051B-B32A-C69A960FBB13}.old" deleted
"C:\PROGRA~2\ffc528956dd39ef7\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~2\ffc528956dd39ef7\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\PROGRA~2\ffc528956dd39ef7" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
E83B541C71965CFA1DEFF846CD6E9ECD - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update
95812430959AE88CDD0301AB3A71913B - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09.10.2013 10:59]

YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Administrator\AppData\Local\Torch\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Guest\AppData\Local\Torch\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Guest\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Guest\AppData\Local\Torch\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Guest\AppData\Local\Torch\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Seznam Li\u0161ti\u010Dka - Email - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Li\u0161ti\u010Dka - Slovn\u00EDk - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Send to Kindle - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
Skype Click to Call - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Seznam Lištička - Rychlá volba - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
saffeweBB - Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm
YoutubeAdblocker - Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl
Send to Kindle - Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan
SNT - Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb
saffeweBB - Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm

==== Chrome Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\abaihkfjonfigkhnpkllddpdjmpfhmgl deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_abaihkfjonfigkhnpkllddpdjmpfhmgl_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ipkfnchcgalnafehpglfbommidgmalan_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jaojmgmgdkllakehgbnhoccccjpbahbb_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Guest\AppData\Local\Torch\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Libor\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pihopbbbkgipimbcdellgbagnohfcfbm deleted successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pihopbbbkgipimbcdellgbagnohfcfbm_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{B11F5F4A-5285-4795-906C-0CF4761EA898} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{E3472CF2-F332-4A9F-B906-F879FD3EC370} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\9f2f2010-9d30-49f9-94dc-9047e99d583e deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\d6727341-5ad1-4ef6-a6cb-c6cdf0a7c6f3 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D4857B3-9702-8464-F217-98573CE7FAD7} deleted successfully

==== Empty IE Cache ======================

C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Libor\AppData\Local\Mozilla\Firefox\Profiles\cozz22r6.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=374 folders=148 9100466 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Libor\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Libor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\jaojmgmgdkllakehgbnhoccccjpbahbb" not found

==== EOF on so 12.04.2014 at 10:26:31,59 ======================

[vyosek]

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[libork]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-04-2014
Ran by Libor (administrator) on LIBOR-PC on 12-04-2014 11:47:31
Running from C:\Users\Libor\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
(Seiko Epson Corporation) C:\Windows\system32\EscSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
() c:\programdata\greenapp\sw_booster\SW_Booster.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIME.EXE
() C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Farbar) C:\Users\Libor\Downloads\FRST (2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10754664 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-12] (Google Inc.)
AppInit_DLLs: c:\progra~1\sw_boo~1\assist~1.dll => C:\Program Files\SW_Booster\Assistant.dll [4296192 2014-04-07] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

FireFox:
========
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-08-18]

========================== Services (Whitelisted) =================

S2 280f2936; C:\Program Files\SW_Booster\AssistantSvc.dll [174928 2014-04-07] ()
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1520824 2014-03-30] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)

==================== Drivers (Whitelisted) ====================

R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 11:47 - 2014-04-12 11:47 - 01145856 _____ (Farbar) C:\Users\Libor\Downloads\FRST (2).exe
2014-04-12 11:44 - 2014-04-12 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (3).exe
2014-04-12 11:44 - 2014-04-12 11:44 - 00015327 _____ () C:\Users\Libor\Desktop\LM.bat
2014-04-12 11:18 - 2014-04-12 11:18 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (2).exe
2014-04-12 11:15 - 2014-04-12 11:15 - 01145856 _____ (Farbar) C:\Users\Libor\Downloads\FRST (1).exe
2014-04-12 11:11 - 2014-04-12 11:12 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (1).exe
2014-04-12 10:45 - 2014-04-12 11:44 - 00029696 _____ () C:\Users\Libor\AppData\Local\MSGBOX.EXE
2014-04-12 10:45 - 2014-04-12 10:45 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher.exe
2014-04-12 10:44 - 2014-04-12 10:44 - 00024982 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-12 10:43 - 2014-04-12 11:47 - 00011164 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-04-12 10:43 - 2014-04-12 11:47 - 00000000 ____D () C:\FRST
2014-04-12 10:43 - 2014-04-12 10:43 - 01145856 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2014-04-12 10:26 - 2014-04-12 10:26 - 00000328 _____ () C:\Windows\PFRO.log
2014-04-12 10:25 - 2014-04-12 10:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-12 10:06 - 2014-04-12 10:26 - 00028490 _____ () C:\zoek-results.log
2014-04-12 10:05 - 2014-04-12 10:22 - 00000000 ____D () C:\zoek_backup
2014-04-12 10:05 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek (1).exe
2014-04-12 10:04 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-04-12 09:47 - 2014-04-12 09:47 - 00000954 _____ () C:\Users\Libor\Desktop\JRT.txt
2014-04-12 09:42 - 2014-04-12 09:42 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT (1).exe
2014-04-12 09:35 - 2014-04-12 11:08 - 00000224 _____ () C:\Windows\setupact.log
2014-04-12 09:35 - 2014-04-12 09:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 09:29 - 2014-04-12 09:32 - 01426178 _____ () C:\Users\Libor\Downloads\adwcleaner(1).exe
2014-04-12 09:24 - 2014-04-12 09:24 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT.exe
2014-04-12 08:08 - 2014-04-12 09:31 - 00000000 ____D () C:\rsit
2014-04-12 08:08 - 2014-04-12 08:08 - 00781383 _____ () C:\Users\Libor\Downloads\RSIT.exe
2014-04-10 17:52 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 17:52 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 17:52 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 17:52 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 17:51 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 17:51 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 17:51 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 17:51 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 09:13 - 2014-04-09 09:13 - 00335168 _____ (SuperbApp) C:\Users\Libor\Downloads\Bonanza theme.exe
2014-04-07 10:15 - 2014-04-12 11:08 - 00000444 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
2014-04-07 10:15 - 2014-04-07 10:15 - 00000000 ____D () C:\Program Files\SW_Booster
2014-04-07 10:14 - 2014-04-09 06:48 - 00000000 ____D () C:\ProgramData\sAfeweeB
2014-04-07 10:14 - 2014-04-09 06:47 - 00000000 ____D () C:\Program Files\sAfeweeB
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Libor\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator
2014-04-07 10:12 - 2014-04-07 10:15 - 00000000 ____D () C:\ProgramData\GreenApp
2014-03-25 08:39 - 2014-03-25 09:42 - 00000000 ____D () C:\Users\Libor\Documents\Daně 2011

==================== One Month Modified Files and Folders =======

2014-04-12 11:47 - 2014-04-12 11:47 - 01145856 _____ (Farbar) C:\Users\Libor\Downloads\FRST (2).exe
2014-04-12 11:47 - 2014-04-12 10:43 - 00011164 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-04-12 11:47 - 2014-04-12 10:43 - 00000000 ____D () C:\FRST
2014-04-12 11:44 - 2014-04-12 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (3).exe
2014-04-12 11:44 - 2014-04-12 11:44 - 00015327 _____ () C:\Users\Libor\Desktop\LM.bat
2014-04-12 11:44 - 2014-04-12 10:45 - 00029696 _____ () C:\Users\Libor\AppData\Local\MSGBOX.EXE
2014-04-12 11:32 - 2013-11-29 08:15 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-12 11:29 - 2013-09-19 23:29 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-12 11:18 - 2014-04-12 11:18 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (2).exe
2014-04-12 11:15 - 2014-04-12 11:15 - 01145856 _____ (Farbar) C:\Users\Libor\Downloads\FRST (1).exe
2014-04-12 11:15 - 2009-07-14 06:34 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-12 11:15 - 2009-07-14 06:34 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-12 11:14 - 2013-03-03 16:40 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Seznam.cz
2014-04-12 11:13 - 2010-11-20 23:01 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 11:12 - 2014-04-12 11:11 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (1).exe
2014-04-12 11:12 - 2014-02-22 10:31 - 01284427 _____ () C:\Windows\WindowsUpdate.log
2014-04-12 11:08 - 2014-04-12 09:35 - 00000224 _____ () C:\Windows\setupact.log
2014-04-12 11:08 - 2014-04-07 10:15 - 00000444 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
2014-04-12 11:08 - 2013-11-29 08:15 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-12 11:08 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-12 10:45 - 2014-04-12 10:45 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher.exe
2014-04-12 10:44 - 2014-04-12 10:44 - 00024982 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-12 10:43 - 2014-04-12 10:43 - 01145856 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2014-04-12 10:26 - 2014-04-12 10:26 - 00000328 _____ () C:\Windows\PFRO.log
2014-04-12 10:26 - 2014-04-12 10:06 - 00028490 _____ () C:\zoek-results.log
2014-04-12 10:22 - 2014-04-12 10:05 - 00000000 ____D () C:\zoek_backup
2014-04-12 10:05 - 2014-04-12 10:25 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-12 10:05 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek (1).exe
2014-04-12 10:05 - 2014-04-12 10:04 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-04-12 09:53 - 2013-10-20 20:32 - 00000000 ____D () C:\AdwCleaner
2014-04-12 09:47 - 2014-04-12 09:47 - 00000954 _____ () C:\Users\Libor\Desktop\JRT.txt
2014-04-12 09:42 - 2014-04-12 09:42 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT (1).exe
2014-04-12 09:35 - 2014-04-12 09:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 09:32 - 2014-04-12 09:29 - 01426178 _____ () C:\Users\Libor\Downloads\adwcleaner(1).exe
2014-04-12 09:31 - 2014-04-12 08:08 - 00000000 ____D () C:\rsit
2014-04-12 09:24 - 2014-04-12 09:24 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT.exe
2014-04-12 08:08 - 2014-04-12 08:08 - 00781383 _____ () C:\Users\Libor\Downloads\RSIT.exe
2014-04-12 08:08 - 2013-05-04 14:16 - 00000000 ____D () C:\Program Files\trend micro
2014-04-12 08:04 - 2013-09-22 07:57 - 00016525 ____H () C:\Users\Libor\Documents\Charakteristika.odt
2014-04-12 06:41 - 2012-01-12 10:23 - 00000000 ____D () C:\Users\Libor\AppData\Local\Adobe
2014-04-12 06:32 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-11 10:53 - 2012-01-29 17:55 - 00010240 _____ () C:\Users\Libor\Documents\Sporožiro.xls
2014-04-10 18:02 - 2013-08-14 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:00 - 2012-01-02 11:51 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 09:13 - 2014-04-09 09:13 - 00335168 _____ (SuperbApp) C:\Users\Libor\Downloads\Bonanza theme.exe
2014-04-09 06:48 - 2014-04-07 10:14 - 00000000 ____D () C:\ProgramData\sAfeweeB
2014-04-09 06:47 - 2014-04-07 10:14 - 00000000 ____D () C:\Program Files\sAfeweeB
2014-04-08 22:13 - 2012-01-17 11:37 - 00000000 ____D () C:\Users\Libor\Documents\Texty Nezmaři
2014-04-08 20:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-08 20:15 - 2013-09-14 01:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-04-07 10:28 - 2013-01-20 10:08 - 00000000 ____D () C:\Users\Libor\Desktop\odkazy
2014-04-07 10:16 - 2013-04-05 10:12 - 00000000 ____D () C:\Users\Libor\AppData\Local\Mozilla
2014-04-07 10:15 - 2014-04-07 10:15 - 00000000 ____D () C:\Program Files\SW_Booster
2014-04-07 10:15 - 2014-04-07 10:12 - 00000000 ____D () C:\ProgramData\GreenApp
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Libor\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Guest
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-04-07 10:14 - 2014-04-07 10:14 - 00000000 ____D () C:\Users\Administrator
2014-04-07 10:14 - 2012-01-02 11:34 - 00000000 ____D () C:\Users\Libor\AppData\Local\Google
2014-04-06 23:20 - 2013-11-17 19:28 - 00000000 ____D () C:\Users\Libor\Desktop\tereza
2014-04-03 07:50 - 2012-01-02 11:37 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-03 07:50 - 2012-01-02 11:37 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-03-31 02:13 - 2014-04-10 17:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 17:51 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-29 21:17 - 2014-02-22 13:49 - 00000000 ____D () C:\Users\Libor\Documents\Daně 2013
2014-03-29 13:06 - 2013-05-02 07:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-29 10:23 - 2013-05-02 07:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-26 10:37 - 2012-01-18 00:19 - 00025482 _____ () C:\Users\Libor\Documents\Faktury hud.2012.xlsx
2014-03-26 08:56 - 2012-01-11 11:50 - 00000971 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-26 08:56 - 2012-01-11 11:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-25 09:42 - 2014-03-25 08:39 - 00000000 ____D () C:\Users\Libor\Documents\Daně 2011
2014-03-17 07:18 - 2009-07-14 06:53 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-15 20:30 - 2012-12-23 16:42 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-13 10:38 - 2012-04-02 07:25 - 00000000 ____D () C:\Users\Libor\Desktop\Mamka

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 09:40

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-04-2014
Ran by Libor at 2014-04-12 11:47:50
Running from C:\Users\Libor\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Any Video Converter 3.3.5 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Bing Bar (HKLM\...\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}) (Version: 7.2.241.0 - Microsoft Corporation)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Download Navigator (HKLM\...\{D0353B68-A142-4F89-A46E-1C9A7745D636}) (Version: 3.4.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM\...\{30E01116-5666-4807-8EF1-D80E9FF16717}) (Version: 2.3.2.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-202 203 206 Series Printer Uninstall (HKLM\...\EPSON XP-202 203 206 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.1.1.2 (HKLM\...\{F1EE568A-171F-4C06-9BE6-2395BED067A3}) (Version: 4.1.1.2 - The Document Foundation)
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service CS-CZ Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4605.1003 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client CS-CZ Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 cs) (HKLM\...\Mozilla Firefox 28.0 (x86 cs)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4605.1003 - Microsoft Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PdfConvertor (HKLM\...\PdfConvertor_is1) (Version: - XSoft)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
Příručka pro síť EPSON XP-202 203 206 Series (HKLM\...\EPSON XP-202 203 206 Series Netg) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
Seznam Software (HKCU\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic Foundry ACID Pro 3.0 (HKLM\...\{F07C83EA-CF0C-44B4-9F1E-C3CD82EBA538}) (Version: 3.0.189 - Sonic Foundry)
Sonic Foundry ACID Pro 3.0 Crack (HKLM\...\Sonic Foundry ACID Pro 3.0 Crack) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steinberg Cubase VST32 (HKLM\...\Steinberg Cubase VST32) (Version: - )
SUPER © v2012.build.51 (April 7, 2012) verze v2012.build.51 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.51 - eRightSoft)
SW_Booster (HKLM\...\S-1278479691) (Version: 4.0.0.1652 - PremiumSoft)
SW_Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{280f2936}) (Version: - Certified Publisher)
Uživatelská příručka EPSON XP-202 203 206 Series (HKLM\...\EPSON XP-202 203 206 Series Useg) (Version: - )
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )

==================== Restore Points =========================

22-03-2014 05:30:51 Windows Update
25-03-2014 09:34:38 Windows Update
29-03-2014 05:55:59 Windows Update
01-04-2014 19:22:19 Windows Update
03-04-2014 05:49:50 Windows Update
06-04-2014 11:07:08 Windows Update
09-04-2014 04:42:44 Removed Skype Click to Call
09-04-2014 04:43:27 Removed Skype Click to Call
09-04-2014 19:46:24 Windows Update
10-04-2014 16:00:18 Windows Update
12-04-2014 08:07:01 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:04 - 2014-04-12 10:07 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {102724B5-9F75-4F3A-B206-F0C84CF20CF0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-02] (Google Inc.)
Task: {30A681F2-248E-4AEC-97DE-B44C94467DD9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} - System32\Tasks\4685 => Wscript.exe C:\Users\Libor\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {56B05C01-AFA9-46E4-BCEC-520747A074A8} - System32\Tasks\AdobeAAMUpdater-1.0-Libor-PC-Libor => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {A95C2115-FFDA-42AA-9C09-552C5C43BD2A} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} - System32\Tasks\SW_Booster-S-1278479691 => c:\programdata\greenapp\sw_booster\SW_Booster.exe [2014-04-07] ()
Task: {B8755D94-CE80-4505-999D-9527D13BDE6D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2014-03-30] (Microsoft Corporation)
Task: {C14761E8-0D9D-441D-804A-009704C9FFFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-04-08] (Microsoft Corporation)
Task: {F333B598-D2FD-4551-BEA8-6F17A3FDB198} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {FF9AE215-6135-4B0E-8C11-1D723B84DD4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW_Booster-S-1278479691.job => c:\programdata\greenapp\sw_booster\SW_Booster.exe

==================== Loaded Modules (whitelisted) =============

2014-03-19 09:39 - 2013-10-31 18:14 - 00077992 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2013-09-14 01:42 - 2014-03-25 07:08 - 00420008 _____ () C:\Program Files\Microsoft Office 15\ClientX86\StreamServer.dll
2013-09-15 10:28 - 2013-03-29 13:37 - 00059384 _____ () C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\2589libfoxloader.dll
2014-04-07 10:15 - 2014-04-07 10:15 - 00729600 _____ () c:\programdata\greenapp\sw_booster\SW_Booster.exe
2009-10-14 14:36 - 2009-10-14 14:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2013-03-03 16:41 - 2013-04-12 10:13 - 00457208 _____ () C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2013-03-03 16:41 - 2013-03-25 16:39 - 00894968 _____ () C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-03-03 16:41 - 2013-04-29 11:54 - 01663000 _____ () C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2009-10-14 14:34 - 2009-10-14 14:34 - 00560472 _____ () C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
2014-04-07 10:15 - 2014-04-07 10:15 - 04296192 _____ () C:\Program Files\SW_Booster\Assistant.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/12/2014 11:43:11 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0x584
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 11:43:05 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0xecc
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 11:42:40 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0x1158
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 11:42:34 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0x388
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 11:10:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2014 11:09:37 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0xa00
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 11:09:23 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0xc08
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 11:09:13 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0x94c
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3

Error: (04/12/2014 10:28:48 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 33.0.1750.154, časové razítko: 0x5323921f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0x15ac
Čas spuštění chybující aplikace: 0xchrome.exe0
Cesta k chybující aplikaci: chrome.exe1
Cesta k chybujícímu modulu: chrome.exe2
ID zprávy: chrome.exe3

Error: (04/12/2014 10:28:34 AM) (Source: Application Error) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 28.0.0.5186, časové razítko: 0x53240e37
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521ea91c
Kód výjimky: 0xc0000005
Posun chyby: 0x00052df6
ID chybujícího procesu: 0x150c
Čas spuštění chybující aplikace: 0xfirefox.exe0
Cesta k chybující aplikaci: firefox.exe1
Cesta k chybujícímu modulu: firefox.exe2
ID zprávy: firefox.exe3


System errors:
=============
Error: (04/12/2014 10:18:00 AM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/12/2014 10:17:59 AM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/12/2014 10:17:59 AM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/12/2014 10:17:58 AM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/12/2014 10:17:58 AM) (Source: Service Control Manager) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (04/12/2014 11:43:11 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df658401cf56339dff6d6dC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dlldbbf034f-c226-11e3-ba9a-5404a6627f89

Error: (04/12/2014 11:43:05 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df6ecc01cf56339acc940fC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dlld88c29f1-c226-11e3-ba9a-5404a6627f89

Error: (04/12/2014 11:42:40 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df6115801cf56338b79b84bC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dllc9394e2e-c226-11e3-ba9a-5404a6627f89

Error: (04/12/2014 11:42:34 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df638801cf5633874cee70C:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dllc5bcaa27-c226-11e3-ba9a-5404a6627f89

Error: (04/12/2014 11:10:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2014 11:09:37 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df6a0001cf562eed7c2cc5C:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll2b512f0a-c222-11e3-ba9a-5404a6627f89

Error: (04/12/2014 11:09:23 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df6c0801cf562ee584317bC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll234165fd-c222-11e3-ba9a-5404a6627f89

Error: (04/12/2014 11:09:13 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df694c01cf562edf1c1d5eC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll1d042aa5-c222-11e3-ba9a-5404a6627f89

Error: (04/12/2014 10:28:48 AM) (Source: Application Error)(User: )
Description: chrome.exe33.0.1750.1545323921fntdll.dll6.1.7601.18247521ea91cc000000500052df615ac01cf5629392700d1C:\Program Files\Google\Chrome\Application\chrome.exeC:\Windows\SYSTEM32\ntdll.dll77ac28eb-c21c-11e3-9549-5404a6627f89

Error: (04/12/2014 10:28:34 AM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37ntdll.dll6.1.7601.18247521ea91cc000000500052df6150c01cf5629314934aaC:\Program Files\Mozilla Firefox\firefox.exeC:\Windows\SYSTEM32\ntdll.dll6f54f695-c21c-11e3-9549-5404a6627f89


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 2013.12 MB
Available physical RAM: 1206.38 MB
Total Pagefile: 4026.23 MB
Available Pagefile: 2965.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.27 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:457.94 GB) (Free:323.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (05 12 2013) (CDROM) (Total:0.17 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 6197B7D3)
Partition 1: (Active) - (Size=458 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8 GB) - (Type=27)

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
  HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-12] (Google Inc.)
  AppInit_DLLs: c:\progra~1\sw_boo~1\assist~1.dll => C:\Program Files\SW_Booster\Assistant.dll [4296192 2014-04-07] ()
  
  SearchScopes: HKLM - DefaultScope value is missing.
  BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
  
  FF Extension: Seznam lištička - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-08-18]
  
  S2 280f2936; C:\Program Files\SW_Booster\AssistantSvc.dll [174928 2014-04-07] ()
  
  2014-04-12 11:44 - 2014-04-12 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (3).exe
  2014-04-12 11:44 - 2014-04-12 11:44 - 00015327 _____ () C:\Users\Libor\Desktop\LM.bat
  2014-04-12 11:18 - 2014-04-12 11:18 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (2).exe
  2014-04-12 11:11 - 2014-04-12 11:12 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (1).exe
  2014-04-12 10:45 - 2014-04-12 11:44 - 00029696 _____ () C:\Users\Libor\AppData\Local\MSGBOX.EXE
  2014-04-12 10:45 - 2014-04-12 10:45 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher.exe
  2014-04-12 10:44 - 2014-04-12 10:44 - 00024982 _____ () C:\Users\Libor\Downloads\Addition.txt
  2014-04-12 10:43 - 2014-04-12 11:47 - 00011164 _____ () C:\Users\Libor\Downloads\FRST.txt
  2014-04-12 10:25 - 2014-04-12 10:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-04-12 10:06 - 2014-04-12 10:26 - 00028490 _____ () C:\zoek-results.log
  2014-04-12 10:05 - 2014-04-12 10:22 - 00000000 ____D () C:\zoek_backup
  2014-04-12 10:05 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek (1).exe
  2014-04-12 10:04 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
  2014-04-12 09:47 - 2014-04-12 09:47 - 00000954 _____ () C:\Users\Libor\Desktop\JRT.txt
  2014-04-12 09:42 - 2014-04-12 09:42 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT (1).exe
  2014-04-12 09:29 - 2014-04-12 09:32 - 01426178 _____ () C:\Users\Libor\Downloads\adwcleaner(1).exe
  2014-04-12 09:24 - 2014-04-12 09:24 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT.exe
  2014-04-07 10:15 - 2014-04-12 11:08 - 00000444 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
  2014-04-07 10:15 - 2014-04-07 10:15 - 00000000 ____D () C:\Program Files\SW_Booster
  2014-04-07 10:14 - 2014-04-09 06:48 - 00000000 ____D () C:\ProgramData\sAfeweeB
  2014-04-07 10:14 - 2014-04-09 06:47 - 00000000 ____D () C:\Program Files\sAfeweeB
  
  Task: {3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} - System32\Tasks\4685 => Wscript.exe C:\Users\Libor\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
  Task: {56B05C01-AFA9-46E4-BCEC-520747A074A8} - System32\Tasks\AdobeAAMUpdater-1.0-Libor-PC-Libor => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
  Task: {A95C2115-FFDA-42AA-9C09-552C5C43BD2A} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
  Task: {AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} - System32\Tasks\SW_Booster-S-1278479691 => c:\programdata\greenapp\sw_booster\SW_Booster.exe [2014-04-07] ()
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\SW_Booster-S-1278479691.job => c:\programdata\greenapp\sw_booster\SW_Booster.exe
  
  C:\Program Files\SW_Booster
  
  Hosts:
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[libork]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-04-2014
Ran by Libor at 2014-04-12 14:39:59 Run:1
Running from C:\Users\Libor\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-12] (Google Inc.)
AppInit_DLLs: c:\progra~1\sw_boo~1\assist~1.dll => C:\Program Files\SW_Booster\Assistant.dll [4296192 2014-04-07] ()

SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)

FF Extension: Seznam lištička - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-08-18]

S2 280f2936; C:\Program Files\SW_Booster\AssistantSvc.dll [174928 2014-04-07] ()

2014-04-12 11:44 - 2014-04-12 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (3).exe
2014-04-12 11:44 - 2014-04-12 11:44 - 00015327 _____ () C:\Users\Libor\Desktop\LM.bat
2014-04-12 11:18 - 2014-04-12 11:18 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (2).exe
2014-04-12 11:11 - 2014-04-12 11:12 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (1).exe
2014-04-12 10:45 - 2014-04-12 11:44 - 00029696 _____ () C:\Users\Libor\AppData\Local\MSGBOX.EXE
2014-04-12 10:45 - 2014-04-12 10:45 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher.exe
2014-04-12 10:44 - 2014-04-12 10:44 - 00024982 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-12 10:43 - 2014-04-12 11:47 - 00011164 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-04-12 10:25 - 2014-04-12 10:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-12 10:06 - 2014-04-12 10:26 - 00028490 _____ () C:\zoek-results.log
2014-04-12 10:05 - 2014-04-12 10:22 - 00000000 ____D () C:\zoek_backup
2014-04-12 10:05 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek (1).exe
2014-04-12 10:04 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-04-12 09:47 - 2014-04-12 09:47 - 00000954 _____ () C:\Users\Libor\Desktop\JRT.txt
2014-04-12 09:42 - 2014-04-12 09:42 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT (1).exe
2014-04-12 09:29 - 2014-04-12 09:32 - 01426178 _____ () C:\Users\Libor\Downloads\adwcleaner(1).exe
2014-04-12 09:24 - 2014-04-12 09:24 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT.exe
2014-04-07 10:15 - 2014-04-12 11:08 - 00000444 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
2014-04-07 10:15 - 2014-04-07 10:15 - 00000000 ____D () C:\Program Files\SW_Booster
2014-04-07 10:14 - 2014-04-09 06:48 - 00000000 ____D () C:\ProgramData\sAfeweeB
2014-04-07 10:14 - 2014-04-09 06:47 - 00000000 ____D () C:\Program Files\sAfeweeB

Task: {3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} - System32\Tasks\4685 => Wscript.exe C:\Users\Libor\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {56B05C01-AFA9-46E4-BCEC-520747A074A8} - System32\Tasks\AdobeAAMUpdater-1.0-Libor-PC-Libor => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {A95C2115-FFDA-42AA-9C09-552C5C43BD2A} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} - System32\Tasks\SW_Booster-S-1278479691 => c:\programdata\greenapp\sw_booster\SW_Booster.exe [2014-04-07] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW_Booster-S-1278479691.job => c:\programdata\greenapp\sw_booster\SW_Booster.exe

C:\Program Files\SW_Booster

Hosts:
End
*****************

HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000 => Value deleted successfully.
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
"c:\\progra~1\\sw_boo~1\\assist~1.dll" => Value Data removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} => Key deleted successfully.
HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711} => Key deleted successfully.
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
280f2936 => Service deleted successfully.
C:\Users\Libor\Downloads\FRSTLauncher (3).exe => Moved successfully.
C:\Users\Libor\Desktop\LM.bat => Moved successfully.
C:\Users\Libor\Downloads\FRSTLauncher (2).exe => Moved successfully.
C:\Users\Libor\Downloads\FRSTLauncher (1).exe => Moved successfully.
C:\Users\Libor\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Libor\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\Libor\Downloads\Addition.txt => Moved successfully.
C:\Users\Libor\Downloads\FRST.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Libor\Downloads\zoek (1).exe => Moved successfully.
C:\Users\Libor\Downloads\zoek.exe => Moved successfully.
C:\Users\Libor\Desktop\JRT.txt => Moved successfully.
C:\Users\Libor\Downloads\JRT (1).exe => Moved successfully.
C:\Users\Libor\Downloads\adwcleaner(1).exe => Moved successfully.
C:\Users\Libor\Downloads\JRT.exe => Moved successfully.
C:\Windows\Tasks\SW_Booster-S-1278479691.job => Moved successfully.
C:\Program Files\SW_Booster => Moved successfully.
C:\ProgramData\sAfeweeB => Moved successfully.
C:\Program Files\sAfeweeB => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} => Key deleted successfully.
C:\Windows\System32\Tasks\4685 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4685 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56B05C01-AFA9-46E4-BCEC-520747A074A8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B05C01-AFA9-46E4-BCEC-520747A074A8} => Key deleted successfully.
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Libor-PC-Libor => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Libor-PC-Libor => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A95C2115-FFDA-42AA-9C09-552C5C43BD2A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A95C2115-FFDA-42AA-9C09-552C5C43BD2A} => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} => Key deleted successfully.
C:\Windows\System32\Tasks\SW_Booster-S-1278479691 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW_Booster-S-1278479691 => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\SW_Booster-S-1278479691.job not found.
"C:\Program Files\SW_Booster" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[libork]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-04-2014
Ran by Libor at 2014-04-12 14:39:59 Run:1
Running from C:\Users\Libor\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\Libor\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\Libor\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-12-12] (Google Inc.)
AppInit_DLLs: c:\progra~1\sw_boo~1\assist~1.dll => C:\Program Files\SW_Booster\Assistant.dll [4296192 2014-04-07] ()

SearchScopes: HKLM - DefaultScope value is missing.
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)

FF Extension: Seznam lištička - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-08-18]

S2 280f2936; C:\Program Files\SW_Booster\AssistantSvc.dll [174928 2014-04-07] ()

2014-04-12 11:44 - 2014-04-12 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (3).exe
2014-04-12 11:44 - 2014-04-12 11:44 - 00015327 _____ () C:\Users\Libor\Desktop\LM.bat
2014-04-12 11:18 - 2014-04-12 11:18 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (2).exe
2014-04-12 11:11 - 2014-04-12 11:12 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher (1).exe
2014-04-12 10:45 - 2014-04-12 11:44 - 00029696 _____ () C:\Users\Libor\AppData\Local\MSGBOX.EXE
2014-04-12 10:45 - 2014-04-12 10:45 - 00112640 _____ (forum.viry.cz) C:\Users\Libor\Downloads\FRSTLauncher.exe
2014-04-12 10:44 - 2014-04-12 10:44 - 00024982 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-12 10:43 - 2014-04-12 11:47 - 00011164 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-04-12 10:25 - 2014-04-12 10:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-04-12 10:06 - 2014-04-12 10:26 - 00028490 _____ () C:\zoek-results.log
2014-04-12 10:05 - 2014-04-12 10:22 - 00000000 ____D () C:\zoek_backup
2014-04-12 10:05 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek (1).exe
2014-04-12 10:04 - 2014-04-12 10:05 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-04-12 09:47 - 2014-04-12 09:47 - 00000954 _____ () C:\Users\Libor\Desktop\JRT.txt
2014-04-12 09:42 - 2014-04-12 09:42 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT (1).exe
2014-04-12 09:29 - 2014-04-12 09:32 - 01426178 _____ () C:\Users\Libor\Downloads\adwcleaner(1).exe
2014-04-12 09:24 - 2014-04-12 09:24 - 01016261 _____ (Thisisu) C:\Users\Libor\Downloads\JRT.exe
2014-04-07 10:15 - 2014-04-12 11:08 - 00000444 ____H () C:\Windows\Tasks\SW_Booster-S-1278479691.job
2014-04-07 10:15 - 2014-04-07 10:15 - 00000000 ____D () C:\Program Files\SW_Booster
2014-04-07 10:14 - 2014-04-09 06:48 - 00000000 ____D () C:\ProgramData\sAfeweeB
2014-04-07 10:14 - 2014-04-09 06:47 - 00000000 ____D () C:\Program Files\sAfeweeB

Task: {3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} - System32\Tasks\4685 => Wscript.exe C:\Users\Libor\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {56B05C01-AFA9-46E4-BCEC-520747A074A8} - System32\Tasks\AdobeAAMUpdater-1.0-Libor-PC-Libor => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {A95C2115-FFDA-42AA-9C09-552C5C43BD2A} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} - System32\Tasks\SW_Booster-S-1278479691 => c:\programdata\greenapp\sw_booster\SW_Booster.exe [2014-04-07] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SW_Booster-S-1278479691.job => c:\programdata\greenapp\sw_booster\SW_Booster.exe

C:\Program Files\SW_Booster

Hosts:
End
*****************

HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPLTarget\P0000000000000000 => Value deleted successfully.
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
"c:\\progra~1\\sw_boo~1\\assist~1.dll" => Value Data removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711} => Key deleted successfully.
HKCR\CLSID\{3A2D5EBA-F86D-4BD3-A177-019765996711} => Key deleted successfully.
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
280f2936 => Service deleted successfully.
C:\Users\Libor\Downloads\FRSTLauncher (3).exe => Moved successfully.
C:\Users\Libor\Desktop\LM.bat => Moved successfully.
C:\Users\Libor\Downloads\FRSTLauncher (2).exe => Moved successfully.
C:\Users\Libor\Downloads\FRSTLauncher (1).exe => Moved successfully.
C:\Users\Libor\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\Libor\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\Libor\Downloads\Addition.txt => Moved successfully.
C:\Users\Libor\Downloads\FRST.txt => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Libor\Downloads\zoek (1).exe => Moved successfully.
C:\Users\Libor\Downloads\zoek.exe => Moved successfully.
C:\Users\Libor\Desktop\JRT.txt => Moved successfully.
C:\Users\Libor\Downloads\JRT (1).exe => Moved successfully.
C:\Users\Libor\Downloads\adwcleaner(1).exe => Moved successfully.
C:\Users\Libor\Downloads\JRT.exe => Moved successfully.
C:\Windows\Tasks\SW_Booster-S-1278479691.job => Moved successfully.
C:\Program Files\SW_Booster => Moved successfully.
C:\ProgramData\sAfeweeB => Moved successfully.
C:\Program Files\sAfeweeB => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EDAF3C8-0B66-4D01-87C4-22ACB0B3BF7A} => Key deleted successfully.
C:\Windows\System32\Tasks\4685 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4685 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56B05C01-AFA9-46E4-BCEC-520747A074A8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56B05C01-AFA9-46E4-BCEC-520747A074A8} => Key deleted successfully.
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Libor-PC-Libor => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Libor-PC-Libor => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A95C2115-FFDA-42AA-9C09-552C5C43BD2A} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A95C2115-FFDA-42AA-9C09-552C5C43BD2A} => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAEE5925-158E-4AE5-85F5-3A8BAA28B3AD} => Key deleted successfully.
C:\Windows\System32\Tasks\SW_Booster-S-1278479691 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW_Booster-S-1278479691 => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\SW_Booster-S-1278479691.job not found.
"C:\Program Files\SW_Booster" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[vyosek]

Jak se chova PC?

[libork]

Vypadá to, že je vše v pořádku.
Dík!

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse