Zpomalené PC, vyskakující reklamy

[libork]

Ahoj, prosím o kontrolu logu, počítač je zpomalený a stále vyskakují reklamy.
Děkuju

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014
Ran by Libor (administrator) on LIBOR-PC on 17-05-2014 10:50:20
Running from C:\Users\Libor\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\WinRST\WinRST.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIME.EXE
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10754664 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)

==================== Internet (Whitelisted) ====================

ProxyServer: http=http://127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

FireFox:
========
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Pirrit Suggestor - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\suggestor@suggestor.pirrit.com.xpi [2014-04-22]
FF Extension: Adblock Plus - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-27]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-14]
CHR Extension: (Disk Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-23]
CHR Extension: (YouTube) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-23]
CHR Extension: (Peněženka Google) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]
CHR Extension: (Gmail) - C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-23]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-12-23]

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1558200 2014-04-15] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 WinRST; C:\Program Files\WinRST\WinRST.exe [59904 2014-02-26] ()

==================== Drivers (Whitelisted) ====================

R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Libor\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-17 10:50 - 2014-05-17 10:50 - 00011385 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-05-17 10:49 - 2014-05-17 10:49 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2014-05-17 10:47 - 2014-05-17 10:47 - 00000056 _____ () C:\Windows\setupact.log
2014-05-17 10:47 - 2014-05-17 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 22:07 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:07 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:07 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:43 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 21:43 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 21:43 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 21:43 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 21:43 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 21:43 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 21:43 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 21:43 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 21:43 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 21:43 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-14 21:43 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 21:43 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 21:43 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 21:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-10 07:24 - 2014-05-17 10:47 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 07:24 - 2014-05-17 10:29 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieUserList
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieSiteList
2014-05-06 22:15 - 2014-05-15 07:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 22:12 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 22:12 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 22:12 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 22:12 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 22:12 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 22:12 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 22:12 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 22:12 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 22:12 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 22:12 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 22:12 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 22:12 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 22:12 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 22:12 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 22:12 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 22:12 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 22:12 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 22:12 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 22:12 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 22:12 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 22:12 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 22:12 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 22:12 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 22:12 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 09:31 - 2014-05-17 10:29 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 20:52 - 2014-04-27 20:52 - 00013959 _____ () C:\ComboFix.txt
2014-04-27 20:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-27 20:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-27 20:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-27 20:33 - 2014-04-27 20:52 - 00000000 ____D () C:\Qoobox
2014-04-27 20:32 - 2014-04-27 20:51 - 00000000 ____D () C:\Windows\erdnt
2014-04-27 14:05 - 2014-05-10 20:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-27 14:05 - 2014-04-27 14:05 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 14:05 - 2014-04-27 14:05 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-27 14:04 - 2014-04-27 14:04 - 25043968 _____ (Mozilla) C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe
2014-04-27 11:33 - 2014-04-28 07:38 - 00000000 ____D () C:\Program Files\MozBackup
2014-04-26 21:47 - 2014-04-27 11:32 - 00000000 ____D () C:\Users\Libor\Documents\Stažené soubory
2014-04-26 20:18 - 2014-04-26 20:19 - 00024140 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-26 20:17 - 2014-05-17 10:50 - 00000000 ____D () C:\FRST
2014-04-25 18:00 - 2014-04-25 19:47 - 992073729 _____ () C:\Users\Libor\Downloads\zivot-po-zivote-2010-brrip-xvid-cz.avi
2014-04-24 20:58 - 2014-04-24 20:58 - 00020992 _____ () C:\Users\Libor\Downloads\vykaz.xls
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\Documents\eRightSoft
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Pirrit
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\AppData\Local\WinRST
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Program Files\WinRST
2014-04-22 10:14 - 2012-10-05 19:54 - 00188416 __RSH () C:\Windows\system32\winDCE32.dll
2014-04-22 10:14 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Olepau32.ax
2014-04-22 10:14 - 2011-06-15 23:00 - 00163328 __RSH () C:\Windows\system32\flvDX.dll
2014-04-22 10:14 - 2011-06-14 19:05 - 00121344 __RSH () C:\Windows\system32\TAKDSDecoder.ax
2014-04-22 10:14 - 2011-02-11 10:26 - 00112128 __RSH () C:\Windows\system32\OptimFROG.dll
2014-04-22 10:14 - 2010-01-06 23:00 - 00107520 __RSH () C:\Windows\system32\TAKDSDecoder.dll
2014-04-22 10:14 - 2009-09-27 23:00 - 00143872 __RSH () C:\Windows\system32\AviDX.ax
2014-04-22 10:14 - 2009-08-10 23:00 - 00352768 __RSH () C:\Windows\system32\ac3DX.ax
2014-04-22 10:14 - 2009-03-17 10:38 - 00070656 __RSH () C:\Windows\system32\RLAPEDec.ax
2014-04-22 10:14 - 2009-01-18 17:15 - 00120832 __RSH () C:\Windows\system32\MPCDx.ax
2014-04-22 10:14 - 2009-01-18 12:03 - 00107520 __RSH () C:\Windows\system32\RLMPCDec.ax
2014-04-22 10:14 - 2008-03-16 14:30 - 00216064 __RSH (MONOGRAM Multimedia, s.r.o.) C:\Windows\system32\nbDX.dll
2014-04-22 10:14 - 2007-02-21 12:47 - 00031232 __RSH (Hans Mayerl) C:\Windows\system32\msfDX.dll
2014-04-22 10:14 - 2006-08-16 15:53 - 00175104 __RSH () C:\Windows\system32\CoreAAC.ax
2014-04-22 10:14 - 2006-03-10 20:21 - 00195584 __RSH () C:\Windows\system32\MatroskaDX.ax
2014-04-22 10:14 - 2006-01-12 23:00 - 00123904 __RSH (CoreCodec) C:\Windows\system32\AVCDX.ax
2014-04-22 10:14 - 2005-11-25 21:46 - 00161792 __RSH (Gabest) C:\Windows\system32\RealMediaDX.ax
2014-04-22 10:14 - 2005-02-22 17:55 - 00081920 __RSH () C:\Windows\system32\aac_parser.ax
2014-04-22 10:14 - 2005-02-13 00:00 - 00186880 __RSH (RadLight) C:\Windows\system32\RLOgg.ax
2014-04-22 10:14 - 2005-02-13 00:00 - 00067584 __RSH (RadLight, LLC) C:\Windows\system32\RLTheoraDec.ax
2014-04-22 10:14 - 2005-02-13 00:00 - 00051712 __RSH () C:\Windows\system32\RLSpeexDec.ax
2014-04-22 10:14 - 2005-02-06 00:00 - 00092672 __RSH (RadLight) C:\Windows\system32\RLVorbisDec.ax
2014-04-22 10:14 - 2005-01-18 00:26 - 00179200 __RSH (Gabest) C:\Windows\system32\DiracSplitter.ax
2014-04-22 10:14 - 2004-09-17 04:07 - 00090112 __RSH (-) C:\Windows\system32\TTADSSplitter.ax
2014-04-22 10:14 - 2004-08-22 11:56 - 00090112 __RSH (-) C:\Windows\system32\TTADSDecoder.ax
2014-04-22 10:14 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\system32\RLOFRDec.ax
2014-04-22 10:14 - 2003-12-07 08:59 - 00097280 __RSH () C:\Windows\system32\FLACDX.ax
2014-04-22 10:10 - 2014-04-22 10:10 - 64722251 _____ (eRightSoft ) C:\Users\Libor\Downloads\SUPERsetup.exe
2014-04-21 19:51 - 2014-04-21 19:51 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple Computer
2014-04-21 14:26 - 2014-04-21 14:26 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Apple Computer
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\ProgramData\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Program Files\Common Files\Apple

==================== One Month Modified Files and Folders =======

2014-05-17 10:50 - 2014-05-17 10:50 - 00011385 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-05-17 10:50 - 2014-04-26 20:17 - 00000000 ____D () C:\FRST
2014-05-17 10:49 - 2014-05-17 10:49 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2014-05-17 10:48 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-17 10:47 - 2014-05-17 10:47 - 00000056 _____ () C:\Windows\setupact.log
2014-05-17 10:47 - 2014-05-17 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-17 10:47 - 2014-05-10 07:24 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 10:47 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 10:45 - 2014-02-22 10:31 - 01839316 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 10:29 - 2014-05-10 07:24 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 10:29 - 2014-04-29 09:31 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-17 08:36 - 2012-12-23 16:42 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-17 07:52 - 2009-07-14 06:34 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 07:52 - 2009-07-14 06:34 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 07:50 - 2010-11-20 23:01 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 11:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-16 10:28 - 2012-02-14 08:32 - 00017920 _____ () C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 09:41 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-15 07:59 - 2012-01-02 11:31 - 00000000 ___RD () C:\Users\Libor\Virtual Machines
2014-05-15 07:55 - 2014-05-06 22:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:11 - 2013-08-14 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:09 - 2012-01-02 11:51 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 09:13 - 2012-04-03 10:46 - 00000000 ____D () C:\Users\Libor\Documents\Nahrávky zoom
2014-05-14 09:02 - 2012-01-29 17:55 - 00010240 _____ () C:\Users\Libor\Documents\Sporožiro.xls
2014-05-14 07:29 - 2012-08-31 07:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 07:29 - 2012-01-11 12:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 22:13 - 2013-09-14 01:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-11 07:43 - 2012-01-12 10:23 - 00000000 ____D () C:\Users\Libor\AppData\Local\Adobe
2014-05-10 20:33 - 2014-04-27 14:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 09:16 - 2013-09-22 07:57 - 00017681 ____H () C:\Users\Libor\Documents\Charakteristika.odt
2014-05-10 09:01 - 2013-05-02 07:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-10 07:59 - 2012-01-02 11:31 - 00000000 ____D () C:\Users\Libor
2014-05-09 09:06 - 2014-05-14 21:43 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-14 21:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieUserList
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieSiteList
2014-05-06 05:25 - 2014-05-14 22:07 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-14 22:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-14 22:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-28 21:39 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-28 07:38 - 2014-04-27 11:33 - 00000000 ____D () C:\Program Files\MozBackup
2014-04-27 20:52 - 2014-04-27 20:52 - 00013959 _____ () C:\ComboFix.txt
2014-04-27 20:52 - 2014-04-27 20:33 - 00000000 ____D () C:\Qoobox
2014-04-27 20:52 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-04-27 20:52 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-04-27 20:51 - 2014-04-27 20:32 - 00000000 ____D () C:\Windows\erdnt
2014-04-27 20:47 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-04-27 14:05 - 2014-04-27 14:05 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 14:05 - 2014-04-27 14:05 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-27 14:04 - 2014-04-27 14:04 - 25043968 _____ (Mozilla) C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe
2014-04-27 11:32 - 2014-04-26 21:47 - 00000000 ____D () C:\Users\Libor\Documents\Stažené soubory
2014-04-26 21:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-26 21:19 - 2012-01-14 11:49 - 00000000 ___RD () C:\Program Files\Skype
2014-04-26 21:19 - 2012-01-11 11:57 - 00000000 ____D () C:\Program Files\Google
2014-04-26 20:19 - 2014-04-26 20:18 - 00024140 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-25 19:47 - 2014-04-25 18:00 - 992073729 _____ () C:\Users\Libor\Downloads\zivot-po-zivote-2010-brrip-xvid-cz.avi
2014-04-24 20:58 - 2014-04-24 20:58 - 00020992 _____ () C:\Users\Libor\Downloads\vykaz.xls
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\Documents\eRightSoft
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Pirrit
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\AppData\Local\WinRST
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Program Files\WinRST
2014-04-22 10:14 - 2012-04-12 08:26 - 00001072 _____ () C:\Users\Public\Desktop\SUPER ©.lnk
2014-04-22 10:14 - 2012-04-12 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2014-04-22 10:14 - 2012-04-12 08:25 - 00000000 ____D () C:\Program Files\eRightSoft
2014-04-22 10:10 - 2014-04-22 10:10 - 64722251 _____ (eRightSoft ) C:\Users\Libor\Downloads\SUPERsetup.exe
2014-04-21 19:51 - 2014-04-21 19:51 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple Computer
2014-04-21 14:26 - 2014-04-21 14:26 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Apple Computer
2014-04-21 00:48 - 2012-01-16 11:22 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Media Player Classic
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\ProgramData\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-20 23:55 - 2012-01-02 11:31 - 00000000 ____D () C:\Users\Libor\AppData\Local\VirtualStore
2014-04-19 08:17 - 2014-03-01 12:17 - 00000000 ____D () C:\Users\Libor\Documents\Otakárek
2014-04-18 17:52 - 2013-09-15 10:34 - 00000000 ____D () C:\Users\Libor\Desktop\David
2014-04-18 17:52 - 2012-05-01 18:00 - 00000000 ____D () C:\Users\Libor\Desktop\foto
2014-04-18 17:52 - 2012-04-29 09:39 - 00000000 ____D () C:\Users\Libor\Desktop\Terka

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-14 21:43] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 11:21

==================== End Of Log ============================

[vyosek]

Zdravim

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  resetIEproxy;
  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[libork]

Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Libor on so 17.05.2014 at 11:11:45,44.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Libor\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.5.2014 11:13:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default

user.js not found
---- Lines suggestor modified from prefs.js ----

user_pref("extensions.enabledAddons", "suggestor%40suggestor.pirrit.com:2.2.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1");
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines pirrit modified from prefs.js ----

user_pref("extensions.enabledAddons", "disabled%40disabled.pirrit.com:2.2.5,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1");
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- FireFox user.js and prefs.js backups ----

prefs_17.05.2014_1518_.backup

==== Deleting Files \ Folders ======================

C:\Users\Libor\AppData\Roaming\Pirrit deleted
C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\extensions\suggestor@suggestor.pirrit.com.xpi deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash
785105A23650755A8F7A72405EB0D923 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll - Google Update
01D93217A9EE48DD37072B671378CC9C - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
28986F0A2342A033345EF9E70D395E4F - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{B11F5F4A-5285-4795-906C-0CF4761EA898} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{E3472CF2-F332-4A9F-B906-F879FD3EC370} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=http://127.0.0.1:9880"
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

==== Empty IE Cache ======================

C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Libor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Libor\AppData\Local\Mozilla\Firefox\Profiles\cozz22r6.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Libor\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=15 folders=2 112805 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Guest\AppData\Local\temp emptied successfully
C:\Users\HomeGroupUser$\AppData\Local\temp emptied successfully
C:\Users\Libor\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Libor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 17.05.2014 at 16:52:59,29 ======================

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[libork]

# AdwCleaner v3.208 - Report created 17/05/2014 at 17:10:18
# Updated 11/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Libor - LIBOR-PC
# Running from : C:\Users\Libor\Downloads\adwcleaner_3.208.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\WinRST
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Libor\AppData\Local\WinRST
File Deleted : C:\Users\Libor\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\Libor\AppData\Roaming\regsvr32.exe_log.txt

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-1278479691
Key Deleted : HKCU\Software\Pirrit
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\Pirrit

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\prefs.js ]


-\\ Google Chrome v34.0.1847.137

*************************

AdwCleaner[R3].txt - [1647 octets] - [17/05/2014 17:08:56]
AdwCleaner[S3].txt - [1517 octets] - [17/05/2014 17:10:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1577 octets] ##########

[vyosek]

Dejte novy log z FRST

[libork]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-05-2014
Ran by Libor (administrator) on LIBOR-PC on 17-05-2014 17:21:39
Running from C:\Users\Libor\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIIME.EXE
(The Document Foundation) C:\Program Files\LibreOffice 4\program\swriter.exe
(The Document Foundation) C:\Program Files\LibreOffice 4\program\soffice.exe
(The Document Foundation) C:\Program Files\LibreOffice 4\program\soffice.bin
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Farbar) C:\Users\Libor\Downloads\FRST(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10754664 2011-07-07] (Realtek Semiconductor)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2011-10-31] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKU\S-1-5-21-726496295-2317986126-1619368687-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIIME.EXE [249440 2012-02-29] (SEIKO EPSON CORPORATION)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {B11F5F4A-5285-4795-906C-0CF4761EA898} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKCU - {E3472CF2-F332-4A9F-B906-F879FD3EC370} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.20

FireFox:
========
FF ProfilePath: C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Adblock Plus - C:\Users\Libor\AppData\Roaming\Mozilla\Firefox\Profiles\cozz22r6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-27]

========================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1558200 2014-04-15] (Microsoft Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE [142432 2012-02-21] (SEIKO EPSON CORPORATION)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
S2 WinRST; C:\Program Files\WinRST\WinRST.exe [X]

==================== Drivers (Whitelisted) ====================

R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [165376 2009-09-23] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [55040 2009-09-23] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2009-09-23] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [294912 2009-09-23] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Libor\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-17 17:21 - 2014-05-17 17:21 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST(1).exe
2014-05-17 17:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-17 17:08 - 2014-05-17 17:11 - 00000000 ____D () C:\AdwCleaner
2014-05-17 17:06 - 2014-05-17 17:08 - 01325827 _____ () C:\Users\Libor\Downloads\adwcleaner_3.208.exe
2014-05-17 16:51 - 2014-05-17 17:10 - 00000646 _____ () C:\Windows\PFRO.log
2014-05-17 16:34 - 2014-05-17 11:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-17 11:12 - 2014-05-17 16:52 - 00009785 _____ () C:\zoek-results.log
2014-05-17 11:11 - 2014-05-17 15:20 - 00000000 ____D () C:\zoek_backup
2014-05-17 11:11 - 2014-05-17 11:11 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-05-17 10:50 - 2014-05-17 17:21 - 00010363 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-05-17 10:49 - 2014-05-17 10:49 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2014-05-17 10:47 - 2014-05-17 17:11 - 00000168 _____ () C:\Windows\setupact.log
2014-05-17 10:47 - 2014-05-17 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-14 22:07 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:07 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:07 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 21:43 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 21:43 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 21:43 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 21:43 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 21:43 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 21:43 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 21:43 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 21:43 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 21:43 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 21:43 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-14 21:43 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 21:43 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 21:43 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 21:43 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 21:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-10 07:24 - 2014-05-17 17:11 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 07:24 - 2014-05-17 16:29 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieUserList
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieSiteList
2014-05-06 22:15 - 2014-05-15 07:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 22:12 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-06 22:12 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-06 22:12 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-06 22:12 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-06 22:12 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-06 22:12 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-06 22:12 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-06 22:12 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-06 22:12 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-06 22:12 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-06 22:12 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-06 22:12 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-06 22:12 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-06 22:12 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-06 22:12 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-06 22:12 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-06 22:12 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-06 22:12 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-06 22:12 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-06 22:12 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-06 22:12 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-06 22:12 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-06 22:12 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-06 22:12 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-29 09:31 - 2014-05-17 16:29 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 20:52 - 2014-04-27 20:52 - 00013959 _____ () C:\ComboFix.txt
2014-04-27 20:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-27 20:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-27 20:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-27 20:33 - 2014-04-27 20:52 - 00000000 ____D () C:\Qoobox
2014-04-27 20:32 - 2014-04-27 20:51 - 00000000 ____D () C:\Windows\erdnt
2014-04-27 14:05 - 2014-05-10 20:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-27 14:05 - 2014-04-27 14:05 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 14:05 - 2014-04-27 14:05 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-27 14:04 - 2014-04-27 14:04 - 25043968 _____ (Mozilla) C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe
2014-04-27 11:33 - 2014-04-28 07:38 - 00000000 ____D () C:\Program Files\MozBackup
2014-04-26 21:47 - 2014-04-27 11:32 - 00000000 ____D () C:\Users\Libor\Documents\Stažené soubory
2014-04-26 20:18 - 2014-04-26 20:19 - 00024140 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-26 20:17 - 2014-05-17 17:21 - 00000000 ____D () C:\FRST
2014-04-25 18:00 - 2014-04-25 19:47 - 992073729 _____ () C:\Users\Libor\Downloads\zivot-po-zivote-2010-brrip-xvid-cz.avi
2014-04-24 20:58 - 2014-04-24 20:58 - 00020992 _____ () C:\Users\Libor\Downloads\vykaz.xls
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\Documents\eRightSoft
2014-04-22 10:14 - 2012-10-05 19:54 - 00188416 __RSH () C:\Windows\system32\winDCE32.dll
2014-04-22 10:14 - 2012-07-11 23:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Olepau32.ax
2014-04-22 10:14 - 2011-06-15 23:00 - 00163328 __RSH () C:\Windows\system32\flvDX.dll
2014-04-22 10:14 - 2011-06-14 19:05 - 00121344 __RSH () C:\Windows\system32\TAKDSDecoder.ax
2014-04-22 10:14 - 2011-02-11 10:26 - 00112128 __RSH () C:\Windows\system32\OptimFROG.dll
2014-04-22 10:14 - 2010-01-06 23:00 - 00107520 __RSH () C:\Windows\system32\TAKDSDecoder.dll
2014-04-22 10:14 - 2009-09-27 23:00 - 00143872 __RSH () C:\Windows\system32\AviDX.ax
2014-04-22 10:14 - 2009-08-10 23:00 - 00352768 __RSH () C:\Windows\system32\ac3DX.ax
2014-04-22 10:14 - 2009-03-17 10:38 - 00070656 __RSH () C:\Windows\system32\RLAPEDec.ax
2014-04-22 10:14 - 2009-01-18 17:15 - 00120832 __RSH () C:\Windows\system32\MPCDx.ax
2014-04-22 10:14 - 2009-01-18 12:03 - 00107520 __RSH () C:\Windows\system32\RLMPCDec.ax
2014-04-22 10:14 - 2008-03-16 14:30 - 00216064 __RSH (MONOGRAM Multimedia, s.r.o.) C:\Windows\system32\nbDX.dll
2014-04-22 10:14 - 2007-02-21 12:47 - 00031232 __RSH (Hans Mayerl) C:\Windows\system32\msfDX.dll
2014-04-22 10:14 - 2006-08-16 15:53 - 00175104 __RSH () C:\Windows\system32\CoreAAC.ax
2014-04-22 10:14 - 2006-03-10 20:21 - 00195584 __RSH () C:\Windows\system32\MatroskaDX.ax
2014-04-22 10:14 - 2006-01-12 23:00 - 00123904 __RSH (CoreCodec) C:\Windows\system32\AVCDX.ax
2014-04-22 10:14 - 2005-11-25 21:46 - 00161792 __RSH (Gabest) C:\Windows\system32\RealMediaDX.ax
2014-04-22 10:14 - 2005-02-22 17:55 - 00081920 __RSH () C:\Windows\system32\aac_parser.ax
2014-04-22 10:14 - 2005-02-13 00:00 - 00186880 __RSH (RadLight) C:\Windows\system32\RLOgg.ax
2014-04-22 10:14 - 2005-02-13 00:00 - 00067584 __RSH (RadLight, LLC) C:\Windows\system32\RLTheoraDec.ax
2014-04-22 10:14 - 2005-02-13 00:00 - 00051712 __RSH () C:\Windows\system32\RLSpeexDec.ax
2014-04-22 10:14 - 2005-02-06 00:00 - 00092672 __RSH (RadLight) C:\Windows\system32\RLVorbisDec.ax
2014-04-22 10:14 - 2005-01-18 00:26 - 00179200 __RSH (Gabest) C:\Windows\system32\DiracSplitter.ax
2014-04-22 10:14 - 2004-09-17 04:07 - 00090112 __RSH (-) C:\Windows\system32\TTADSSplitter.ax
2014-04-22 10:14 - 2004-08-22 11:56 - 00090112 __RSH (-) C:\Windows\system32\TTADSDecoder.ax
2014-04-22 10:14 - 2004-04-27 16:03 - 00017408 __RSH (RadLight) C:\Windows\system32\RLOFRDec.ax
2014-04-22 10:14 - 2003-12-07 08:59 - 00097280 __RSH () C:\Windows\system32\FLACDX.ax
2014-04-22 10:10 - 2014-04-22 10:10 - 64722251 _____ (eRightSoft ) C:\Users\Libor\Downloads\SUPERsetup.exe
2014-04-21 19:51 - 2014-04-21 19:51 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple Computer
2014-04-21 14:26 - 2014-04-21 14:26 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Apple Computer
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\ProgramData\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Program Files\Common Files\Apple

==================== One Month Modified Files and Folders =======

2014-05-17 17:21 - 2014-05-17 17:21 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST(1).exe
2014-05-17 17:21 - 2014-05-17 10:50 - 00010363 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-05-17 17:21 - 2014-04-26 20:17 - 00000000 ____D () C:\FRST
2014-05-17 17:18 - 2009-07-14 06:34 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-17 17:18 - 2009-07-14 06:34 - 00017152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-17 17:15 - 2010-11-20 23:01 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-17 17:11 - 2014-05-17 17:08 - 00000000 ____D () C:\AdwCleaner
2014-05-17 17:11 - 2014-05-17 10:47 - 00000168 _____ () C:\Windows\setupact.log
2014-05-17 17:11 - 2014-05-10 07:24 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-17 17:11 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-17 17:10 - 2014-05-17 16:51 - 00000646 _____ () C:\Windows\PFRO.log
2014-05-17 17:10 - 2014-02-22 10:31 - 01884175 _____ () C:\Windows\WindowsUpdate.log
2014-05-17 17:08 - 2014-05-17 17:06 - 01325827 _____ () C:\Users\Libor\Downloads\adwcleaner_3.208.exe
2014-05-17 16:52 - 2014-05-17 11:12 - 00009785 _____ () C:\zoek-results.log
2014-05-17 16:29 - 2014-05-10 07:24 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 16:29 - 2014-04-29 09:31 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-17 15:20 - 2014-05-17 11:11 - 00000000 ____D () C:\zoek_backup
2014-05-17 11:11 - 2014-05-17 16:34 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-17 11:11 - 2014-05-17 11:11 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-05-17 10:49 - 2014-05-17 10:49 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST.exe
2014-05-17 10:48 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-05-17 10:47 - 2014-05-17 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-17 08:36 - 2012-12-23 16:42 - 00002135 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 11:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-16 10:28 - 2012-02-14 08:32 - 00017920 _____ () C:\Users\Libor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-15 09:41 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-15 07:59 - 2012-01-02 11:31 - 00000000 ___RD () C:\Users\Libor\Virtual Machines
2014-05-15 07:55 - 2014-05-06 22:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:11 - 2013-08-14 21:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:09 - 2012-01-02 11:51 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 09:13 - 2012-04-03 10:46 - 00000000 ____D () C:\Users\Libor\Documents\Nahrávky zoom
2014-05-14 09:02 - 2012-01-29 17:55 - 00010240 _____ () C:\Users\Libor\Documents\Sporožiro.xls
2014-05-14 07:29 - 2012-08-31 07:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 07:29 - 2012-01-11 12:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 22:13 - 2013-09-14 01:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-05-11 07:43 - 2012-01-12 10:23 - 00000000 ____D () C:\Users\Libor\AppData\Local\Adobe
2014-05-10 20:33 - 2014-04-27 14:05 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 09:16 - 2013-09-22 07:57 - 00017681 ____H () C:\Users\Libor\Documents\Charakteristika.odt
2014-05-10 09:01 - 2013-05-02 07:46 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-10 07:59 - 2012-01-02 11:31 - 00000000 ____D () C:\Users\Libor
2014-05-09 09:06 - 2014-05-14 21:43 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-14 21:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieUserList
2014-05-07 20:01 - 2014-05-07 20:01 - 00000000 __SHD () C:\Users\Libor\AppData\Local\EmieSiteList
2014-05-06 05:25 - 2014-05-14 22:07 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-14 22:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-14 22:07 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-28 21:39 - 2009-07-14 06:53 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-28 07:38 - 2014-04-27 11:33 - 00000000 ____D () C:\Program Files\MozBackup
2014-04-27 20:52 - 2014-04-27 20:52 - 00013959 _____ () C:\ComboFix.txt
2014-04-27 20:52 - 2014-04-27 20:33 - 00000000 ____D () C:\Qoobox
2014-04-27 20:52 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-04-27 20:52 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-04-27 20:51 - 2014-04-27 20:32 - 00000000 ____D () C:\Windows\erdnt
2014-04-27 20:47 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-04-27 14:05 - 2014-04-27 14:05 - 00001123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-27 14:05 - 2014-04-27 14:05 - 00001111 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-27 14:04 - 2014-04-27 14:04 - 25043968 _____ (Mozilla) C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe
2014-04-27 11:32 - 2014-04-26 21:47 - 00000000 ____D () C:\Users\Libor\Documents\Stažené soubory
2014-04-26 21:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-26 21:19 - 2012-01-14 11:49 - 00000000 ___RD () C:\Program Files\Skype
2014-04-26 21:19 - 2012-01-11 11:57 - 00000000 ____D () C:\Program Files\Google
2014-04-26 20:19 - 2014-04-26 20:18 - 00024140 _____ () C:\Users\Libor\Downloads\Addition.txt
2014-04-25 19:47 - 2014-04-25 18:00 - 992073729 _____ () C:\Users\Libor\Downloads\zivot-po-zivote-2010-brrip-xvid-cz.avi
2014-04-24 20:58 - 2014-04-24 20:58 - 00020992 _____ () C:\Users\Libor\Downloads\vykaz.xls
2014-04-22 10:14 - 2014-04-22 10:14 - 00000000 ____D () C:\Users\Libor\Documents\eRightSoft
2014-04-22 10:14 - 2012-04-12 08:26 - 00001072 _____ () C:\Users\Public\Desktop\SUPER ©.lnk
2014-04-22 10:14 - 2012-04-12 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2014-04-22 10:14 - 2012-04-12 08:25 - 00000000 ____D () C:\Program Files\eRightSoft
2014-04-22 10:10 - 2014-04-22 10:10 - 64722251 _____ (eRightSoft ) C:\Users\Libor\Downloads\SUPERsetup.exe
2014-04-21 19:51 - 2014-04-21 19:51 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple Computer
2014-04-21 14:26 - 2014-04-21 14:26 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Apple Computer
2014-04-21 00:48 - 2012-01-16 11:22 - 00000000 ____D () C:\Users\Libor\AppData\Roaming\Media Player Classic
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Users\Libor\AppData\Local\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\ProgramData\Apple
2014-04-21 00:10 - 2014-04-21 00:10 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-20 23:55 - 2012-01-02 11:31 - 00000000 ____D () C:\Users\Libor\AppData\Local\VirtualStore
2014-04-19 08:17 - 2014-03-01 12:17 - 00000000 ____D () C:\Users\Libor\Documents\Otakárek
2014-04-18 17:52 - 2013-09-15 10:34 - 00000000 ____D () C:\Users\Libor\Desktop\David
2014-04-18 17:52 - 2012-05-01 18:00 - 00000000 ____D () C:\Users\Libor\Desktop\foto
2014-04-18 17:52 - 2012-04-29 09:39 - 00000000 ____D () C:\Users\Libor\Desktop\Terka

Some content of TEMP:
====================
C:\Users\Libor\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-14 21:43] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 11:21

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST (C:\Users\Libor\Downloads\FRST.exe)

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  SearchScopes: HKLM - DefaultScope value is missing.
  SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
  
  S2 WinRST; C:\Program Files\WinRST\WinRST.exe [X]
  C:\Program Files\WinRST
  
  S3 catchme; \??\C:\Users\Libor\AppData\Local\Temp\catchme.sys [X]
  
  2014-05-17 17:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
  2014-05-17 17:06 - 2014-05-17 17:08 - 01325827 _____ () C:\Users\Libor\Downloads\adwcleaner_3.208.exe
  2014-05-17 16:51 - 2014-05-17 17:10 - 00000646 _____ () C:\Windows\PFRO.log
  2014-05-17 16:34 - 2014-05-17 11:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-05-17 11:12 - 2014-05-17 16:52 - 00009785 _____ () C:\zoek-results.log
  2014-05-17 11:11 - 2014-05-17 15:20 - 00000000 ____D () C:\zoek_backup
  2014-05-17 11:11 - 2014-05-17 11:11 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
  2014-05-17 10:50 - 2014-05-17 17:21 - 00010363 _____ () C:\Users\Libor\Downloads\FRST.txt
  2014-05-17 17:21 - 2014-05-17 17:21 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST(1).exe
  2014-04-27 20:52 - 2014-04-27 20:52 - 00013959 _____ () C:\ComboFix.txt
  2014-04-27 20:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
  2014-04-27 20:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
  2014-04-27 20:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
  2014-04-27 20:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
  2014-04-27 20:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
  2014-04-27 20:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
  2014-04-27 20:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
  2014-04-27 20:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
  2014-04-27 20:33 - 2014-04-27 20:52 - 00000000 ____D () C:\Qoobox
  2014-04-27 14:04 - 2014-04-27 14:04 - 25043968 _____ (Mozilla) C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe
  
  2014-05-10 07:24 - 2014-05-17 17:11 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  2014-05-10 07:24 - 2014-05-17 16:29 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  2014-05-17 16:29 - 2014-04-29 09:31 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
  
  Hosts:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[libork]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:17-05-2014
Ran by Libor at 2014-05-18 08:09:43 Run:2
Running from C:\Users\Libor\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

S2 WinRST; C:\Program Files\WinRST\WinRST.exe [X]
C:\Program Files\WinRST

S3 catchme; \??\C:\Users\Libor\AppData\Local\Temp\catchme.sys [X]

2014-05-17 17:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-05-17 17:06 - 2014-05-17 17:08 - 01325827 _____ () C:\Users\Libor\Downloads\adwcleaner_3.208.exe
2014-05-17 16:51 - 2014-05-17 17:10 - 00000646 _____ () C:\Windows\PFRO.log
2014-05-17 16:34 - 2014-05-17 11:11 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-05-17 11:12 - 2014-05-17 16:52 - 00009785 _____ () C:\zoek-results.log
2014-05-17 11:11 - 2014-05-17 15:20 - 00000000 ____D () C:\zoek_backup
2014-05-17 11:11 - 2014-05-17 11:11 - 01285120 _____ () C:\Users\Libor\Downloads\zoek.exe
2014-05-17 10:50 - 2014-05-17 17:21 - 00010363 _____ () C:\Users\Libor\Downloads\FRST.txt
2014-05-17 17:21 - 2014-05-17 17:21 - 01056768 _____ (Farbar) C:\Users\Libor\Downloads\FRST(1).exe
2014-04-27 20:52 - 2014-04-27 20:52 - 00013959 _____ () C:\ComboFix.txt
2014-04-27 20:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-27 20:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-27 20:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-27 20:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-27 20:33 - 2014-04-27 20:52 - 00000000 ____D () C:\Qoobox
2014-04-27 14:04 - 2014-04-27 14:04 - 25043968 _____ (Mozilla) C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe

2014-05-10 07:24 - 2014-05-17 17:11 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-10 07:24 - 2014-05-17 16:29 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-17 16:29 - 2014-04-29 09:31 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

Hosts:
End
*****************

HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
WinRST => Service deleted successfully.
"C:\Program Files\WinRST" => File/Directory not found.
catchme => Service deleted successfully.
C:\Windows\system32\sqlite3.dll => Moved successfully.
C:\Users\Libor\Downloads\adwcleaner_3.208.exe => Moved successfully.
"C:\Windows\PFRO.log" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Libor\Downloads\zoek.exe => Moved successfully.
C:\Users\Libor\Downloads\FRST.txt => Moved successfully.
C:\Users\Libor\Downloads\FRST(1).exe => Moved successfully.
C:\ComboFix.txt => Moved successfully.
C:\Windows\PEV.exe => Moved successfully.
C:\Windows\MBR.exe => Moved successfully.
C:\Windows\NIRCMD.exe => Moved successfully.
C:\Windows\SWREG.exe => Moved successfully.
C:\Windows\SWSC.exe => Moved successfully.
C:\Windows\sed.exe => Moved successfully.
C:\Windows\grep.exe => Moved successfully.
C:\Windows\zip.exe => Moved successfully.
C:\Qoobox => Moved successfully.
C:\Users\Libor\Downloads\FirefoxSetup28.0cz.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[libork]

Díky moc, vypadá to už dobře

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat