Pro Vyosek. Děkuji za radu a pomoc

[takos]

Dobrý den, posílam log z FRST, jako minule jelikož to druhé hlásilo opět chybu. Mám takový proglém s vyskakujísími okny při zapnutí a používání Firefoxu. Jsou to okna se stránkymi na různé počítačové online hry. Jem možné se toho nějak zbavit. Zřejmě nějaký následek mého hraní podobných her no spíš určitě začalo to nějak potom. DĚKUJI

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01
Ran by sangoko (administrator) on TAKOS on 25-07-2014 16:03:31
Running from C:\Users\sangoko\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
( ) C:\Windows\System32\lxducoms.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bandwidth Meter.lnk
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe – zástupce.lnk
ShortcutTarget: thunderbird.exe – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.creativetoolbars.com/?src ... martbar&g=
SearchScopes: HKCU - {08DBECDA-5F3B-4B9F-9BCD-E74385D226EF} URL = http://search.creativetoolbars.com/resu ... earchTerms}
BHO: GoPhoto.it V9.0 -> {11111111-1111-1111-1111-110311401168} -> C:\Program Files\GoPhoto.it V9.0\GoPhoto.it V9.0-bho.dll (installdaddy)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
FF DefaultSearchEngine: Heuréka
FF SelectedSearchEngine: Heuréka
FF Homepage: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lingea.com/x-lingea-translate - C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll (Lingea s.r.o.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sangoko\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF user.js: detected! => C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\heurkacz.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\skipity-search.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\smartbar.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: GoPhoto.it V9.0 - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com [2014-07-14]
FF Extension: Download Youtube Videos + - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\video.downloader.plugin@ffpimp.com [2012-03-22]
FF Extension: BlackFox V2-Blue - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\zigboom.designs@gmail.com [2014-07-01]
FF Extension: FT DeepDark - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-19]
FF Extension: DownloadHelper - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: FoxLingo - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49) [2012-09-02]
FF Extension: Google Translator for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\translator@zoli.bod.xpi [2012-10-23]
FF Extension: Walnut for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2011-07-13]
FF Extension: DownThemAll! - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

Chrome:
=======
CHR DefaultSearchKeyword: bechiro s.l.
CHR DefaultSearchProvider: Search the web (CT)
CHR DefaultSearchURL: http://search.creativetoolbars.com/resu ... earchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Dokumenty Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-09]
CHR Extension: (Disk Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-09]
CHR Extension: (YouTube) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-09]
CHR Extension: (Vyhledávání Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-09]
CHR Extension: (Plus-HD-V1.1) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbhbgeekdjepnnknnbmpnkidcifbfof [2014-07-09]
CHR Extension: (Peněženka Google) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-09]
CHR Extension: (Gmail) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-29]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-29] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (http://www.BitComet.com)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-06] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [98984 2008-05-24] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [594600 2008-05-24] ( )
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-06-28] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-29] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-29] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-04-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-29] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-09-06] (BVRP Software) [File not signed]
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2008-06-01] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation) [File not signed]
S3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [113920 2007-02-22] (TOSHIBA CORPORATION) [File not signed]
S3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2006-11-20] (TOSHIBA Corporation) [File not signed]
S1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [73728 2007-03-01] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53376 2007-01-22] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41344 2007-02-28] (TOSHIBA CORPORATION) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S2 cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 16:03 - 2014-07-25 16:04 - 00023112 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:02 - 2014-07-25 16:03 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:55 - 2014-07-25 15:57 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:16 - 2014-07-25 11:17 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-16 16:47 - 2014-07-04 15:33 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2014-07-16 13:44 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2010-08-02 20:57 - 00217088 ____N (brother) C:\Windows\system32\NSSearch.dll
2014-07-15 21:59 - 2010-05-10 10:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\system32\BRRBTOOL.EXE
2014-07-15 21:59 - 2010-04-02 07:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\system32\BRLM03A.DLL
2014-07-15 21:59 - 2010-03-15 19:56 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-07-15 21:59 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-07-15 21:59 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll
2014-07-15 21:59 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-07-15 21:59 - 2005-01-17 09:10 - 00045056 _____ () C:\Windows\system32\BRTCPCON.DLL
2014-07-15 21:59 - 2004-08-09 09:00 - 00000114 _____ () C:\Windows\system32\BRLMW03A.INI
2014-07-15 21:59 - 2004-08-09 08:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRLMW03A.DLL
2014-07-15 21:59 - 1999-10-26 18:00 - 00000050 _____ () C:\Windows\system32\BRADM10A.DAT
2014-07-15 21:58 - 2014-07-15 22:04 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 11:34 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-11 11:34 - 2014-07-11 15:41 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-10 08:30 - 2014-07-10 20:41 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-09 15:41 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 15:41 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 15:41 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 15:40 - 2014-05-28 09:08 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 15:40 - 2014-05-28 09:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-09 15:40 - 2014-05-28 09:04 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 06023168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 11082752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 15:40 - 2014-05-28 09:02 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 15:40 - 2014-05-28 09:00 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-07-09 15:40 - 2014-05-28 07:26 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-09 15:40 - 2014-05-28 05:44 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 15:40 - 2014-05-28 05:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 15:40 - 2014-05-28 05:42 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 15:40 - 2014-05-28 05:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 20:22 - 2014-07-06 22:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 19:36 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:34 - 2014-07-25 13:34 - 00001466 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
2014-07-06 19:34 - 2014-07-25 13:34 - 00001388 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00003448 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00003110 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
2014-07-06 19:33 - 2014-07-25 13:33 - 00002190 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
2014-07-06 19:33 - 2014-07-06 19:33 - 00000000 ____D () C:\Program Files\Plus-HD-V1.1
2014-07-06 19:31 - 2014-07-06 22:49 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-04 22:15 - 2014-07-25 11:18 - 00001430 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
2014-07-04 22:15 - 2014-07-25 11:18 - 00001416 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
2014-07-04 22:14 - 2014-07-25 13:38 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-04 22:14 - 2014-07-25 11:18 - 00002162 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
2014-07-04 22:14 - 2014-07-25 11:18 - 00001322 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00003794 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00001536 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
2014-07-04 22:14 - 2014-07-25 11:17 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-04 22:14 - 2014-07-04 22:15 - 00000000 ____D () C:\Program Files\GoPhoto.it V9.0
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Users\sangoko\AppData\Local\globalUpdate
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\globalUpdate

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-25 16:04 - 2014-07-25 16:03 - 00023112 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:03 - 2014-07-25 16:02 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:58 - 2014-06-17 11:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 15:57 - 2014-07-25 15:55 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 15:53 - 2014-06-22 06:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
2014-07-25 15:17 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-25 15:17 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-25 14:09 - 2014-05-30 16:57 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2014-07-25 13:38 - 2014-07-04 22:14 - 00000906 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-25 13:34 - 2014-07-06 19:34 - 00001466 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
2014-07-25 13:34 - 2014-07-06 19:34 - 00001388 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00003448 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00003110 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
2014-07-25 13:33 - 2014-07-06 19:33 - 00002190 _____ () C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
2014-07-25 12:50 - 2012-06-17 00:46 - 01455638 _____ () C:\Windows\WindowsUpdate.log
2014-07-25 11:58 - 2014-06-17 11:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-25 11:26 - 2010-06-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 11:25 - 2008-02-22 08:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:18 - 2014-07-04 22:15 - 00001430 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
2014-07-25 11:18 - 2014-07-04 22:15 - 00001416 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
2014-07-25 11:18 - 2014-07-04 22:14 - 00002162 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
2014-07-25 11:18 - 2014-07-04 22:14 - 00001322 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
2014-07-25 11:18 - 2009-12-07 16:32 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-25 11:17 - 2014-07-25 11:16 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-25 11:17 - 2014-07-04 22:14 - 00003794 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
2014-07-25 11:17 - 2014-07-04 22:14 - 00001536 _____ () C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
2014-07-25 11:17 - 2014-07-04 22:14 - 00000902 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-07-25 11:17 - 2011-01-12 23:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-25 11:17 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-25 01:06 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-25 01:05 - 2011-01-17 21:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-25 01:05 - 2006-11-02 15:01 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 01:03 - 2012-07-27 13:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\CrashDumps
2014-07-23 20:53 - 2013-11-17 15:27 - 00000000 ____D () C:\temp
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadrax V
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\Program Files\Quadrax V
2014-07-22 12:32 - 2013-10-03 16:43 - 00031161 _____ () C:\Users\sangoko\Desktop\Mag. Ventil obchod.ods
2014-07-20 00:18 - 2013-05-24 14:11 - 00000000 ___RD () C:\Users\sangoko\Desktop\SRO
2014-07-20 00:16 - 2014-01-22 20:59 - 00000000 ____D () C:\Users\sangoko\Desktop\Stahování
2014-07-19 23:45 - 2012-08-07 16:37 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Posta
2014-07-17 17:46 - 2014-06-10 12:49 - 00000000 ____D () C:\Users\sangoko\Desktop\kalendáře
2014-07-16 23:08 - 2012-09-30 17:44 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\vlc
2014-07-16 22:18 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-16 22:18 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-16 22:15 - 2008-01-17 15:39 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Adobe
2014-07-16 13:44 - 2014-07-16 11:55 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2009-08-30 23:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\ABBYY
2014-07-16 11:54 - 2010-01-10 22:26 - 00000000 ____D () C:\ProgramData\ABBYY
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 22:04 - 2014-07-15 21:58 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 22:00 - 2008-01-17 15:01 - 00000000 ____D () C:\Users\sangoko
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2007-04-27 09:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 15:53 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\IcoFX2X
2014-07-11 15:41 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-11 10:55 - 2008-02-22 09:33 - 00000000 ___RD () C:\Users\sangoko\Obrásky
2014-07-11 06:53 - 2014-06-22 06:48 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2014-07-10 20:41 - 2014-07-10 08:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 13:07 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 09:46 - 2006-11-02 12:33 - 01558484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-10 08:23 - 2013-07-11 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:08 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-09 15:38 - 2008-02-16 21:02 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Google
2014-07-09 15:37 - 2008-02-16 21:02 - 00000000 ____D () C:\Program Files\Google
2014-07-09 13:00 - 2014-02-25 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-07 00:02 - 2011-03-24 02:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-07-06 23:05 - 2011-03-24 02:13 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-07-06 22:54 - 2014-07-06 20:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 22:49 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-06 20:22 - 2012-06-20 22:49 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-06 20:22 - 2012-06-20 22:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:33 - 2014-07-06 19:33 - 00000000 ____D () C:\Program Files\Plus-HD-V1.1
2014-07-04 22:15 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\GoPhoto.it V9.0
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Users\sangoko\AppData\Local\globalUpdate
2014-07-04 22:14 - 2014-07-04 22:14 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-04 15:33 - 2014-07-16 16:47 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-01 13:02 - 2014-05-07 11:52 - 00034519 _____ () C:\Users\Public\Documents\2 čtvrdletí.ods
2014-06-27 19:26 - 2014-06-06 14:05 - 00000000 ____D () C:\Users\sangoko\Desktop\účetní faktury

Files to move or delete:
====================
C:\ProgramData\ezsid.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job => C:\Program Files\Plus-HD-V1.1\Plus-HD-V1.1-codedownloader.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-11.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-3.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-4.exe
Task: C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job => C:\Program Files\Plus-HD-V1.1\5e41a931-2299-4d21-906a-71c1eea6d628-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job => C:\Program Files\GoPhoto.it V9.0\GoPhoto.it V9.0-codedownloader.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.exe
Task: C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job => C:\Program Files\GoPhoto.it V9.0\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => C:\Windows\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\sangoko\Desktop" je 380 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fences
"C:\Program Files\Stardock\Fences\Fences.exe" /startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nexus Radio
C:\Program Files\Nexus Radio\Nexus Radio.exe -0 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management
%windir%\WindowsMobile\wmdc.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SymmTime.lnk
C:\PROGRA~1\SYMMET~1\SymmTime\GeTTime.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[takos]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by sangoko on p  25.07.2014 at 21:34:14,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yuna software
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034068.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034068.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034068.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0034068.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110311401168}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322402268}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550355405568}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366406668}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440344404468}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034068.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034068.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034068.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0034068.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550355405568}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366406668}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440344404468}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311401168}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311401168}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311401168}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{08DBECDA-5F3B-4B9F-9BCD-E74385D226EF}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\sangoko\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\sangoko\appdata\locallow\sweetim"
Successfully deleted: [Folder] "C:\Program Files\sweetim"
Successfully deleted: [Folder] "C:\Program Files\yuna software"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{04C7AD99-ABF0-41B6-B873-0F2DC3545D62}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{088B0D15-E62F-40D1-B235-8CF740FA9274}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{0A233183-72C2-4CED-806D-2306D9BC6AA2}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{0A5E7A7E-D484-4C88-BBB2-C9EC224E86D6}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{0B2B609C-9CB5-4049-B6F7-8334444A029B}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{0CE82C64-C093-4376-8923-E697843E8C00}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{175CC3AC-4D5F-4DAE-A293-19ABDEB371B3}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{18E3A018-670B-4515-922F-379FD32F73A4}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{234940B5-8E97-4EC2-AFC3-3B1BAC931498}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{24758110-854D-45F2-B24D-58D3AC74F90D}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{311D7A77-B2D6-41AE-9107-178E97E3DE22}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{32A7D52D-5EF7-4C96-8A63-773D6685E075}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{32D3D5C2-A23D-4600-9752-ED69F846F179}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{3C457420-EC2F-4CD7-AB63-5BD292292B7B}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{3ED4738F-89A3-403D-B03B-788DB303E104}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{43495ABA-D88D-4762-A6A1-D27D5B0BB6C0}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{4506AC96-57E7-45B1-97A8-2AD8B6E5E9F5}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{52FEDA5C-F27C-4FEA-B1CB-931E8AB9307B}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{5569C0DB-8974-4FD5-A532-1B4793B15295}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{5A274DFF-C4EE-4F4D-A098-CD0039D44BF7}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{60D9D8AB-ABC7-48F9-AA44-F0CF1A605B80}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{62CE2205-D88A-4B12-A7E3-D8F8BAD4C2BD}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{67425253-7BCD-4117-A0E8-315F0A2513BE}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{6DBF7AFF-C80B-4E11-B6E5-56E576F49774}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{7483A57F-5D43-4955-A3DE-1573768C15D0}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{76F7CE37-2936-43EE-8705-CF7084EE2573}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{77FA8AEE-124B-443C-BF76-790B3377EDA7}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{7C1A0CD1-F3FA-422E-85E9-88D40CF7FBDA}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{815268DB-39BA-49DB-9231-29A85CFA3FEF}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{8FD3E09D-BD68-439A-83AA-381B92629F8B}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{93F140A2-C393-4BFE-A78F-4ED413A4AACE}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{95211627-A502-423A-9C25-3494C54CF1A0}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{98414844-8C41-4B1F-B9E8-D45239FA1671}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{99398BB7-8A7F-41D3-908F-0880251E6D8F}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{9FA06B2B-3C82-4263-8CF0-9E06C1BBC0EA}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{A7AB7E67-8567-4416-ABF7-BF87061F653F}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{B4C8EB24-CF8F-4FD1-9A10-DB19E0102F52}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{B6725A7E-0BF2-4BF9-AAD8-028AB926D290}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{B72128F6-518B-4F1F-8920-648D5BB66E2F}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{BBE10034-A051-4AFE-A2B9-8C10322C9FEF}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{C8583FF9-739E-4ED4-9ADC-F12DFD9E3748}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{C9BAA2D4-849B-4A49-B700-BDB7B091482E}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{C9F31D11-AFA5-477E-8E47-C3DEC2AAAC4A}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{D06852A6-FBC7-4036-A20E-F7F2540E11B6}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{DECCD40E-ABEF-4319-B8C1-EE6B2E075836}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{DEE4D48C-DF9B-46FD-8966-124C486F55C3}
Successfully deleted: [Empty Folder] C:\Users\sangoko\appdata\local\{EA7E03DC-6F2E-43B5-B2D3-2239FEE8270D}



~~~ FireFox

Successfully deleted: [File] C:\Users\sangoko\AppData\Roaming\mozilla\firefox\profiles\qu52wjqv.default\user.js
Successfully deleted: [File] C:\Users\sangoko\AppData\Roaming\mozilla\firefox\profiles\qu52wjqv.default\searchplugins\websearch.xml
Successfully deleted the following from C:\Users\sangoko\AppData\Roaming\mozilla\firefox\profiles\qu52wjqv.default\prefs.js

user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_meta.value", "%7B%22zoom.js%22%3A%7B%22id%22%3A59315
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593157.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593158.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593159.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593161.value", "%22data%3Aimage/png%3Bbase6
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.name", "GoPhoto.it V9.0");
user_pref("extensions.crossrider.bic", "1470303c66fcdc9ea78315ef3dee859f");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("extensions.smartbar.admin", false);
user_pref("extensions.smartbar.aflt", "orgnl");
user_pref("extensions.smartbar.appId", "{C5E5951A-4ADD-4402-8A8E-EF97DCB9D8EC}");
user_pref("extensions.smartbar.autoRvrt", "false");
user_pref("extensions.smartbar.dfltLng", "");
user_pref("extensions.smartbar.dfltSrch", true);
user_pref("extensions.smartbar.dnsErr", true);
user_pref("extensions.smartbar.excTlbr", false);
user_pref("extensions.smartbar.hmpg", true);
user_pref("extensions.smartbar.hmpgUrl", "hxxp://search.creativetoolbars.com/?src=hp&id=smartbar&g=");
user_pref("extensions.smartbar.hpOld0", "hxxps://www.google.cz/");
user_pref("extensions.smartbar.id", "04976673000000000000001cbf4c4a3a");
user_pref("extensions.smartbar.instlDay", "16263");
user_pref("extensions.smartbar.instlRef", "");
user_pref("extensions.smartbar.kw_url", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
user_pref("extensions.smartbar.newTab", true);
user_pref("extensions.smartbar.newTabUrl", "hxxp://search.creativetoolbars.com/?src=nt&id=smartbar&g=");
user_pref("extensions.smartbar.prdct", "smartbar");
user_pref("extensions.smartbar.prtnrId", "bechiro");
user_pref("extensions.smartbar.rvrt", "false");
user_pref("extensions.smartbar.smplGrp", "mm");
user_pref("extensions.smartbar.srchPrvdr", "Search the web (CT)");
user_pref("extensions.smartbar.tlbrId", "smartbar");
user_pref("extensions.smartbar.tlbrSrchUrl", "hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q=");
user_pref("extensions.smartbar.vrsn", "1.8.8.12");
user_pref("extensions.smartbar.vrsnTs", "1.8.8.1223:45:03");
user_pref("extensions.smartbar.vrsni", "1.8.8.12");
user_pref("extensions.vidbar.search_searchbox_welcomeshown", true);
user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
user_pref("extentions.y2layers.installId", "7393ecf2-8aed-4d94-9f96-3c55f122eb9e");
Emptied folder: C:\Users\sangoko\AppData\Roaming\mozilla\firefox\profiles\qu52wjqv.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  25.07.2014 at 21:40:47,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[takos]

# AdwCleaner v3.216 - Report created 25/07/2014 at 21:49:03
# Updated 17/07/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : sangoko - TAKOS
# Running from : C:\Users\sangoko\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\GoPhoto.it V9.0
Folder Deleted : C:\Program Files\Plus-HD-V1.1
Folder Deleted : C:\Users\sangoko\AppData\Local\globalUpdate
Folder Deleted : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default\ICQToolbarData
Folder Deleted : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\ICQToolbarData
Folder Deleted : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com
Folder Deleted : C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkbhbgeekdjepnnknnbmpnkidcifbfof
File Deleted : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\smartbar.xml
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
File Deleted : C:\Windows\System32\Tasks\YourFile Update
File Deleted : C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1.job
File Deleted : C:\Windows\System32\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-1
File Deleted : C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11.job
File Deleted : C:\Windows\System32\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-11
File Deleted : C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3.job
File Deleted : C:\Windows\System32\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-3
File Deleted : C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4.job
File Deleted : C:\Windows\System32\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-4
File Deleted : C:\Windows\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5.job
File Deleted : C:\Windows\System32\Tasks\5e41a931-2299-4d21-906a-71c1eea6d628-5
File Deleted : C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1.job
File Deleted : C:\Windows\System32\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-1
File Deleted : C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11.job
File Deleted : C:\Windows\System32\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-11
File Deleted : C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2.job
File Deleted : C:\Windows\System32\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-2
File Deleted : C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4.job
File Deleted : C:\Windows\System32\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-4
File Deleted : C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5.job
File Deleted : C:\Windows\System32\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5
File Deleted : C:\Windows\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user.job
File Deleted : C:\Windows\System32\Tasks\ff4d02a0-b803-4ecf-bf2a-1dc2a7aea601-5_user

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E83B7E8-F2D4-49B2-AFCF-A048DE8DFFAD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E83B7E8-F2D4-49B2-AFCF-A048DE8DFFAD}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{804CC14A-10CA-4FE8-ADB2-F4C014B009A1}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{804CC14A-10CA-4FE8-ADB2-F4C014B009A1}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2548C29-131A-4180-8650-1AC9D7B0F222}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2548C29-131A-4180-8650-1AC9D7B0F222}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43CCA907-B9E5-490D-820A-BBC97A3DB570}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43CCA907-B9E5-490D-820A-BBC97A3DB570}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B557192-12A4-441C-AE5C-D170A9FC6D1F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42D17A14-06E3-4347-9C88-23049EDC489A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B557192-12A4-441C-AE5C-D170A9FC6D1F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{42D17A14-06E3-4347-9C88-23049EDC489A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DAD9A0E-0D72-4B06-AD3F-AA3F67C181D5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DAD9A0E-0D72-4B06-AD3F-AA3F67C181D5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D96F49E7-69C0-44A3-A698-C43208A62E53}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D96F49E7-69C0-44A3-A698-C43208A62E53}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F48CB284-1D1B-4201-82F8-D37C4A89C06A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F48CB284-1D1B-4201-82F8-D37C4A89C06A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2AF63CB6-6B1B-4A59-B5ED-C0096B04DC77}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{290032B0-D66D-4E9A-8603-9239B41D638F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AF63CB6-6B1B-4A59-B5ED-C0096B04DC77}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{290032B0-D66D-4E9A-8603-9239B41D638F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A92ADBC0-6F51-4211-A59A-98B79DA0DD0B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A92ADBC0-6F51-4211-A59A-98B79DA0DD0B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2E5C1DB-405A-4107-816F-6EBE47B6F958}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2E5C1DB-405A-4107-816F-6EBE47B6F958}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6ED978DC-1972-4CF4-AE7F-5C031E9C916C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ED978DC-1972-4CF4-AE7F-5C031E9C916C}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9075D21C-E9E1-4517-9BB8-7CB4C1FEA20B}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9075D21C-E9E1-4517-9BB8-7CB4C1FEA20B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19543


-\\ Mozilla Firefox v30.0 (cs)

[ File : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default\prefs.js ]


[ File : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\prefs.js ]

Line Deleted : user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1,6,2,48,{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.23,illimitux@illimitux.net:4.0,{a6e4a4eb-d169[...]
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "tj");
Line Deleted : user_pref("extensions.helperbar.date", "b0810");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "pb2");
Line Deleted : user_pref("extensions.helperbar.installationid", "47980f68-ce47-44a0-9ff5-75a9b95c7f2f");
Line Deleted : user_pref("extensions.helperbar.installdate", "10/08/2013");
Line Deleted : user_pref("extensions.helperbar.ppctid", "mpls_lin");
Line Deleted : user_pref("extensions.helperbar.publisher", "messengerplus");
Line Deleted : user_pref("extensions.helperbar.uid", "586ee677");
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "%C4%8E%C3%A1bel||Zrychlen%C3%AD%20po%C4%8D%C3%ADta%C4%8De||Zrichlen%C3%AD%20po%C4%8D%C3%ADta%C4%8De||vypnut%C3%AD%20rezidentn%C3%AD%20%C5%A1t%C3%ADt%20Avast||rezidentn[...]
Line Deleted : user_pref("icqtoolbar.installTime", "1275852770");
Line Deleted : user_pref("icqtoolbar.itbsitescount", 0);
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "3.5.15");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "126535633712653557371265620153196");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1289584359);
Line Deleted : user_pref("icqtoolbar.version", "1.1.5");
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms}

*************************

AdwCleaner[R0].txt - [13847 octets] - [25/07/2014 21:45:22]
AdwCleaner[S0].txt - [13770 octets] - [25/07/2014 21:49:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13831 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[takos]

Zoek.exe v5.0.0.0 Updated 24-07-2014
Tool run by sangoko on p  25.07.2014 at 23:25:01,69.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\sangoko\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

25.7.2014 23:28:38 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ABDE892B-13A8-4d1b-88E6-365A6E755758} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\sangoko\AppData\Roaming\CometNetwork\CometBird\Profiles\kcqpswsb.default\prefs.js:

Added to C:\Users\sangoko\AppData\Roaming\CometNetwork\CometBird\Profiles\kcqpswsb.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =937811&p=");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =937811&p=");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=green ... =937811&p=");

Added to C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");
user_pref("browser.search.defaulturl", "");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Heuréka");
user_pref("browser.search.selectedEngine", "Heuréka");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\3439qlss.default\prefs.js:

Added to C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\3439qlss.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\otivnisf.Takosthun\prefs.js:

Added to C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\otivnisf.Takosthun\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\sangoko\AppData\Roaming\CometNetwork\CometBird\Profiles\kcqpswsb.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2347_.backup

ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2347_.backup

ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default

user.js not found
---- Lines gophoto.it removed from prefs.js ----
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.name", "GoPhoto.it V9.0");
---- Lines a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068 removed from prefs.js ----
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.active", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.addressbar", "NA");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.addressbarenhanced", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.asyncdb.was_copied", "true");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.asyncdb_dbWasSet", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.asyncinternaldb.was_copied", "true");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.backgroundver", 108);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.certdomaininstaller", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.au.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.au.value", "%222014-7-25%22");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.cm_page_views.expiration", "Sat Jul 26 20
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.cm_page_views.value", "17");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.cnt.expiration", "Fri Feb 01 2030 00:00:0
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.cnt.value", "%22CZ%22");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.first_run.expiration", "Fri Feb 01 2030 0
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.first_run.value", "%221%22");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.install.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.install.value", "%222014-7-4%22");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.InstallationTime.value", "%221404504841%2
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.mt_dte.expiration", "Fri Feb 01 2030 00:0
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.mt_dte.value", "25");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.mtLimit.expiration", "Fri Feb 01 2030 00:
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.mtLimit.value", "5");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.partner_last_seen.expiration", "Fri Feb 0
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.partner_last_seen.value", "1406316709975"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.pstm.expiration", "Fri Feb 01 2030 00:00:
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.pstm.value", "1406282377718");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.testingGaq.expiration", "Fri Feb 01 2030
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.cookie.testingGaq.value", "%22https%3A//extclick
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.description", "Images Zoom Extension");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.domain", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.enablesearch", false);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.homepage", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.changeprevious", false);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.iframe", false);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.InstallationThankYouPage", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.InstallationTime", 1404504841);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb._installer_additional_info.expiration
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb._installer_additional_info.value", "%
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin__disable_bi_pixel
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_regBundledWithSof
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.monetization_plugin_regBundledWithSof
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_appVer.value", "265");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_lastVersion.value", "38");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_nextCheck.expiration", "Sat
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593152.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593154.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593154.value", "%2
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593156.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593156.value", "%2
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593157.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593158.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593159.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593160.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593160.value", "%2
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.internaldb.Resources_resource_593161.expiration"
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.lastDailyReport", "1406316691947");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.lastUpdate", "1406316692759");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.manifesturl", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.newtab", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.opensearch", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.pluginsurl", "http://js.infodatacloud.com/plugin
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.pluginsversion", 193);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.publisher", "Joseph CM");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.searchstatus", 0);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.setnewtab", false);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.thankyou", "");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.updateinterval", 360);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.34068.ver", 265);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.apps", "34068");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.bic", "1470303c66fcdc9ea78315ef3dee859f");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.cid", 34068);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.firstrun", false);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.hadappinstalled", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.installationdate", 1404504885);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.installerAdditionalInfo", "{\"asw\":[2, 4, 0]}");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.modetype", "production");
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.reportInstall", true);
user_pref("extensions.a2ea36bf108774aaa882cff78f7d9d95cdfb1672d116a4eb48be044786bd1d3ddcom34068.statsDailyCounter", 36);
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2347_.backup

ProfilePath: C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\3439qlss.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2347_.backup

ProfilePath: C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\otivnisf.Takosthun

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_25.07.2014_2347_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{755AC846-7372-4AC8-8550-C52491DAA8BD} deleted
C:\Users\sangoko\.android deleted
C:\found.000 deleted
C:\PROGRA~2\defraggler_list.txt deleted
C:\PROGRA~2\UpdaterLog.txt deleted
C:\PROGRA~2\ezsid.dat deleted
C:\Users\sangoko\Searches deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default\searchplugins\icq-search.xml deleted
C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\skipity-search.xml deleted
C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\jetpack deleted
C:\Users\sangoko\AppData\Roaming\CometNetwork\CometBird\Profiles\kcqpswsb.default\extensions\2ea36bf1-0877-4aaa-882c-ff78f7d9d95c@dfb1672d-116a-4eb4-8be0-44786bd1d3dd.com deleted
"C:\Windows\Installer\633c2.msi" deleted
"C:\Windows\Installer\640258.msi" deleted
"C:\Program Files\Microsoft Research\Image Composite Editor\ShellExtension.dll" deleted
"C:\Users\sangoko\AppData\Roaming\DivX" deleted
"C:\Program Files\Microsoft Research" not deleted
"C:\Program Files\Microsoft Research\Image Composite Editor" not deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [11.07.2009 13:38]

==== Firefox Extensions ======================

ProfilePath: C:\Users\sangoko\AppData\Roaming\CometNetwork\CometBird\Profiles\kcqpswsb.default
- Undetermined - C:\Program Files\CometBird\extensions\bookmarks@cometmarks.com
- Undetermined - C:\Program Files\CometBird\extensions\ctrl-tab@design-noir.de
- Undetermined - C:\Program Files\CometBird\extensions\{567F62D2-2162-43fe-A573-E5620D0934B2}
- Undetermined - C:\Program Files\CometBird\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
- Undetermined - C:\Program Files\CometBird\extensions\{F5CEF9AD-F6AF-4b69-AB6D-936BF6BCB6D7}

ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
- Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
- Download Youtube Videos - %ProfilePath%\extensions\video.downloader.plugin@ffpimp.com
- BlackFox V2-Blue - %ProfilePath%\extensions\zigboom.designs@gmail.com
- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- FoxLingo - %ProfilePath%\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49)
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Walnut pour Firefox em:descriptionWalnut pour Firefox bas sur des icnes de art.gnome.org. Inclut le support de DOM inspector downloadstatusbar QuickNote Offline Googlebar tabsidebar Stylish adblockplus DataManager Flagfox Forecast Weather Hide Caption ViewAbout TabMixPlus AllInOneSidebar StumbleUpon et Favicon Restorer. - %ProfilePath%\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi
- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

ProfilePath: C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\3439qlss.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla(60).org
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- PitchDark - %ProfilePath%\extensions\{42b649d0-62e0-11da-8cd6-0800200c9a66}(54)
- TT DeepDark - %ProfilePath%\extensions\{9ed238c0-af95-11e0-9f1c-0800200c9a66}
- Provider for Google Calendar - %ProfilePath%\extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}(61)
- Contact Tabs - %ProfilePath%\extensions\contacttabs@janek.org.xpi
- Identity Chooser - %ProfilePath%\extensions\identitychooser@janek.org.xpi
- Noia Fox : Options - %ProfilePath%\extensions\NoiaFoxoption@davidvincent.tld.xpi
- Firesizer - %ProfilePath%\extensions\{04426594-bce6-4705-b811-bcdba2fd9c7b}.xpi
- Signature Switch - %ProfilePath%\extensions\{2ab1b709-ba03-4361-abf9-c50b964ff75d}.xpi
- Zindus - %ProfilePath%\extensions\{ad7d8a66-253b-11dc-977c-000c29a3126e}.xpi
- Folderpane Tools - %ProfilePath%\extensions\{b243fe83-b8a7-47de-855d-21d865243d5d}.xpi
- Duplicate Contact Manager - %ProfilePath%\extensions\{b4447f60-db9c-11da-a94d-0800200c9a66}.xpi
- Walnut for Thunderbird - %ProfilePath%\extensions\{F3A60010-0E28-4503-B4AA-0E5F90275F77}.xpi

ProfilePath: C:\Users\sangoko\AppData\Roaming\Thunderbird\Profiles\otivnisf.Takosthun
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\3mj5glef.default
7E2D27E69DB43372D3E4A5AAB460839E - C:\Program Files\Java\jre1.6.0\bin\npoji610.dll - Java(TM) Platform SE 6
A0F84B2A1901E47A625FE6E68EF4053E - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll - Java(TM) Platform SE 6
BDCBF4B24FD75FA60EC3D63A44931A4C - C:\Program Files\Java\jre1.6.0\bin\npjava32.dll - Java(TM) Platform SE 6
12A3739BF8F009CBAAB8385B1C305984 - C:\Program Files\Java\jre1.6.0\bin\npjava14.dll - Java(TM) Platform SE 6
A0BD34FD615376F2771E19222F75292A - C:\Program Files\Java\jre1.6.0\bin\npjava13.dll - Java(TM) Platform SE 6
67D3C2127297D14C759E9F6D93D83424 - C:\Program Files\Java\jre1.6.0\bin\npjava12.dll - Java(TM) Platform SE 6
32F88908E51798B6EBFD7BC2CFAAEEBC - C:\Program Files\Java\jre1.6.0\bin\npjava11.dll - Java(TM) Platform SE 6
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
9BF72FD24E4656C41394714A880F8FD4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
1A3AB578D9F4F130885B0CC0CE66D162 - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll - getPlusPlus for Adobe 16248
E93467C5327C2760FCAB2B4670847496 - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll - DivX Player Netscape Plugin
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
7A47ED13C26BC229D692738816214A1E - C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll - BitCometAgent

Profilepath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
738C29EAC995029E13333034C1402F56 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll - Shockwave Flash
FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update
C10124951491578DDFDF44B33CA41C6F - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
CE936F5D5A19A82627DBC3381658CD2F - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.1.0.30716.0.dll - Silverlight Plug-In
893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
025BBEF5A248B09BDC6684747F6EB5BC - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U55
290A0130C74ADCD4546BC6900D1665D9 - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.550.14
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
AC987EE8037531807C5D7E6217A23501 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
EB41064BC07017F5694CF16B4DEF6B10 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
9BF72FD24E4656C41394714A880F8FD4 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
C88AD17DB0140CFD4DD3B44BACAAE9E5 - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll - Nokia Suite Enabler Plugin
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[29.04.2014 10:20]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\ECE53735164E0DF47B24323A2534D6A3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{53735ECE-E461-4FD0-B742-23A352436D3A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-V1.1 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ECE53735164E0DF47B24323A2534D6A3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fences deleted successfully

==== Empty IE Cache ======================

C:\Users\sangoko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\sangoko\AppData\Local\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sangoko\AppData\Local\VirtualStore\Windows\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sangoko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\sangoko\AppData\Local\Mozilla\Firefox\Profiles\qu52wjqv.default\Cache emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\kk7m7t3t.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=148 folders=34 5876765 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\sangoko\AppData\Local\temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\sangoko\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\sangoko\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Program Files\Microsoft Research" not found

==== EOF on so 26.07.2014 at 0:38:01,89 ======================

[vyosek]

Poprosim o novy log z FRST

[takos]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:24-07-2014 01
Ran by sangoko (administrator) on TAKOS on 27-07-2014 00:18:20
Running from C:\Users\sangoko\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
( ) C:\Windows\System32\lxducoms.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bandwidth Meter.lnk
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe – zástupce.lnk
ShortcutTarget: thunderbird.exe – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lingea.com/x-lingea-translate - C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll (Lingea s.r.o.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\sangoko\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\heurkacz.xml
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Download Youtube Videos + - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\video.downloader.plugin@ffpimp.com [2012-03-22]
FF Extension: BlackFox V2-Blue - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\zigboom.designs@gmail.com [2014-07-01]
FF Extension: FT DeepDark - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-06-19]
FF Extension: DownloadHelper - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: FoxLingo - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49) [2012-09-02]
FF Extension: Google Translator for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\translator@zoli.bod.xpi [2012-10-23]
FF Extension: Walnut for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2011-07-13]
FF Extension: DownThemAll! - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-29] (AVAST Software)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [98984 2008-05-24] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [594600 2008-05-24] ( )
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-06-28] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-04-29] ()
R0 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-29] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-04-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-04-29] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-09-06] (BVRP Software) [File not signed]
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2008-06-01] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation) [File not signed]
S3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [113920 2007-02-22] (TOSHIBA CORPORATION) [File not signed]
S3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2006-11-20] (TOSHIBA Corporation) [File not signed]
S1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [73728 2007-03-01] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53376 2007-01-22] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41344 2007-02-28] (TOSHIBA CORPORATION) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2008-07-26] (OpenLibSys.org)
S3 ApfiltrService; system32\DRIVERS\Apfiltr.sys [X]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S2 cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 ivusb; system32\DRIVERS\ivusb.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
S3 TpChoice; system32\DRIVERS\TpChoice.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 21:22 - 2014-07-26 21:28 - 146058808 _____ (ThinkBuzan) C:\Users\sangoko\Desktop\imindmap7_windows_7.1.1.exe
2014-07-26 19:42 - 2014-07-26 19:43 - 00001606 _____ () C:\Windows\setupact.log
2014-07-26 19:42 - 2014-07-26 19:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 19:01 - 2014-07-26 19:01 - 00009828 _____ () C:\Users\sangoko\Desktop\Firemní auta.odt
2014-07-26 17:41 - 2014-07-26 17:41 - 00013932 _____ () C:\Users\sangoko\Desktop\Projektant dopis.odt
2014-07-26 16:08 - 2014-07-26 16:08 - 00161214 _____ () C:\Users\sangoko\Desktop\Pavel Kopřiva .mup
2014-07-26 12:35 - 2014-07-26 20:59 - 00000000 ____D () C:\Users\sangoko\Desktop\Království nebeské
2014-07-25 23:51 - 2014-07-25 23:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-25 23:28 - 2014-07-26 00:38 - 00039606 _____ () C:\zoek-results.log
2014-07-25 23:24 - 2014-07-25 23:47 - 00000000 ____D () C:\zoek_backup
2014-07-25 23:24 - 2014-07-25 23:24 - 01287168 _____ () C:\Users\sangoko\Desktop\zoek.exe
2014-07-25 21:51 - 2014-07-26 00:31 - 00001020 _____ () C:\Windows\PFRO.log
2014-07-25 21:45 - 2014-07-25 21:49 - 00000000 ____D () C:\AdwCleaner
2014-07-25 21:44 - 2014-07-25 21:44 - 01354223 _____ () C:\Users\sangoko\Desktop\adwcleaner_3.216.exe
2014-07-25 21:40 - 2014-07-25 21:40 - 00014009 _____ () C:\Users\sangoko\Desktop\JRT.txt
2014-07-25 21:33 - 2014-07-25 21:34 - 00000000 ____D () C:\Windows\ERUNT
2014-07-25 21:33 - 2014-07-25 21:33 - 01016261 _____ (Thisisu) C:\Users\sangoko\Desktop\JRT.exe
2014-07-25 16:04 - 2014-07-25 16:05 - 00178984 _____ () C:\Users\sangoko\Desktop\Addition.txt
2014-07-25 16:03 - 2014-07-27 00:19 - 00020025 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:02 - 2014-07-27 00:18 - 00000000 ____D () C:\FRST
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 16:01 - 2014-07-25 16:01 - 00015327 _____ () C:\Users\sangoko\Desktop\LM.bat
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:55 - 2014-07-25 15:57 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:16 - 2014-07-25 11:17 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-16 16:47 - 2014-07-04 15:33 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2014-07-16 13:44 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2010-08-02 20:57 - 00217088 ____N (brother) C:\Windows\system32\NSSearch.dll
2014-07-15 21:59 - 2010-05-10 10:45 - 00103736 _____ (Brother Industries Ltd) C:\Windows\system32\BRRBTOOL.EXE
2014-07-15 21:59 - 2010-04-02 07:33 - 00025299 _____ (Brother Industries, Ltd) C:\Windows\system32\BRLM03A.DLL
2014-07-15 21:59 - 2010-03-15 19:56 - 00002560 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-07-15 21:59 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-07-15 21:59 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll
2014-07-15 21:59 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-07-15 21:59 - 2005-01-17 09:10 - 00045056 _____ () C:\Windows\system32\BRTCPCON.DLL
2014-07-15 21:59 - 2004-08-09 09:00 - 00000114 _____ () C:\Windows\system32\BRLMW03A.INI
2014-07-15 21:59 - 2004-08-09 08:42 - 00077824 _____ (Brother Industries, Ltd.) C:\Windows\system32\BRLMW03A.DLL
2014-07-15 21:59 - 1999-10-26 18:00 - 00000050 _____ () C:\Windows\system32\BRADM10A.DAT
2014-07-15 21:58 - 2014-07-15 22:04 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 11:34 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-11 11:34 - 2014-07-11 15:41 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-10 08:30 - 2014-07-10 20:41 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-09 15:41 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 15:41 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 15:41 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 15:40 - 2014-05-28 09:08 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 15:40 - 2014-05-28 09:08 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-09 15:40 - 2014-05-28 09:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-07-09 15:40 - 2014-05-28 09:04 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 06023168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-09 15:40 - 2014-05-28 09:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 11082752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 15:40 - 2014-05-28 09:02 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 15:40 - 2014-05-28 09:02 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 15:40 - 2014-05-28 09:00 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-07-09 15:40 - 2014-05-28 07:26 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-07-09 15:40 - 2014-05-28 05:44 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 15:40 - 2014-05-28 05:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 15:40 - 2014-05-28 05:42 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 15:40 - 2014-05-28 05:42 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-06 20:22 - 2014-07-06 22:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 19:36 - 2014-07-16 22:18 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-06 19:31 - 2014-07-25 16:43 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 00:19 - 2014-07-25 16:03 - 00020025 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-27 00:18 - 2014-07-25 16:02 - 00000000 ____D () C:\FRST
2014-07-26 23:58 - 2014-06-17 11:53 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 23:53 - 2014-06-22 06:48 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
2014-07-26 23:39 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 23:39 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 21:28 - 2014-07-26 21:22 - 146058808 _____ (ThinkBuzan) C:\Users\sangoko\Desktop\imindmap7_windows_7.1.1.exe
2014-07-26 20:59 - 2014-07-26 12:35 - 00000000 ____D () C:\Users\sangoko\Desktop\Království nebeské
2014-07-26 20:59 - 2013-05-24 14:11 - 00000000 ___RD () C:\Users\sangoko\Desktop\SRO
2014-07-26 20:47 - 2012-06-17 00:46 - 01544366 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 19:43 - 2014-07-26 19:42 - 00001606 _____ () C:\Windows\setupact.log
2014-07-26 19:42 - 2014-07-26 19:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 19:40 - 2014-06-17 11:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 19:40 - 2011-01-12 23:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-26 19:40 - 2009-12-07 16:32 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-07-26 19:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 19:38 - 2011-01-17 21:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-26 19:38 - 2006-11-02 15:01 - 00032604 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-26 19:01 - 2014-07-26 19:01 - 00009828 _____ () C:\Users\sangoko\Desktop\Firemní auta.odt
2014-07-26 17:41 - 2014-07-26 17:41 - 00013932 _____ () C:\Users\sangoko\Desktop\Projektant dopis.odt
2014-07-26 16:08 - 2014-07-26 16:08 - 00161214 _____ () C:\Users\sangoko\Desktop\Pavel Kopřiva .mup
2014-07-26 14:50 - 2014-05-30 16:57 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2014-07-26 09:41 - 2013-10-03 16:43 - 00024286 _____ () C:\Users\sangoko\Desktop\Mag. Ventil obchod.ods
2014-07-26 09:33 - 2013-10-03 16:42 - 00026084 _____ () C:\Users\sangoko\Desktop\Atomizer obchod.ods
2014-07-26 00:38 - 2014-07-25 23:28 - 00039606 _____ () C:\zoek-results.log
2014-07-26 00:31 - 2014-07-25 21:51 - 00001020 _____ () C:\Windows\PFRO.log
2014-07-25 23:47 - 2014-07-25 23:24 - 00000000 ____D () C:\zoek_backup
2014-07-25 23:47 - 2008-01-17 15:01 - 00000000 ____D () C:\Users\sangoko
2014-07-25 23:24 - 2014-07-25 23:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-25 23:24 - 2014-07-25 23:24 - 01287168 _____ () C:\Users\sangoko\Desktop\zoek.exe
2014-07-25 21:49 - 2014-07-25 21:45 - 00000000 ____D () C:\AdwCleaner
2014-07-25 21:44 - 2014-07-25 21:44 - 01354223 _____ () C:\Users\sangoko\Desktop\adwcleaner_3.216.exe
2014-07-25 21:40 - 2014-07-25 21:40 - 00014009 _____ () C:\Users\sangoko\Desktop\JRT.txt
2014-07-25 21:34 - 2014-07-25 21:33 - 00000000 ____D () C:\Windows\ERUNT
2014-07-25 21:33 - 2014-07-25 21:33 - 01016261 _____ (Thisisu) C:\Users\sangoko\Desktop\JRT.exe
2014-07-25 20:34 - 2008-02-22 08:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 16:43 - 2014-07-06 19:31 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-07-25 16:05 - 2014-07-25 16:04 - 00178984 _____ () C:\Users\sangoko\Desktop\Addition.txt
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 16:01 - 2014-07-25 16:01 - 00015327 _____ () C:\Users\sangoko\Desktop\LM.bat
2014-07-25 15:59 - 2014-07-25 15:59 - 01084416 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2014-07-25 15:57 - 2014-07-25 15:55 - 00000000 ____D () C:\Program Files\trend micro
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
2014-07-25 11:26 - 2010-06-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 11:18 - 2014-07-25 11:18 - 00071416 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-25 11:17 - 2014-07-25 11:16 - 03640432 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-25 01:06 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-07-25 01:03 - 2012-07-27 13:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\CrashDumps
2014-07-23 20:53 - 2013-11-17 15:27 - 00000000 ____D () C:\temp
2014-07-22 23:54 - 2014-07-22 23:54 - 00000821 _____ () C:\Users\Public\Desktop\Quadrax V.lnk
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadrax V
2014-07-22 23:54 - 2013-07-19 23:10 - 00000000 ____D () C:\Program Files\Quadrax V
2014-07-20 00:16 - 2014-01-22 20:59 - 00000000 ____D () C:\Users\sangoko\Desktop\Stahování
2014-07-19 23:45 - 2012-08-07 16:37 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Posta
2014-07-17 17:46 - 2014-06-10 12:49 - 00000000 ____D () C:\Users\sangoko\Desktop\kalendáře
2014-07-16 23:08 - 2012-09-30 17:44 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\vlc
2014-07-16 22:18 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\gtk-2.0
2014-07-16 22:18 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\.gimp-2.6
2014-07-16 22:15 - 2008-01-17 15:39 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Adobe
2014-07-16 13:44 - 2014-07-16 11:55 - 00000000 ____D () C:\Program Files\ABBYY FineReader 12
2014-07-16 11:58 - 2014-07-16 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 12
2014-07-16 11:55 - 2009-08-30 23:01 - 00000000 ____D () C:\Users\sangoko\AppData\Local\ABBYY
2014-07-16 11:54 - 2010-01-10 22:26 - 00000000 ____D () C:\ProgramData\ABBYY
2014-07-15 22:17 - 2014-07-15 22:17 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Brother
2014-07-15 22:05 - 2014-07-15 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-15 22:04 - 2014-07-15 21:58 - 00000000 ____D () C:\ProgramData\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Browny02
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Program Files\Brother
2014-07-15 21:59 - 2014-07-15 21:59 - 00000000 ____D () C:\Brother
2014-07-15 21:59 - 2007-04-27 09:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-15 18:30 - 2014-07-15 18:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\ABBYY
2014-07-14 23:17 - 2014-07-14 23:17 - 00001000 _____ () C:\Users\sangoko\Documents\MailShield.der
2014-07-13 12:57 - 2014-07-13 12:57 - 00005844 _____ () C:\Users\sangoko\.recently-used.xbel
2014-07-11 15:53 - 2012-11-07 20:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\IcoFX2X
2014-07-11 15:41 - 2014-07-11 11:34 - 00000000 ____D () C:\Users\sangoko\.thumbnails
2014-07-11 10:55 - 2008-02-22 09:33 - 00000000 ___RD () C:\Users\sangoko\Obrásky
2014-07-11 06:53 - 2014-06-22 06:48 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2014-07-10 20:41 - 2014-07-10 08:30 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Audacity
2014-07-10 13:07 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 09:46 - 2006-11-02 12:33 - 01558484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-10 08:30 - 2014-07-10 08:30 - 00000821 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-07-10 08:30 - 2014-07-10 08:30 - 00000000 ____D () C:\Program Files\Audacity
2014-07-10 08:23 - 2013-07-11 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 08:08 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-07-09 15:38 - 2014-07-09 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-09 15:38 - 2008-02-16 21:02 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Google
2014-07-09 15:37 - 2008-02-16 21:02 - 00000000 ____D () C:\Program Files\Google
2014-07-09 13:00 - 2014-02-25 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-07 00:02 - 2011-03-24 02:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-07-06 23:05 - 2011-03-24 02:13 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack
2014-07-06 22:54 - 2014-07-06 20:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 20:22 - 2012-06-20 22:49 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-06 20:22 - 2012-06-20 22:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\Users\sangoko\Documents\gegl-0.0
2014-07-06 19:36 - 2014-07-06 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP
2014-07-06 19:35 - 2014-07-06 19:35 - 00000000 ____D () C:\Program Files\GIMP-2.0
2014-07-04 15:33 - 2014-07-16 16:47 - 00113019 _____ () C:\Users\Public\Documents\velké kurzy 2014.odt
2014-07-01 13:02 - 2014-05-07 11:52 - 00034519 _____ () C:\Users\Public\Documents\2 čtvrdletí.ods
2014-06-27 19:26 - 2014-06-06 14:05 - 00000000 ____D () C:\Users\sangoko\Desktop\účetní faktury

Some content of TEMP:
====================
C:\Users\sangoko\AppData\Local\Temp\IHU253B.tmp.exe
C:\Users\sangoko\AppData\Local\Temp\IHU3B4A.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-26 19:47

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
  
  SearchScopes: HKLM - DefaultScope value is missing.
  
  2014-07-25 23:51 - 2014-07-25 23:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-07-25 23:28 - 2014-07-26 00:38 - 00039606 _____ () C:\zoek-results.log
  2014-07-25 23:24 - 2014-07-25 23:47 - 00000000 ____D () C:\zoek_backup
  2014-07-25 23:24 - 2014-07-25 23:24 - 01287168 _____ () C:\Users\sangoko\Desktop\zoek.exe
  2014-07-25 21:51 - 2014-07-26 00:31 - 00001020 _____ () C:\Windows\PFRO.log
  2014-07-25 21:45 - 2014-07-25 21:49 - 00000000 ____D () C:\AdwCleaner
  2014-07-25 21:44 - 2014-07-25 21:44 - 01354223 _____ () C:\Users\sangoko\Desktop\adwcleaner_3.216.exe
  2014-07-25 21:40 - 2014-07-25 21:40 - 00014009 _____ () C:\Users\sangoko\Desktop\JRT.txt
  2014-07-25 21:33 - 2014-07-25 21:34 - 00000000 ____D () C:\Windows\ERUNT
  2014-07-25 21:33 - 2014-07-25 21:33 - 01016261 _____ (Thisisu) C:\Users\sangoko\Desktop\JRT.exe
  2014-07-25 16:04 - 2014-07-25 16:05 - 00178984 _____ () C:\Users\sangoko\Desktop\Addition.txt
  2014-07-25 16:03 - 2014-07-27 00:19 - 00020025 _____ () C:\Users\sangoko\Desktop\FRST.txt
  2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
  2014-07-25 16:01 - 2014-07-25 16:01 - 00015327 _____ () C:\Users\sangoko\Desktop\LM.bat
  2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
  C:\Users\sangoko\AppData\Local\Temp\IHU253B.tmp.exe
  C:\Users\sangoko\AppData\Local\Temp\IHU3B4A.tmp.exe
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => C:\Windows\system32\msfeedssync.exe
  
  AlternateDataStreams: C:\ProgramData\TEMP:373E1720
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[takos]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-07-2014 01
Ran by sangoko at 2014-07-28 12:14:14 Run:1
Running from C:\Users\sangoko\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)

SearchScopes: HKLM - DefaultScope value is missing.

2014-07-25 23:51 - 2014-07-25 23:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-07-25 23:28 - 2014-07-26 00:38 - 00039606 _____ () C:\zoek-results.log
2014-07-25 23:24 - 2014-07-25 23:47 - 00000000 ____D () C:\zoek_backup
2014-07-25 23:24 - 2014-07-25 23:24 - 01287168 _____ () C:\Users\sangoko\Desktop\zoek.exe
2014-07-25 21:51 - 2014-07-26 00:31 - 00001020 _____ () C:\Windows\PFRO.log
2014-07-25 21:45 - 2014-07-25 21:49 - 00000000 ____D () C:\AdwCleaner
2014-07-25 21:44 - 2014-07-25 21:44 - 01354223 _____ () C:\Users\sangoko\Desktop\adwcleaner_3.216.exe
2014-07-25 21:40 - 2014-07-25 21:40 - 00014009 _____ () C:\Users\sangoko\Desktop\JRT.txt
2014-07-25 21:33 - 2014-07-25 21:34 - 00000000 ____D () C:\Windows\ERUNT
2014-07-25 21:33 - 2014-07-25 21:33 - 01016261 _____ (Thisisu) C:\Users\sangoko\Desktop\JRT.exe
2014-07-25 16:04 - 2014-07-25 16:05 - 00178984 _____ () C:\Users\sangoko\Desktop\Addition.txt
2014-07-25 16:03 - 2014-07-27 00:19 - 00020025 _____ () C:\Users\sangoko\Desktop\FRST.txt
2014-07-25 16:01 - 2014-07-25 16:01 - 00112640 _____ (forum.viry.cz) C:\Users\sangoko\Desktop\FRSTLauncher.exe
2014-07-25 16:01 - 2014-07-25 16:01 - 00015327 _____ () C:\Users\sangoko\Desktop\LM.bat
2014-07-25 15:55 - 2014-07-25 15:55 - 00000000 ____D () C:\rsit
C:\Users\sangoko\AppData\Local\Temp\IHU253B.tmp.exe
C:\Users\sangoko\AppData\Local\Temp\IHU3B4A.tmp.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => C:\Windows\system32\msfeedssync.exe

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

Hosts:
Reboot:
End
*****************

HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\sangoko\Desktop\zoek.exe => Moved successfully.
C:\Windows\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\sangoko\Desktop\adwcleaner_3.216.exe => Moved successfully.
C:\Users\sangoko\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\sangoko\Desktop\JRT.exe => Moved successfully.
C:\Users\sangoko\Desktop\Addition.txt => Moved successfully.
C:\Users\sangoko\Desktop\FRST.txt => Moved successfully.
C:\Users\sangoko\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\sangoko\Desktop\LM.bat => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\sangoko\AppData\Local\Temp\IHU253B.tmp.exe => Moved successfully.
C:\Users\sangoko\AppData\Local\Temp\IHU3B4A.tmp.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => Moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => Moved successfully.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Jak se chova PC???

[takos]

Za posledních 30 minut se žádná reklama neobjevila. Tak snad v pořádku. A o co vlastně šlo? a jak se proti tomu bránit? Díky Jirka

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Bylo tam hodne reklamniho\nezadouciho malware, vetsinou se instaluje jako oddatek k necemu dalsimu, ale da se omzeit. chce to jen cist pri instalaci s cim vsim souhlasite

A pokud nejsou problemy ci dotazy, je to z me strany vse

[takos]

OK, PC vypadá a chová se v pohodě. Tak děkuji za pomoc a váš čas. S pozdravem Jirka

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat