Mohli by ste mě někdo prosím poradit?
Několikrát za den mě vyskočí hláška url: mal že avast zablokoval infekci, proces C:\Program Files\Google\Chrome\Application\Crome.exe. Mohli by ste mě poradit? Děkuji.
Log přikládám :
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-01-2015
Ran by Dušan (administrator) on DUŠAN-PC on 06-01-2015 18:06:49
Running from C:\Users\Dušan\Desktop
Loaded Profile: Dušan (Available profiles: Dušan)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Dušan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Dušan\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [GIGABYTEMOUSE] => C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [1278464 2009-11-26] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-04-21] (Synaptics, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-06-26] (Realtek Semiconductor)
HKLM\...\Run: [GUCI_AVS] => C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [314880 2013-11-11] (PixArt Imaging Incorporation)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Duaan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Duaan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Google Update] => "C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Facebook Update] => "C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [GoogleChromeAutoLaunch_8DC7F33A7F54216BE9D61FC53D858387] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
IFEO\adsremovalsetup-imf0819.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ADSRemovalSetup.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\AUpdate.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\BlueBirdInit.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\FixPlugin.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IMF.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IMFsrv.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IMF_ActionCenterDownloader.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IWsIMF.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\maintenanceservice.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Reinforce.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SendBugReport.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TaskSchedule.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Desktop.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Service.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_w32.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_x64.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {0CC3E0F3-24F6-436F-A501-44975231CA89} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {1514284B-619D-483E-B3F0-DDF8445F78D1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {2FFFDB46-8985-48E3-A85C-A1D66AC7A9B9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {5129DFDD-1973-4A2B-9E18-174625750F9C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {79D6393A-17F8-4403-B709-89353EF01889} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {7A7C502A-FD27-40A2-9503-4D9AD1873F81} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {889A9166-FE08-411E-8AD0-86586333B3CB} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {8CEEB248-D7B4-4F76-95CC-7E3D038DA9C4} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {F14E780C-73CB-49E5-BC53-82AECAD25D47} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{990FBEA2-1EE1-45F7-981E-06DE5947B07F}: [NameServer] 10.20.2.10
FireFox:
========
FF ProfilePath: C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default
FF SelectedSearchEngine:
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dušan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @talk.google.com/O1DPlugin -> C:\Users\Dušan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dušan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dušan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dušan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Dušan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dušan\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Ads Removal - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\adremoveext@adremoveext.net [2014-10-30]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-12]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-14]
FF Extension: Mail.entrum.cz - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\mail@centrumholdings.com [2013-10-14]
FF Extension: AccelerateTab - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\speeddial@instair.net [2013-10-13]
FF Extension: Forecastfox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-05-04]
FF Extension: Seznam lištička - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-05]
FF Extension: SearchPreview - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-05-21]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-10-13]
FF Extension: Gmail Notifier (restartless) - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2013-10-14]
FF Extension: Tab Scope - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\tabscope@xuldev.org.xpi [2013-11-09]
FF Extension: Walnut2 for Firefox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi [2014-05-03]
FF Extension: Walnut for Firefox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2013-10-12]
FF Extension: Speed Dial - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-10-12]
FF Extension: Adblock Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-13]
FF Extension: Tab Mix Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-13]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-17]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-12]
CHR Extension: (Disk Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (WME Validator) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\baojhpeknpmkhplkcnpdcficcaaniaih [2014-06-25]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-05-23]
CHR Extension: (Zhasnout světla) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-01-01]
CHR Extension: (YouTube) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (VyhledávánĂ Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Gmail™ Notifier) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2014-05-11]
CHR Extension: (Speed Dial) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi [2014-05-01]
CHR Extension: (Tampermonkey) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-04]
CHR Extension: (History Eraser) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2014-05-01]
CHR Extension: (Uložit na Disk Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-05-01]
CHR Extension: (Color Changer for Facebook) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnafahpcndghkcdngfombklgpffkehmg [2014-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-01]
CHR Extension: (Centrum.cz Email Notifikátor) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm [2014-05-01]
CHR Extension: (Color Changer for Facebook) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmpgofbpmkihnamkhcoohnmipjkfjph [2014-05-01]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2014-11-22]
CHR Extension: (Peněženka Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-13]
CHR Extension: (Weather Aware) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2014-05-01]
CHR Extension: (Galactic Center Theme) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkfbpbdenlpaameimblofalamkjggbl [2014-11-23]
CHR Extension: (Click&Clean App) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-05-01]
CHR Extension: (Weather Underground) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-05-12]
CHR Extension: (Gmail) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [2470736 2013-09-29] () <==== ATTENTION
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-28] ()
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [60928 2006-02-16] (ENE Technology Inc.)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [596992 2013-11-11] (PixArt Imaging Incorporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-26] (REALiX(tm))
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2013-11-11] (Intel Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
S3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [489688 2014-10-30] (Realtek Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2014-10-30] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 18:19 - 2015-01-06 18:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2015-01-06 18:06 - 2015-01-06 18:07 - 00027153 _____ () C:\Users\Dušan\Desktop\FRST.txt
2015-01-06 18:06 - 2015-01-06 18:06 - 00000000 ____D () C:\FRST
2015-01-06 18:04 - 2015-01-06 18:05 - 00112640 _____ (forum.viry.cz) C:\Users\Dušan\Desktop\FRSTLauncher.exe
2015-01-06 18:04 - 2015-01-06 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Dušan\Desktop\Nepotvrzeno 284926.crdownload
2015-01-06 17:59 - 2015-01-06 17:59 - 01115136 _____ (Farbar) C:\Users\Dušan\Desktop\FRST.exe
2015-01-06 17:04 - 2015-01-06 17:08 - 312909824 _____ () C:\Users\Dušan\Desktop\kav_rescue_10.iso
2015-01-06 06:52 - 2015-01-06 07:21 - 00023565 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 06:47 - 2015-01-06 17:50 - 00000168 _____ () C:\Windows\setupact.log
2015-01-06 06:47 - 2015-01-06 06:47 - 00000366 _____ () C:\Windows\PFRO.log
2015-01-06 06:47 - 2015-01-06 06:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-28 16:33 - 2014-12-28 16:33 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-28 16:33 - 2014-12-28 16:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-26 20:41 - 2014-12-26 20:41 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2014-12-25 16:40 - 2014-12-25 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2014-12-17 21:10 - 2014-12-17 21:10 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Unity
2014-12-17 21:01 - 2014-12-18 14:29 - 00000000 ____D () C:\Users\Dušan\AppData\Local\Unity
2014-12-14 21:51 - 2014-12-14 21:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-13 00:51 - 2014-12-13 00:51 - 00875472 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll
2014-12-13 00:51 - 2014-12-13 00:51 - 00535008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
2014-12-13 00:51 - 2014-12-13 00:51 - 00252400 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib110.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 17:58 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 17:58 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 17:56 - 2013-10-13 09:35 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Seznam.cz
2015-01-06 17:56 - 2013-10-12 22:54 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 17:53 - 2013-10-13 12:52 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Skype
2015-01-06 17:51 - 2013-10-12 22:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 17:51 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 16:43 - 2013-10-19 18:51 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
2015-01-06 16:30 - 2014-05-03 19:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 16:30 - 2013-10-19 20:31 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
2015-01-05 21:36 - 2013-10-19 20:31 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
2015-01-05 18:41 - 2013-10-29 19:50 - 42008576 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00069632 _____ () C:\Windows\system32\config\SAM.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2015-01-05 18:13 - 2014-01-27 20:09 - 00000000 ____D () C:\Users\Dušan\Desktop\Nová složka
2015-01-05 18:12 - 2014-10-25 16:56 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\MyPhoneExplorer
2015-01-04 14:43 - 2013-10-19 18:51 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
2015-01-01 10:28 - 2013-10-29 19:44 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-31 16:51 - 2014-11-23 13:00 - 00000000 ____D () C:\Users\Dušan\Desktop\tati nekoukej prosím
2014-12-30 05:51 - 2013-10-14 18:22 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-12-29 23:39 - 2013-10-12 20:03 - 00071328 _____ () C:\Users\Dušan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-28 16:34 - 2013-10-17 19:10 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-28 16:34 - 2013-10-17 19:10 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-28 16:33 - 2014-04-23 17:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-28 16:33 - 2013-12-20 11:38 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-26 20:41 - 2014-10-30 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-26 20:39 - 2013-10-13 09:27 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\AIMP3
2014-12-26 09:28 - 2009-07-14 05:33 - 00328088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-25 16:40 - 2013-10-14 20:23 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-12-25 16:24 - 2014-05-03 19:14 - 00001806 _____ () C:\Users\Dušan\Desktop\ICQ.lnk
2014-12-25 16:24 - 2014-05-03 19:14 - 00001664 _____ () C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-12-25 16:24 - 2014-05-03 19:14 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-12-25 16:24 - 2013-10-13 12:56 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\ICQM
2014-12-22 12:51 - 2013-10-14 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-21 19:03 - 2013-10-12 19:58 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 13:49 - 2014-01-23 15:04 - 00000000 ___RD () C:\Program Files\Skype
2014-12-20 13:49 - 2013-10-13 12:52 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 22:52 - 2014-11-07 20:58 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-19 22:52 - 2013-10-14 16:17 - 00000000 ____D () C:\Program Files\TeamViewer
2014-12-17 14:42 - 2013-10-14 19:15 - 00000000 ____D () C:\Program Files\Opera
2014-12-16 19:13 - 2013-11-24 15:50 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\GHISLER
2014-12-16 16:05 - 2013-10-12 22:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-14 16:16 - 2014-12-04 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-14 15:55 - 2014-05-03 19:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-14 15:55 - 2014-05-03 19:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-14 00:00 - 2013-10-13 08:45 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\vlc
2014-12-12 19:56 - 2013-10-13 18:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 19:51 - 2014-05-23 16:03 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\ProductData
2014-12-11 06:53 - 2013-11-18 18:05 - 00921636 _____ () C:\PAP7501.dat
2014-12-11 06:48 - 2009-07-14 05:53 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-09 18:59 - 2014-05-01 06:20 - 00002094 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Du�an\Desktop" je 1932 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
c:\program files\common files\adobe\arm\1.0\adobearm.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3070 B611 series (NET)
"C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN183366RK05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
c:\program files\hp\hp software update\hpwuschd2.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc se škodnou
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
Zdravím!
Předně bych doporučil odinstalovat vše od IOBit. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .
Spusťte tuto utilitu:
Předně bych doporučil odinstalovat vše od IOBit. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc se škodnou
Od iobitu jsem odinstaloval ten malware fin... a smart defrag. advanced používám již léta a někdy znatelně i urychlí běh pc a uninstal také používám. po tom adv... mě teď zmizel speeddial z chromu a teď na mě zase vyskočil avast s tou hláškou.
Tu je ten log : Děkuji
# AdwCleaner v4.106 - Report created 06/01/2015 at 19:39:01
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Dušan - DUŠAN-PC
# Running from : C:\Users\Dušan\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : SecureUpdateSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\Secure Speed Dial
Folder Deleted : C:\Users\Dušan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\speeddial@instair.net
Folder Deleted : C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Deleted : C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Folder Deleted : C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa
File Deleted : C:\Windows\Uninstall.exe
File Deleted : C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKLM\SOFTWARE\CToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v34.0.5 (x86 cs)
[mxoe3dhh.default\prefs.js] - Line Deleted : user_pref("extensions.aniweather.timeShifted", 365940);
-\\ Google Chrome v39.0.2171.95
-\\ Opera v26.0.1656.60
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aonedlchkbicmhepimiahfalheedjgbh
*************************
AdwCleaner[R0].txt - [5019 octets] - [06/01/2015 19:35:58]
AdwCleaner[S0].txt - [5037 octets] - [06/01/2015 19:39:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5097 octets] ##########
Tu je ten log : Děkuji
# AdwCleaner v4.106 - Report created 06/01/2015 at 19:39:01
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Dušan - DUŠAN-PC
# Running from : C:\Users\Dušan\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : SecureUpdateSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files\Secure Speed Dial
Folder Deleted : C:\Users\Dušan\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\speeddial@instair.net
Folder Deleted : C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Folder Deleted : C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Folder Deleted : C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa
File Deleted : C:\Windows\Uninstall.exe
File Deleted : C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\user.js
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\CToolbar
Key Deleted : HKLM\SOFTWARE\CToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v34.0.5 (x86 cs)
[mxoe3dhh.default\prefs.js] - Line Deleted : user_pref("extensions.aniweather.timeShifted", 365940);
-\\ Google Chrome v39.0.2171.95
-\\ Opera v26.0.1656.60
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
[C:\Users\Dušan\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : aonedlchkbicmhepimiahfalheedjgbh
*************************
AdwCleaner[R0].txt - [5019 octets] - [06/01/2015 19:35:58]
AdwCleaner[S0].txt - [5037 octets] - [06/01/2015 19:39:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5097 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc se škodnou
Ten speed dial mě sežral ten adv... puje obnovit?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-01-2015
Ran by Dušan (administrator) on DUŠAN-PC on 06-01-2015 19:56:10
Running from C:\Users\Dušan\Desktop
Loaded Profile: Dušan (Available profiles: Dušan)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Users\Dušan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Dušan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [GIGABYTEMOUSE] => C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [1278464 2009-11-26] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-04-21] (Synaptics, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-06-26] (Realtek Semiconductor)
HKLM\...\Run: [GUCI_AVS] => C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [314880 2013-11-11] (PixArt Imaging Incorporation)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Duaan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Duaan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Google Update] => "C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Facebook Update] => "C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [GoogleChromeAutoLaunch_8DC7F33A7F54216BE9D61FC53D858387] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
IFEO\AUpdate.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\maintenanceservice.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Desktop.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Service.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_w32.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_x64.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {0CC3E0F3-24F6-436F-A501-44975231CA89} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {1514284B-619D-483E-B3F0-DDF8445F78D1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {2FFFDB46-8985-48E3-A85C-A1D66AC7A9B9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {5129DFDD-1973-4A2B-9E18-174625750F9C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {79D6393A-17F8-4403-B709-89353EF01889} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {7A7C502A-FD27-40A2-9503-4D9AD1873F81} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {889A9166-FE08-411E-8AD0-86586333B3CB} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {8CEEB248-D7B4-4F76-95CC-7E3D038DA9C4} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {F14E780C-73CB-49E5-BC53-82AECAD25D47} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{990FBEA2-1EE1-45F7-981E-06DE5947B07F}: [NameServer] 10.20.2.10
FireFox:
========
FF ProfilePath: C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default
FF SelectedSearchEngine:
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dušan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @talk.google.com/O1DPlugin -> C:\Users\Dušan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dušan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dušan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dušan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Dušan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dušan\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-12]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-14]
FF Extension: Mail.entrum.cz - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\mail@centrumholdings.com [2013-10-14]
FF Extension: Forecastfox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-05-04]
FF Extension: SearchPreview - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-05-21]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-10-13]
FF Extension: Gmail Notifier (restartless) - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2013-10-14]
FF Extension: Tab Scope - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\tabscope@xuldev.org.xpi [2013-11-09]
FF Extension: Walnut2 for Firefox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi [2014-05-03]
FF Extension: Walnut for Firefox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2013-10-12]
FF Extension: Speed Dial - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-10-12]
FF Extension: Adblock Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-13]
FF Extension: Tab Mix Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-13]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-17]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-12]
CHR Extension: (Disk Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (WME Validator) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\baojhpeknpmkhplkcnpdcficcaaniaih [2014-06-25]
CHR Extension: (Zhasnout světla) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-01-01]
CHR Extension: (YouTube) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (VyhledávánĂ Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Gmail™ Notifier) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2014-05-11]
CHR Extension: (Tampermonkey) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-04]
CHR Extension: (History Eraser) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2014-05-01]
CHR Extension: (Uložit na Disk Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-05-01]
CHR Extension: (Color Changer for Facebook) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnafahpcndghkcdngfombklgpffkehmg [2014-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-01]
CHR Extension: (Centrum.cz Email Notifikátor) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm [2014-05-01]
CHR Extension: (Color Changer for Facebook) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmpgofbpmkihnamkhcoohnmipjkfjph [2014-05-01]
CHR Extension: (Peněženka Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-13]
CHR Extension: (Weather Aware) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2014-05-01]
CHR Extension: (Galactic Center Theme) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkfbpbdenlpaameimblofalamkjggbl [2014-11-23]
CHR Extension: (Click&Clean App) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-05-01]
CHR Extension: (Weather Underground) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-05-12]
CHR Extension: (Gmail) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-28] ()
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [60928 2006-02-16] (ENE Technology Inc.)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [596992 2013-11-11] (PixArt Imaging Incorporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-26] (REALiX(tm))
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2013-11-11] (Intel Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [489688 2014-10-30] (Realtek Semiconductor Corporation)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2014-10-30] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 19:35 - 2015-01-06 19:39 - 00000000 ____D () C:\AdwCleaner
2015-01-06 19:33 - 2015-01-06 19:33 - 02173952 _____ () C:\Users\Dušan\Desktop\adwcleaner_4.106.exe
2015-01-06 19:03 - 2015-01-06 19:03 - 02157568 _____ () C:\Users\Dušan\Desktop\Bauerinnenkalender 2015.pps
2015-01-06 18:19 - 2015-01-06 18:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2015-01-06 18:06 - 2015-01-06 19:56 - 00024051 _____ () C:\Users\Dušan\Desktop\FRST.txt
2015-01-06 18:06 - 2015-01-06 19:56 - 00000000 ____D () C:\FRST
2015-01-06 18:04 - 2015-01-06 18:05 - 00112640 _____ (forum.viry.cz) C:\Users\Dušan\Desktop\FRSTLauncher.exe
2015-01-06 17:59 - 2015-01-06 17:59 - 01115136 _____ (Farbar) C:\Users\Dušan\Desktop\FRST.exe
2015-01-06 17:04 - 2015-01-06 17:08 - 312909824 _____ () C:\Users\Dušan\Desktop\kav_rescue_10.iso
2015-01-06 06:52 - 2015-01-06 07:21 - 00023565 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 06:47 - 2015-01-06 19:41 - 00000672 _____ () C:\Windows\PFRO.log
2015-01-06 06:47 - 2015-01-06 19:41 - 00000224 _____ () C:\Windows\setupact.log
2015-01-06 06:47 - 2015-01-06 06:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-28 16:33 - 2014-12-28 16:33 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-28 16:33 - 2014-12-28 16:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-26 20:41 - 2014-12-26 20:41 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2014-12-25 16:40 - 2014-12-25 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2014-12-17 21:10 - 2014-12-17 21:10 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Unity
2014-12-17 21:01 - 2014-12-18 14:29 - 00000000 ____D () C:\Users\Dušan\AppData\Local\Unity
2014-12-14 21:51 - 2014-12-14 21:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-13 00:51 - 2014-12-13 00:51 - 00875472 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll
2014-12-13 00:51 - 2014-12-13 00:51 - 00535008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
2014-12-13 00:51 - 2014-12-13 00:51 - 00252400 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib110.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 19:56 - 2013-10-12 22:54 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 19:48 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 19:48 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 19:47 - 2013-10-13 09:35 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Seznam.cz
2015-01-06 19:43 - 2013-10-19 18:51 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
2015-01-06 19:43 - 2013-10-13 12:52 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Skype
2015-01-06 19:42 - 2013-10-12 22:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 19:41 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 19:24 - 2014-05-03 19:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 18:36 - 2013-10-19 20:31 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
2015-01-05 21:36 - 2013-10-19 20:31 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
2015-01-05 18:41 - 2013-10-29 19:50 - 42008576 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00069632 _____ () C:\Windows\system32\config\SAM.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2015-01-05 18:13 - 2014-01-27 20:09 - 00000000 ____D () C:\Users\Dušan\Desktop\Nová složka
2015-01-05 18:12 - 2014-10-25 16:56 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\MyPhoneExplorer
2015-01-04 14:43 - 2013-10-19 18:51 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
2015-01-01 10:28 - 2013-10-29 19:44 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-31 16:51 - 2014-11-23 13:00 - 00000000 ____D () C:\Users\Dušan\Desktop\tati nekoukej prosím
2014-12-30 05:51 - 2013-10-14 18:22 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-12-29 23:39 - 2013-10-12 20:03 - 00071328 _____ () C:\Users\Dušan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-28 16:34 - 2013-10-17 19:10 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-28 16:34 - 2013-10-17 19:10 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-28 16:33 - 2014-04-23 17:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-28 16:33 - 2013-12-20 11:38 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-26 20:41 - 2014-10-30 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-26 20:39 - 2013-10-13 09:27 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\AIMP3
2014-12-26 09:28 - 2009-07-14 05:33 - 00328088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-25 16:40 - 2013-10-14 20:23 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-12-25 16:24 - 2014-05-03 19:14 - 00001806 _____ () C:\Users\Dušan\Desktop\ICQ.lnk
2014-12-25 16:24 - 2014-05-03 19:14 - 00001664 _____ () C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-12-25 16:24 - 2014-05-03 19:14 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-12-25 16:24 - 2013-10-13 12:56 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\ICQM
2014-12-22 12:51 - 2013-10-14 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-21 19:03 - 2013-10-12 19:58 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 13:49 - 2014-01-23 15:04 - 00000000 ___RD () C:\Program Files\Skype
2014-12-20 13:49 - 2013-10-13 12:52 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 22:52 - 2014-11-07 20:58 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-19 22:52 - 2013-10-14 16:17 - 00000000 ____D () C:\Program Files\TeamViewer
2014-12-17 14:42 - 2013-10-14 19:15 - 00000000 ____D () C:\Program Files\Opera
2014-12-16 19:13 - 2013-11-24 15:50 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\GHISLER
2014-12-16 16:05 - 2013-10-12 22:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-14 16:16 - 2014-12-04 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-14 15:55 - 2014-05-03 19:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-14 15:55 - 2014-05-03 19:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-14 00:00 - 2013-10-13 08:45 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\vlc
2014-12-12 19:56 - 2013-10-13 18:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 19:51 - 2014-05-23 16:03 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\ProductData
2014-12-11 06:53 - 2013-11-18 18:05 - 00921636 _____ () C:\PAP7501.dat
2014-12-11 06:48 - 2009-07-14 05:53 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-09 18:59 - 2014-05-01 06:20 - 00002094 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
Some content of TEMP:
====================
C:\Users\Dušan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dušan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Du�an\Desktop" je 1936 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
c:\program files\common files\adobe\arm\1.0\adobearm.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3070 B611 series (NET)
"C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN183366RK05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
c:\program files\hp\hp software update\hpwuschd2.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-01-2015
Ran by Dušan (administrator) on DUŠAN-PC on 06-01-2015 19:56:10
Running from C:\Users\Dušan\Desktop
Loaded Profile: Dušan (Available profiles: Dušan)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAP7501\GUCI_AVS.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Users\Dušan\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Dušan\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [GIGABYTEMOUSE] => C:\Program Files\GIGABYTE\GIGABYTE Sim Series7\Mouse.exe [1278464 2009-11-26] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-04-21] (Synaptics, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-06-26] (Realtek Semiconductor)
HKLM\...\Run: [GUCI_AVS] => C:\Windows\PixArt\PAP7501\GUCI_AVS.exe [314880 2013-11-11] (PixArt Imaging Incorporation)
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [1466368 2009-05-05] (Motorola Inc.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [cz.seznam.software.autoupdate] => "C:\Users\Duaan\AppData\Roaming\Seznam.cz\szninstall.exe" -c
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [cz.seznam.software.szndesktop] => "C:\Users\Duaan\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Google Update] => "C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Facebook Update] => "C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [GoogleChromeAutoLaunch_8DC7F33A7F54216BE9D61FC53D858387] => C:\Program Files\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
IFEO\AUpdate.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\ChangeIcon.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\DriverBooster.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\IObitDownloader.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\maintenanceservice.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\MakeSFX.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Promote.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\Scheduler.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\SetupHlp.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Desktop.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\TeamViewer_Service.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_w32.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
IFEO\tv_x64.exe: [Debugger] C:\Program Files\IObit\Advanced SystemCare 8\AutoReactivator.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {0CC3E0F3-24F6-436F-A501-44975231CA89} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {1514284B-619D-483E-B3F0-DDF8445F78D1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {2FFFDB46-8985-48E3-A85C-A1D66AC7A9B9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {5129DFDD-1973-4A2B-9E18-174625750F9C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {79D6393A-17F8-4403-B709-89353EF01889} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {7A7C502A-FD27-40A2-9503-4D9AD1873F81} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {889A9166-FE08-411E-8AD0-86586333B3CB} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {8CEEB248-D7B4-4F76-95CC-7E3D038DA9C4} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-2741125385-3581401694-3972559925-1001 -> {F14E780C-73CB-49E5-BC53-82AECAD25D47} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{990FBEA2-1EE1-45F7-981E-06DE5947B07F}: [NameServer] 10.20.2.10
FireFox:
========
FF ProfilePath: C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default
FF SelectedSearchEngine:
FF Homepage: chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Dušan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @talk.google.com/O1DPlugin -> C:\Users\Dušan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Dušan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Dušan\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dušan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Users\Dušan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Dušan\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\cs@dictionaries.addons.mozilla.org [2014-11-12]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-14]
FF Extension: Mail.entrum.cz - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\mail@centrumholdings.com [2013-10-14]
FF Extension: Forecastfox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2014-05-04]
FF Extension: SearchPreview - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [2014-05-21]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\elemhidehelper@adblockplus.org.xpi [2013-10-13]
FF Extension: Gmail Notifier (restartless) - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2013-10-14]
FF Extension: Tab Scope - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\tabscope@xuldev.org.xpi [2013-11-09]
FF Extension: Walnut2 for Firefox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi [2014-05-03]
FF Extension: Walnut for Firefox - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2013-10-12]
FF Extension: Speed Dial - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2013-10-12]
FF Extension: Adblock Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-13]
FF Extension: Tab Mix Plus - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-10-13]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-17]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-12]
CHR Extension: (Disk Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (WME Validator) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\baojhpeknpmkhplkcnpdcficcaaniaih [2014-06-25]
CHR Extension: (Zhasnout světla) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-05-01]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-01-01]
CHR Extension: (YouTube) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (VyhledávánĂ Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Gmail™ Notifier) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2014-05-11]
CHR Extension: (Tampermonkey) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-04]
CHR Extension: (History Eraser) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2014-05-01]
CHR Extension: (Uložit na Disk Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-05-01]
CHR Extension: (Color Changer for Facebook) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnafahpcndghkcdngfombklgpffkehmg [2014-05-01]
CHR Extension: (Avast Online Security) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-05-01]
CHR Extension: (Centrum.cz Email Notifikátor) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmmnahgmbjnpgdoadbfoficgoamahklm [2014-05-01]
CHR Extension: (Color Changer for Facebook) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmpgofbpmkihnamkhcoohnmipjkfjph [2014-05-01]
CHR Extension: (Peněženka Google) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-13]
CHR Extension: (Weather Aware) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2014-05-01]
CHR Extension: (Galactic Center Theme) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkfbpbdenlpaameimblofalamkjggbl [2014-11-23]
CHR Extension: (Click&Clean App) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-05-01]
CHR Extension: (Weather Underground) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-05-12]
CHR Extension: (Gmail) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [70384 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2014-12-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [91496 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2014-12-28] ()
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [60928 2006-02-16] (ENE Technology Inc.)
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [596992 2013-11-11] (PixArt Imaging Incorporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-26] (REALiX(tm))
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2013-11-11] (Intel Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [489688 2014-10-30] (Realtek Semiconductor Corporation)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2014-10-30] ()
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 19:35 - 2015-01-06 19:39 - 00000000 ____D () C:\AdwCleaner
2015-01-06 19:33 - 2015-01-06 19:33 - 02173952 _____ () C:\Users\Dušan\Desktop\adwcleaner_4.106.exe
2015-01-06 19:03 - 2015-01-06 19:03 - 02157568 _____ () C:\Users\Dušan\Desktop\Bauerinnenkalender 2015.pps
2015-01-06 18:19 - 2015-01-06 18:45 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2015-01-06 18:06 - 2015-01-06 19:56 - 00024051 _____ () C:\Users\Dušan\Desktop\FRST.txt
2015-01-06 18:06 - 2015-01-06 19:56 - 00000000 ____D () C:\FRST
2015-01-06 18:04 - 2015-01-06 18:05 - 00112640 _____ (forum.viry.cz) C:\Users\Dušan\Desktop\FRSTLauncher.exe
2015-01-06 17:59 - 2015-01-06 17:59 - 01115136 _____ (Farbar) C:\Users\Dušan\Desktop\FRST.exe
2015-01-06 17:04 - 2015-01-06 17:08 - 312909824 _____ () C:\Users\Dušan\Desktop\kav_rescue_10.iso
2015-01-06 06:52 - 2015-01-06 07:21 - 00023565 _____ () C:\Windows\WindowsUpdate.log
2015-01-06 06:47 - 2015-01-06 19:41 - 00000672 _____ () C:\Windows\PFRO.log
2015-01-06 06:47 - 2015-01-06 19:41 - 00000224 _____ () C:\Windows\setupact.log
2015-01-06 06:47 - 2015-01-06 06:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-28 16:33 - 2014-12-28 16:33 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-28 16:33 - 2014-12-28 16:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-26 20:41 - 2014-12-26 20:41 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2014-12-25 16:40 - 2014-12-25 16:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2014-12-17 21:10 - 2014-12-17 21:10 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Unity
2014-12-17 21:01 - 2014-12-18 14:29 - 00000000 ____D () C:\Users\Dušan\AppData\Local\Unity
2014-12-14 21:51 - 2014-12-14 21:51 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-13 00:51 - 2014-12-13 00:51 - 00875472 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110.dll
2014-12-13 00:51 - 2014-12-13 00:51 - 00535008 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll
2014-12-13 00:51 - 2014-12-13 00:51 - 00252400 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib110.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-06 19:56 - 2013-10-12 22:54 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-06 19:48 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-06 19:48 - 2009-07-14 05:34 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-06 19:47 - 2013-10-13 09:35 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Seznam.cz
2015-01-06 19:43 - 2013-10-19 18:51 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
2015-01-06 19:43 - 2013-10-13 12:52 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Skype
2015-01-06 19:42 - 2013-10-12 22:53 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-06 19:41 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-06 19:24 - 2014-05-03 19:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-06 18:36 - 2013-10-19 20:31 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
2015-01-05 21:36 - 2013-10-19 20:31 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
2015-01-05 18:41 - 2013-10-29 19:50 - 42008576 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00069632 _____ () C:\Windows\system32\config\SAM.iobit
2015-01-05 18:41 - 2013-10-29 19:50 - 00028672 _____ () C:\Windows\system32\config\SECURITY.iobit
2015-01-05 18:13 - 2014-01-27 20:09 - 00000000 ____D () C:\Users\Dušan\Desktop\Nová složka
2015-01-05 18:12 - 2014-10-25 16:56 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\MyPhoneExplorer
2015-01-04 14:43 - 2013-10-19 18:51 - 00000910 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
2015-01-01 10:28 - 2013-10-29 19:44 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-31 16:51 - 2014-11-23 13:00 - 00000000 ____D () C:\Users\Dušan\Desktop\tati nekoukej prosím
2014-12-30 05:51 - 2013-10-14 18:22 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-12-29 23:39 - 2013-10-12 20:03 - 00071328 _____ () C:\Users\Dušan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-28 16:34 - 2013-10-17 19:10 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-28 16:34 - 2013-10-17 19:10 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-28 16:33 - 2014-04-23 17:44 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-28 16:33 - 2013-12-20 11:38 - 00091496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2014-12-28 16:33 - 2013-10-17 19:10 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-26 20:41 - 2014-10-30 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2014-12-26 20:39 - 2013-10-13 09:27 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\AIMP3
2014-12-26 09:28 - 2009-07-14 05:33 - 00328088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-25 16:40 - 2013-10-14 20:23 - 00000000 ____D () C:\Program Files\LibreOffice 4
2014-12-25 16:24 - 2014-05-03 19:14 - 00001806 _____ () C:\Users\Dušan\Desktop\ICQ.lnk
2014-12-25 16:24 - 2014-05-03 19:14 - 00001664 _____ () C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-12-25 16:24 - 2014-05-03 19:14 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-12-25 16:24 - 2013-10-13 12:56 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\ICQM
2014-12-22 12:51 - 2013-10-14 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-21 19:03 - 2013-10-12 19:58 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-20 13:49 - 2014-01-23 15:04 - 00000000 ___RD () C:\Program Files\Skype
2014-12-20 13:49 - 2013-10-13 12:52 - 00000000 ____D () C:\ProgramData\Skype
2014-12-19 22:52 - 2014-11-07 20:58 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-19 22:52 - 2013-10-14 16:17 - 00000000 ____D () C:\Program Files\TeamViewer
2014-12-17 14:42 - 2013-10-14 19:15 - 00000000 ____D () C:\Program Files\Opera
2014-12-16 19:13 - 2013-11-24 15:50 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\GHISLER
2014-12-16 16:05 - 2013-10-12 22:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-14 16:16 - 2014-12-04 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-14 15:55 - 2014-05-03 19:41 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-12-14 15:55 - 2014-05-03 19:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-12-14 00:00 - 2013-10-13 08:45 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\vlc
2014-12-12 19:56 - 2013-10-13 18:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-12 19:51 - 2014-05-23 16:03 - 00000000 ____D () C:\Users\Dušan\AppData\Roaming\ProductData
2014-12-11 06:53 - 2013-11-18 18:05 - 00921636 _____ () C:\PAP7501.dat
2014-12-11 06:48 - 2009-07-14 05:53 - 00032594 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-09 18:59 - 2014-05-01 06:20 - 00002094 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
Some content of TEMP:
====================
C:\Users\Dušan\AppData\Local\Temp\Quarantine.exe
C:\Users\Dušan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => C:\Users\Duaan\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Du�an\Desktop" je 1936 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
c:\program files\common files\adobe\arm\1.0\adobearm.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3070 B611 series (NET)
"C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN183366RK05MQ:NW" -scfn "HP Deskjet 3070 B611 series (NET)" -AutoStart 1 [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
c:\program files\hp\hp software update\hpwuschd2.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
Otevřte poznámkový blok a zkopírujte do něj:
ADW už nebude třeba. Doporučuji odinstalovat IOBit. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Facebook Update] => "C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
C:\Users\Duaan\AppData\Local\Facebook\Update
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [Not Found]
CHR Extension: (Tampermonkey) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-04]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
C:\Users\Dušan\AppData\Local\Temp
End
ADW už nebude třeba. Doporučuji odinstalovat IOBit. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc se škodnou
Než odinstaluji to adw, pujde z něho obnovit ten speed dial z chromu?
Jinak z toho iobitu jsem odinstaloval jak jsem již psal ty dvě věci.
Právě na mě vyskočilo opět upozornění z avastu o zablokování...
Log
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-01-2015
Ran by Dušan at 2015-01-06 21:30:24 Run:1
Running from C:\Users\Dušan\Desktop
Loaded Profile: Dušan (Available profiles: Dušan)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Facebook Update] => "C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
C:\Users\Duaan\AppData\Local\Facebook\Update
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [Not Found]
CHR Extension: (Tampermonkey) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-04]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
C:\Users\Dušan\AppData\Local\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
"C:\Users\Duaan\AppData\Local\Facebook\Update" => File/Directory not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
HKCR\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
C:\Program Files\Skype\Toolbars => Moved successfully.
"HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Moved successfully.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi => not found.
C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => Moved successfully.
"C:\Users\Dušan\AppData\Local\Temp" directory move:
C:\Users\Dušan\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\boost808547.tmp => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\C)Kh0T(h,vGws4)o.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\cYmyfK0#3Ooxc,bB.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Dušan\AppData\Local\Temp\pHNxFjr!J1wereAj.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\wOVxxHlxdW&73r$7.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~C448.tmp => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~C908.tmp => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp\~DF04B8C29228114F13.TMP" => Scheduled to move on reboot.
C:\Users\Dušan\AppData\Local\Temp\~DF0FDAF7522F2C737C.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DF8A042D9E6CE3A3BE.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DFE0C8CCCC63D12167.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DFF9FD1BCE5F268822.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~FEE9.bat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~FEE9.tmp => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-3nKb6Gd67QMuJIm18xTMLV3M" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-a1l1fEOiR6FRmXAQLvLA2FZO" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-BPT5uilvBvuPld4HASiUpZ3m" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-c7kasNfnPUpvrclrvf8ver5f" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-V9JMmLZRgt90oNwOGIXucEnv" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-ylqK29bDzf4o0uU7Mosa1kYT" => Scheduled to move on reboot.
C:\Users\Dušan\AppData\Local\Temp\is-HD63O.tmp\UninstallPromote.exe => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\is-HD63O.tmp\_isetup\_shfoldr.dll => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\bsTempPath\ACDE34E.tmp => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\adremoveext@adremoveext.net.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\elemhidehelper@adblockplus.org.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\iobitascsurfingprotection@iobit.com.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\jid0-gjwrpchs3ugt7xydvqvk4dqk8ls@jetpack.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\mail@centrumholdings.com.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\speeddial@instair.net.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\tabscope@xuldev.org.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{0538e3e3-7e9b-4d49-8831-a227c80a7ad3}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{64161300-e22b-11db-8314-0800200c9a66}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{dc572301-7619-498c-a57d-39143191b318}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{ea614400-e918-4741-9a97-7a972ff7c30b}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{ef522540-89f5-46b9-b6fe-1829e2b572c6}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\firefox\{82af8dca-6de9-405d-bd5e-43525bdad38a}\icon.png => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-06 21:33:38)<=
C:\Users\Dušan\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DF04B8C29228114F13.TMP => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-3nKb6Gd67QMuJIm18xTMLV3M => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-a1l1fEOiR6FRmXAQLvLA2FZO => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-BPT5uilvBvuPld4HASiUpZ3m => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-c7kasNfnPUpvrclrvf8ver5f => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-V9JMmLZRgt90oNwOGIXucEnv => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-ylqK29bDzf4o0uU7Mosa1kYT => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 21:33:39 ====
Jinak z toho iobitu jsem odinstaloval jak jsem již psal ty dvě věci.
Právě na mě vyskočilo opět upozornění z avastu o zablokování...
Log
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-01-2015
Ran by Dušan at 2015-01-06 21:30:24 Run:1
Running from C:\Users\Dušan\Desktop
Loaded Profile: Dušan (Available profiles: Dušan)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\...\Run: [Facebook Update] => "C:\Users\Duaan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
C:\Users\Duaan\AppData\Local\Facebook\Update
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
FF Plugin HKU\S-1-5-21-2741125385-3581401694-3972559925-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net [Not Found]
FF Extension: No Name - C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [Not Found]
CHR Extension: (Tampermonkey) - C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-12-04]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job
C:\Users\Dušan\AppData\Local\Temp
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
"C:\Users\Duaan\AppData\Local\Facebook\Update" => File/Directory not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F}" => Key deleted successfully.
HKCR\CLSID\{9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
C:\Program Files\Skype\Toolbars => Moved successfully.
"HKU\S-1-5-21-2741125385-3581401694-3972559925-1001\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Dušan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => Moved successfully.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\mail@centrumholdings.com => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6} => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\tabscope@xuldev.org.xpi => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\speeddial@instair.net => not found.
C:\Users\Dušan\AppData\Roaming\Mozilla\Firefox\Profiles\mxoe3dhh.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi => not found.
C:\Users\Dušan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo => Moved successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2741125385-3581401694-3972559925-1001Core.job => Moved successfully.
"C:\Users\Dušan\AppData\Local\Temp" directory move:
C:\Users\Dušan\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\boost808547.tmp => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\C)Kh0T(h,vGws4)o.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\cYmyfK0#3Ooxc,bB.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\EULA.txt => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Dušan\AppData\Local\Temp\pHNxFjr!J1wereAj.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\wOVxxHlxdW&73r$7.tmp.dat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~C448.tmp => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~C908.tmp => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp\~DF04B8C29228114F13.TMP" => Scheduled to move on reboot.
C:\Users\Dušan\AppData\Local\Temp\~DF0FDAF7522F2C737C.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DF8A042D9E6CE3A3BE.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DFE0C8CCCC63D12167.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DFF9FD1BCE5F268822.TMP => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~FEE9.bat => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~FEE9.tmp => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-3nKb6Gd67QMuJIm18xTMLV3M" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-a1l1fEOiR6FRmXAQLvLA2FZO" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-BPT5uilvBvuPld4HASiUpZ3m" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-c7kasNfnPUpvrclrvf8ver5f" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-V9JMmLZRgt90oNwOGIXucEnv" => Scheduled to move on reboot.
Could not move "C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-ylqK29bDzf4o0uU7Mosa1kYT" => Scheduled to move on reboot.
C:\Users\Dušan\AppData\Local\Temp\is-HD63O.tmp\UninstallPromote.exe => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\is-HD63O.tmp\_isetup\_shfoldr.dll => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\bsTempPath\ACDE34E.tmp => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\adremoveext@adremoveext.net.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\elemhidehelper@adblockplus.org.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\iobitascsurfingprotection@iobit.com.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\jid0-gjwrpchs3ugt7xydvqvk4dqk8ls@jetpack.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\mail@centrumholdings.com.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\speeddial@instair.net.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\tabscope@xuldev.org.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{0538e3e3-7e9b-4d49-8831-a227c80a7ad3}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{64161300-e22b-11db-8314-0800200c9a66}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{dc572301-7619-498c-a57d-39143191b318}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{ea614400-e918-4741-9a97-7a972ff7c30b}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\{ef522540-89f5-46b9-b6fe-1829e2b572c6}.zip => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\firefox\{82af8dca-6de9-405d-bd5e-43525bdad38a}\icon.png => Moved successfully.
C:\Users\Dušan\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
Could not move "C:\Users\Dušan\AppData\Local\Temp" directory. => Scheduled to move on reboot.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-06 21:33:38)<=
C:\Users\Dušan\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\~DF04B8C29228114F13.TMP => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-3nKb6Gd67QMuJIm18xTMLV3M => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-a1l1fEOiR6FRmXAQLvLA2FZO => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-BPT5uilvBvuPld4HASiUpZ3m => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-c7kasNfnPUpvrclrvf8ver5f => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-V9JMmLZRgt90oNwOGIXucEnv => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp\Skype\DbTemp\temp-ylqK29bDzf4o0uU7Mosa1kYT => Is moved successfully.
C:\Users\Dušan\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 21:33:39 ====
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc se škodnou
Jak jsem psal na začátku logu, vyskočilo to znova. A ještě bych chtěl jestli se dá z toho adw nějak vrátit do chromu ten speed dial, abych nemusel schánět a nastavovat ho znova.
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
Chrome zazálohujte pomocí ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak jej odinstalujte vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky, příp. hesla. Ten SpeedDial budete asi muset znovu nainstalovat. Bohužel.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc se škodnou
Zítra se na to vrhnu. Zatim děkuji moc a dám vědět
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o pomoc se škodnou
Tak jsem to udělal a zatím to vypadá dobře, nic nevyskakuje.
Když jsem nainstaloval chroma a přihlásil se, tak se mě do chromu nainstalovali všechna rozšíření i s motivem zpět, jen jsem to musel nastavit.
Snad to tedy bude OK Děkuji moc.
Když jsem nainstaloval chroma a přihlásil se, tak se mě do chromu nainstalovali všechna rozšíření i s motivem zpět, jen jsem to musel nastavit.
Snad to tedy bude OK Děkuji moc.
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o pomoc se škodnou
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?