chrome ?trackid=sp-006 problem

[pr0m3th3u5]

Zdravim, na priatelkynom notebooku sa neviem zbavit toho ze pri vyhladavani cez chrome vzdy za vyhladany vyraz prida ?trackid=sp-006


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by Lucie (administrator) on RYBIZEK on 02-02-2015 10:14:14
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available profiles: Lucie)
Platform: Windows 8.1 (X64) OS Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(ICQ, LLC.) C:\Program Files (x86)\ICQ7M\ICQ.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-05-30] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-05-30] (Lenovo(beijing) Limited)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-08-30] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\...\Run: [ICQ] => C:\Program Files (x86)\ICQ7M\ICQ.exe [127040 2015-01-10] (ICQ, LLC.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2964284607-1452646835-2038692282-1001 -> {DA4D221B-A153-4967-A87A-2D66A27F0B56} URL =
SearchScopes: HKU\S-1-5-21-2964284607-1452646835-2038692282-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\n004brei.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Homepage: about:home
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\n004brei.default\searchplugins\google-avast.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-27]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchKeyword: Default -> 7909133EF36C24D0FA4DC2B7951A78FA624064820E8E82748A5492D4633E49A3
CHR DefaultSearchURL: Default -> 67251EBAC76500CAE2564B904D111A41268A5C2BC262D980370DD10AB07C7F64
CHR Profile: C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Dokumenty Google) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Disk Google) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (YouTube) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Tabulky Google) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (Avast Online Security) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-01]
CHR Extension: (Peněženka Google) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Gmail) - C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-30] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-27] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-29] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-13] (Intel Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-05-30] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-08-30] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-27] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-27] ()
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-07-15] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-08-30] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-13] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 10:14 - 2015-02-02 10:15 - 00016392 _____ () C:\Users\Lucie\Desktop\FRST.txt
2015-02-02 10:09 - 2015-02-02 10:09 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-02-02 10:08 - 2015-02-02 10:08 - 02131456 _____ (Farbar) C:\Users\Lucie\Desktop\FRST64.exe
2015-02-01 19:41 - 2015-02-01 19:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-01 19:37 - 2015-02-01 19:37 - 00000546 _____ () C:\windows\PFRO.log
2015-02-01 19:37 - 2015-02-01 19:37 - 00000116 _____ () C:\windows\setupact.log
2015-02-01 19:37 - 2015-02-01 19:37 - 00000000 _____ () C:\windows\setuperr.log
2015-02-01 19:31 - 2015-02-01 19:36 - 00000000 ____D () C:\AdwCleaner
2015-02-01 19:25 - 2015-02-02 09:31 - 00181400 _____ () C:\windows\WindowsUpdate.log
2015-02-01 19:25 - 2015-02-01 19:30 - 00009208 _____ () C:\Users\Lucie\Downloads\Addition.txt
2015-02-01 19:23 - 2015-02-02 10:14 - 00000000 ____D () C:\FRST
2015-01-27 23:28 - 2015-01-27 23:28 - 00000000 ____D () C:\Program Files (x86)\Image Hover
2015-01-27 12:04 - 2015-01-27 12:04 - 00000000 ____D () C:\Program Files (x86)\Financial Times News Feed
2015-01-27 11:24 - 2015-01-27 11:24 - 00000000 ____D () C:\Program Files (x86)\jquery injector
2015-01-18 09:29 - 2015-01-18 09:34 - 00000000 ____D () C:\Users\Lucie\Desktop\veganství
2015-01-15 23:35 - 2015-01-26 22:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 10:02 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 10:02 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 10:02 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-01-14 10:02 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-01-14 10:02 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2015-01-14 10:02 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2015-01-14 10:02 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-01-14 10:02 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 10:02 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2015-01-14 10:02 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2015-01-14 10:02 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2015-01-14 10:02 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-01-14 10:02 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-01-14 10:02 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-01-14 10:02 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-01-14 10:02 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2015-01-14 10:02 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2015-01-14 10:02 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-01-14 10:02 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-01-14 10:02 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-01-14 10:02 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2015-01-14 10:02 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2015-01-14 10:02 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-01-14 10:02 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-01-14 10:02 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 18:26 - 2015-01-13 19:08 - 733147136 _____ () C:\Users\Lucie\Downloads\Symbol.2009.JAP.DVDRip.XviD-GiNJi.avi
2015-01-13 15:04 - 2015-01-13 15:04 - 00001879 _____ () C:\Users\Lucie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2015-01-13 14:53 - 2015-01-26 22:06 - 00000000 ____D () C:\ProgramData\{bafc389e-a03a-8d87-bafc-c389ea03e27a}
2015-01-13 10:30 - 2015-01-13 10:30 - 00001991 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-13 10:29 - 2014-11-27 09:52 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-01-12 21:16 - 2015-01-12 21:16 - 00000162 ____H () C:\Users\Lucie\Downloads\~$pdf(4)
2015-01-10 23:29 - 2015-01-26 22:44 - 00003258 _____ () C:\windows\System32\Tasks\avastBCLRestartS-1-5-21-2964284607-1452646835-2038692282-1001
2015-01-10 23:29 - 2015-01-10 23:29 - 00000000 __SHD () C:\Users\Lucie\AppData\Local\EmieBrowserModeList
2015-01-10 21:55 - 2015-02-01 19:36 - 00000000 ____D () C:\ProgramData\ICQ
2015-01-10 21:55 - 2015-01-10 21:55 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\ICQ Search
2015-01-10 21:55 - 2015-01-10 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-01-10 21:54 - 2015-01-13 14:38 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\ICQ
2015-01-10 21:54 - 2015-01-10 21:56 - 00000000 ____D () C:\Program Files (x86)\ICQ7M
2015-01-10 21:52 - 2015-01-10 21:53 - 17931896 _____ (ICQ) C:\Users\Lucie\Downloads\icq_7.8.exe
2015-01-10 21:51 - 2015-01-10 21:51 - 37968904 _____ (ICQ) C:\Users\Lucie\Downloads\icq_rfrset(1).exe
2015-01-10 21:49 - 2015-01-10 21:49 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\ICQ-Profile
2015-01-10 21:49 - 2015-01-10 21:49 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\ICQM
2015-01-09 11:36 - 2015-01-09 11:36 - 00000000 ____D () C:\Users\Lucie\AppData\Local\calibre-cache
2015-01-09 11:35 - 2015-01-10 21:55 - 00000000 ____D () C:\Users\Lucie\Documents\Calibre Library
2015-01-09 11:35 - 2015-01-09 11:36 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\calibre
2015-01-09 11:35 - 2015-01-09 11:35 - 00000983 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-01-09 11:35 - 2015-01-09 11:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-01-09 11:35 - 2015-01-09 11:35 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2015-01-09 11:08 - 2015-01-09 11:21 - 62996480 _____ () C:\Users\Lucie\Downloads\calibre-2.15.0 (1).msi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 10:02 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\sru
2015-02-02 09:58 - 2014-11-30 20:31 - 00000000 ____D () C:\Users\Lucie\AppData\Roaming\Skype
2015-02-02 09:38 - 2014-12-01 14:43 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 09:27 - 2014-12-01 12:22 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-01 20:12 - 2014-11-27 09:37 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2964284607-1452646835-2038692282-1001
2015-02-01 19:46 - 2014-05-30 11:13 - 00740962 _____ () C:\windows\system32\perfh005.dat
2015-02-01 19:46 - 2014-05-30 11:13 - 00152146 _____ () C:\windows\system32\perfc005.dat
2015-02-01 19:46 - 2013-10-07 19:27 - 01749406 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-01 19:40 - 2014-11-27 09:35 - 00000000 ___DO () C:\Users\Lucie\OneDrive
2015-02-01 19:39 - 2014-12-01 12:22 - 00000962 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-01 19:38 - 2014-11-29 09:23 - 00002900 _____ () C:\windows\System32\Tasks\AutoKMS
2015-02-01 19:38 - 2014-11-29 09:23 - 00000290 _____ () C:\windows\Tasks\AutoKMS.job
2015-02-01 19:37 - 2014-11-27 09:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-01 19:37 - 2013-08-22 15:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-01 19:36 - 2014-05-30 12:19 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-02-01 19:36 - 2013-08-22 14:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-02-01 18:50 - 2014-11-28 13:34 - 00000000 ____D () C:\windows\Minidump
2015-02-01 18:50 - 2014-11-27 18:29 - 00000000 ____D () C:\Users\Lucie\AppData\Local\CrashDumps
2015-02-01 18:50 - 2013-10-07 20:23 - 00000000 ____D () C:\windows\Panther
2015-02-01 18:38 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\AppReadiness
2015-02-01 12:42 - 2014-11-27 09:29 - 00000000 ____D () C:\Users\Lucie\AppData\Local\Pokki
2015-01-30 19:27 - 2013-08-22 16:20 - 00000000 ____D () C:\windows\CbsTemp
2015-01-29 15:55 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\LiveKernelReports
2015-01-27 15:07 - 2013-08-22 16:36 - 00000000 ____D () C:\windows\system32\NDF
2015-01-26 22:38 - 2014-12-01 14:43 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 21:20 - 2014-12-01 15:15 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2014-12-01 15:15 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 20:51 - 2014-11-27 09:42 - 00001162 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-13 10:30 - 2014-11-27 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-13 10:29 - 2014-11-27 09:52 - 00003924 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-01-10 21:55 - 2014-05-30 11:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-09 12:28 - 2013-11-12 21:23 - 00546419 _____ () C:\Users\Lucie\Desktop\Murakami, Haruki - Hon na ovcu.epub
2015-01-08 21:38 - 2014-11-30 20:31 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-08 21:38 - 2014-11-30 20:31 - 00000000 ____D () C:\ProgramData\Skype
2015-01-06 20:19 - 2014-11-30 22:45 - 00000000 ____D () C:\Users\Lucie\Documents\Caritas 2014

==================== Files in the root of some directories =======

2014-05-30 11:28 - 2014-05-30 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Lucie\AppData\Local\Temp\Quarantine.exe
C:\Users\Lucie\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Lucie\Desktop" je 16919 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[altrok]

Zdravim

Odinstalujte Skype Click to Call

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

V AdwCleaneru jste pouzil i volbu Clean? Dejte z jeho akce posledni log ( C:\AdwCleaner\AdwCleaner [Sx].txt ), pripadne dejte Scan a nasledne Clean.

[pr0m3th3u5]

click to call odinstalovany, jo pouzil, adwc som pouzil znova tady je log

# AdwCleaner v4.109 - Report created 02/02/2015 at 15:13:49
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Lucie - RYBIZEK
# Running from : C:\Users\Lucie\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v35.0.1 (x86 cs)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [8624 octets] - [01/02/2015 19:31:36]
AdwCleaner[R1].txt - [963 octets] - [02/02/2015 15:09:24]
AdwCleaner[S0].txt - [8035 octets] - [01/02/2015 19:36:12]
AdwCleaner[S1].txt - [887 octets] - [02/02/2015 15:13:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [946 octets] ##########




A tu je ten zo vcera



# AdwCleaner v4.109 - Report created 01/02/2015 at 19:36:12
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Lucie - RYBIZEK
# Running from : C:\Users\Lucie\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\4804515463217976522
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\ENjjoyCoupon
Folder Deleted : C:\Program Files (x86)\FunDDEals
Folder Deleted : C:\Program Files (x86)\HAipePy2aSavee
Folder Deleted : C:\Program Files (x86)\NetoCoupona
Folder Deleted : C:\Program Files (x86)\RandomePurice
Folder Deleted : C:\Program Files (x86)\SaaveLots
Folder Deleted : C:\Program Files (x86)\SaveNaeeWaAppz
Folder Deleted : C:\Program Files (x86)\TakETheiCoUponu
Folder Deleted : C:\Program Files (x86)\unissaleesu
Folder Deleted : C:\Program Files (x86)\uNNiisales
Folder Deleted : C:\Program Files (x86)\youtubeadblocker
Folder Deleted : C:\Users\Lucie\AppData\Roaming\EZDownloader
Folder Deleted : C:\ProgramData\gjbmocjnclkmdpilhikpinlllhhedpkd
Folder Deleted : C:\ProgramData\imlekkmnjnhaoefgfdmehdgekaolobaa
Folder Deleted : C:\ProgramData\oahbamcohjlipefndclgfnldmlcanidl
File Deleted : C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\n004brei.default\searchplugins\icqplugin.gif
File Deleted : C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\n004brei.default\searchplugins\icqplugin.src
File Deleted : C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\n004brei.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Lucie\AppData\Roaming\Mozilla\Firefox\Profiles\n004brei.default\searchplugins\mystartsearch.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\Pb008a506_ff2c_4726_82bc_34fb8c9a1c50_.Pb008a506_ff2c_4726_82bc_34fb8c9a1c50_
Key Deleted : HKLM\SOFTWARE\Classes\Pb008a506_ff2c_4726_82bc_34fb8c9a1c50_.Pb008a506_ff2c_4726_82bc_34fb8c9a1c50_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pb037b94c_63fe_4cb0_ac92_c171c2e06bd6_.Pb037b94c_63fe_4cb0_ac92_c171c2e06bd6_
Key Deleted : HKLM\SOFTWARE\Classes\Pb037b94c_63fe_4cb0_ac92_c171c2e06bd6_.Pb037b94c_63fe_4cb0_ac92_c171c2e06bd6_.9
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b008a506-ff2c-4726-82bc-34fb8c9a1c50}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b037b94c-63fe-4cb0-ac92-c171c2e06bd6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b008a506-ff2c-4726-82bc-34fb8c9a1c50}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b037b94c-63fe-4cb0-ac92-c171c2e06bd6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{b008a506-ff2c-4726-82bc-34fb8c9a1c50}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{b037b94c-63fe-4cb0-ac92-c171c2e06bd6}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v35.0.1 (x86 cs)

[n004brei.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.alias", "mystartsearch");
[n004brei.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[n004brei.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.name", "mystartsearch");
[n004brei.default\prefs.js] - Line Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}");
[n004brei.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "mystartsearch");
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1420923333);
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1420923334");
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "142055953114205888111420923334416");
[n004brei.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.version", "1.5.1");

-\\ Google Chrome v39.0.2171.95

[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : gjbmocjnclkmdpilhikpinlllhhedpkd
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : imlekkmnjnhaoefgfdmehdgekaolobaa
[C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : oahbamcohjlipefndclgfnldmlcanidl

*************************

AdwCleaner[R0].txt - [8624 octets] - [01/02/2015 19:31:36]
AdwCleaner[S0].txt - [7863 octets] - [01/02/2015 19:36:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7923 octets] ##########

[altrok]

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
  HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
  HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
  SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-2964284607-1452646835-2038692282-1001 -> {DA4D221B-A153-4967-A87A-2D66A27F0B56} URL =
  SearchScopes: HKU\S-1-5-21-2964284607-1452646835-2038692282-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  
  FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
  FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
  CHR DefaultSearchKeyword: Default -> 7909133EF36C24D0FA4DC2B7951A78FA624064820E8E82748A5492D4633E49A3
  CHR DefaultSearchURL: Default -> 67251EBAC76500CAE2564B904D111A41268A5C2BC262D980370DD10AB07C7F64
  
  2015-02-02 10:14 - 2015-02-02 10:15 - 00016392 _____ () C:\Users\Lucie\Desktop\FRST.txt
  2015-02-02 10:09 - 2015-02-02 10:09 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
  2015-02-01 19:31 - 2015-02-01 19:36 - 00000000 ____D () C:\AdwCleaner
  2015-02-01 19:25 - 2015-02-01 19:30 - 00009208 _____ () C:\Users\Lucie\Downloads\Addition.txt
  2015-02-01 19:38 - 2014-11-29 09:23 - 00002900 _____ () C:\windows\System32\Tasks\AutoKMS
  2015-02-01 19:38 - 2014-11-29 09:23 - 00000290 _____ () C:\windows\Tasks\AutoKMS.job
  Task: {BA858266-AD43-4C25-8D4F-CEF200629316} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-11-29] ()
  Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
  C:\windows\AutoKMS
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Folder: C:\ProgramData\{bafc389e-a03a-8d87-bafc-c389ea03e27a}
  CMD: dir "C:\PROGRA~1"
  CMD: dir "C:\PROGRA~2"
  CMD: dir "C:\PROGRA~3"
  CMD: dir "%localappdata%"
  CMD: dir "%appdata%"
  Hosts:
  EmptyTemp:
  End
  

[pr0m3th3u5]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by Lucie at 2015-02-02 15:59:26 Run:1
Running from C:\Users\Lucie\Desktop
Loaded Profiles: Lucie (Available profiles: Lucie)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2964284607-1452646835-2038692282-1001 -> {DA4D221B-A153-4967-A87A-2D66A27F0B56} URL =
SearchScopes: HKU\S-1-5-21-2964284607-1452646835-2038692282-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=s ... earchTerms}

FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
CHR DefaultSearchKeyword: Default -> 7909133EF36C24D0FA4DC2B7951A78FA624064820E8E82748A5492D4633E49A3
CHR DefaultSearchURL: Default -> 67251EBAC76500CAE2564B904D111A41268A5C2BC262D980370DD10AB07C7F64

2015-02-02 10:14 - 2015-02-02 10:15 - 00016392 _____ () C:\Users\Lucie\Desktop\FRST.txt
2015-02-02 10:09 - 2015-02-02 10:09 - 00112640 _____ (forum.viry.cz) C:\Users\Lucie\Desktop\FRSTLauncher.exe
2015-02-01 19:31 - 2015-02-01 19:36 - 00000000 ____D () C:\AdwCleaner
2015-02-01 19:25 - 2015-02-01 19:30 - 00009208 _____ () C:\Users\Lucie\Downloads\Addition.txt
2015-02-01 19:38 - 2014-11-29 09:23 - 00002900 _____ () C:\windows\System32\Tasks\AutoKMS
2015-02-01 19:38 - 2014-11-29 09:23 - 00000290 _____ () C:\windows\Tasks\AutoKMS.job
Task: {BA858266-AD43-4C25-8D4F-CEF200629316} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-11-29] ()
Task: C:\windows\Tasks\AutoKMS.job => C:\windows\AutoKMS\AutoKMS.exe
C:\windows\AutoKMS
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Folder: C:\ProgramData\{bafc389e-a03a-8d87-bafc-c389ea03e27a}
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value deleted successfully.
HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DA4D221B-A153-4967-A87A-2D66A27F0B56}" => Key deleted successfully.
HKCR\CLSID\{DA4D221B-A153-4967-A87A-2D66A27F0B56} => Key not found.
"HKU\S-1-5-21-2964284607-1452646835-2038692282-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => Key deleted successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => Key not found.
Firefox DefaultSearchUrl deleted successfully.
Firefox Keyword.URL deleted successfully.
Chrome DefaultSearchKeyword not detected.
Chrome DefaultSearchURL not detected.
"C:\Users\Lucie\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Lucie\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Lucie\Downloads\Addition.txt => Moved successfully.
C:\windows\System32\Tasks\AutoKMS => Moved successfully.
C:\windows\Tasks\AutoKMS.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BA858266-AD43-4C25-8D4F-CEF200629316}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA858266-AD43-4C25-8D4F-CEF200629316}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\windows\Tasks\AutoKMS.job not found.
C:\windows\AutoKMS => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========================= Folder: C:\ProgramData\{bafc389e-a03a-8d87-bafc-c389ea03e27a} ========================

2015-01-13 14:53 - 2015-01-13 14:54 - 0000902 _____ () C:\ProgramData\{bafc389e-a03a-8d87-bafc-c389ea03e27a}\Supreme Snowboarding.dat

====== End of Folder: ======


========= dir "C:\PROGRA~1" =========

Volume in drive C is Windows8_OS
Volume Serial Number is D63A-D004

Directory of C:\PROGRA~1

02/01/2015 08:08 PM <DIR> .
02/01/2015 08:08 PM <DIR> ..
11/27/2014 09:50 AM <DIR> AVAST Software
11/29/2014 09:15 AM <DIR> Common Files
05/30/2014 12:15 PM <DIR> CyberLink
05/30/2014 12:21 PM <DIR> DIFX
05/30/2014 11:33 AM <DIR> Elantech
05/30/2014 11:23 AM <DIR> Intel
12/13/2014 11:07 AM <DIR> Internet Explorer
05/30/2014 12:21 PM <DIR> Lenovo
11/29/2014 09:11 AM <DIR> Microsoft Analysis Services
11/29/2014 09:14 AM <DIR> Microsoft Office
11/29/2014 09:14 AM <DIR> Microsoft SQL Server Compact Edition
11/29/2014 09:14 AM <DIR> Microsoft Sync Framework
11/29/2014 09:14 AM <DIR> Microsoft Synchronization Services
10/07/2013 07:29 PM <DIR> MSBuild
05/30/2014 11:28 AM <DIR> Realtek
10/07/2013 07:29 PM <DIR> Reference Assemblies
12/01/2014 03:11 PM <DIR> Windows Defender
12/01/2014 03:12 PM <DIR> Windows Journal
12/01/2014 03:11 PM <DIR> Windows Mail
12/01/2014 03:11 PM <DIR> Windows Media Player
05/30/2014 11:10 AM <DIR> Windows Multimedia Platform
08/22/2013 04:36 PM <DIR> Windows NT
12/01/2014 03:11 PM <DIR> Windows Photo Viewer
05/30/2014 11:10 AM <DIR> Windows Portable Devices
08/22/2013 04:36 PM <DIR> WindowsPowerShell
0 File(s) 0 bytes
27 Dir(s) 395,875,581,952 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C is Windows8_OS
Volume Serial Number is D63A-D004

Directory of C:\PROGRA~2

02/01/2015 08:08 PM <DIR> .
02/01/2015 08:08 PM <DIR> ..
05/30/2014 11:34 AM <DIR> Bluetooth Suite
01/09/2015 11:35 AM <DIR> Calibre2
11/30/2014 08:31 PM <DIR> Common Files
05/30/2014 12:15 PM <DIR> CyberLink
01/27/2015 12:04 PM <DIR> Financial Times News Feed
12/01/2014 12:24 PM <DIR> Google
01/10/2015 09:56 PM <DIR> ICQ7M
01/27/2015 11:28 PM <DIR> Image Hover
05/30/2014 11:25 AM <DIR> Intel
12/13/2014 11:07 AM <DIR> Internet Explorer
01/27/2015 11:24 AM <DIR> jquery injector
05/30/2014 12:20 PM <DIR> Lenovo
05/30/2014 12:07 PM <DIR> Maxthon
11/29/2014 09:11 AM <DIR> Microsoft Analysis Services
11/29/2014 09:11 AM <DIR> Microsoft Office
11/29/2014 09:12 AM <DIR> Microsoft Visual Studio 8
11/29/2014 09:14 AM <DIR> Microsoft.NET
01/26/2015 10:44 PM <DIR> Mozilla Firefox
02/01/2015 07:37 PM <DIR> Mozilla Maintenance Service
11/29/2014 09:14 AM <DIR> MSBuild
05/30/2014 12:19 PM <DIR> New Folder
12/13/2014 11:51 PM <DIR> PhotoFiltre Studio X
05/30/2014 11:31 AM <DIR> Qualcomm Atheros
05/30/2014 11:29 AM <DIR> Realtek
10/07/2013 07:29 PM <DIR> Reference Assemblies
02/02/2015 03:08 PM <DIR> Skype
12/01/2014 03:11 PM <DIR> Windows Defender
12/01/2014 03:11 PM <DIR> Windows Mail
12/01/2014 03:11 PM <DIR> Windows Media Player
05/30/2014 11:10 AM <DIR> Windows Multimedia Platform
08/22/2013 04:36 PM <DIR> Windows NT
12/01/2014 03:11 PM <DIR> Windows Photo Viewer
05/30/2014 11:10 AM <DIR> Windows Portable Devices
08/22/2013 04:36 PM <DIR> WindowsPowerShell
0 File(s) 0 bytes
36 Dir(s) 395,875,581,952 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C is Windows8_OS
Volume Serial Number is D63A-D004

Directory of C:\PROGRA~3

11/27/2014 09:32 AM <DIR> Atheros
11/27/2014 09:50 AM <DIR> AVAST Software
05/30/2014 12:08 PM <DIR> CyberLink
11/29/2014 09:05 AM <DIR> DAEMON Tools Lite
05/30/2014 12:20 PM <DIR> Downloaded Installations
11/27/2014 09:31 AM <DIR> Energy Management
02/01/2015 07:36 PM <DIR> ICQ
05/30/2014 12:07 PM <DIR> install_clap
05/30/2014 11:20 AM <DIR> Intel
05/30/2014 12:19 PM <DIR> Lenovo
02/01/2015 07:41 PM <DIR> Malwarebytes
12/13/2014 11:26 AM <DIR> McAfee
11/29/2014 09:19 AM <DIR> Microsoft Help
11/27/2014 09:42 AM <DIR> Mozilla
05/30/2014 12:19 PM <DIR> Office2013
05/30/2014 12:20 PM <DIR> OneKey Recovery
05/30/2014 11:30 AM <DIR> Qualcomm Atheros
05/30/2014 12:08 PM <DIR> regid.1991-06.com.microsoft
01/08/2015 09:38 PM <DIR> Skype
05/30/2014 12:20 PM <DIR> Temp
01/26/2015 10:06 PM <DIR> {bafc389e-a03a-8d87-bafc-c389ea03e27a}
0 File(s) 0 bytes
21 Dir(s) 395,875,577,856 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C is Windows8_OS
Volume Serial Number is D63A-D004

Directory of C:\Users\Lucie\AppData\Local

02/02/2015 03:58 PM <DIR> .
02/02/2015 03:58 PM <DIR> ..
12/13/2014 12:38 PM <DIR> Adobe
11/27/2014 09:32 AM <DIR> BMExplorer
01/09/2015 11:36 AM <DIR> calibre-cache
02/01/2015 06:50 PM <DIR> CrashDumps
12/01/2014 12:24 PM <DIR> Google
12/01/2014 03:33 PM <DIR> Macromedia
01/12/2015 09:15 PM <DIR> Microsoft
12/01/2014 02:00 AM <DIR> Microsoft Help
11/27/2014 09:42 AM <DIR> Mozilla
02/02/2015 03:58 PM 29,696 MSGBOX.EXE
11/30/2014 06:07 PM <DIR> Packages
11/27/2014 06:36 PM <DIR> PackageStaging
02/01/2015 12:42 PM <DIR> Pokki
01/13/2015 02:59 PM <DIR> Programs
11/30/2014 08:31 PM <DIR> Skype
02/02/2015 03:59 PM <DIR> Temp
11/27/2014 09:30 AM <DIR> VirtualStore
1 File(s) 29,696 bytes
18 Dir(s) 395,875,577,856 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C is Windows8_OS
Volume Serial Number is D63A-D004

Directory of C:\Users\Lucie\AppData\Roaming

01/13/2015 03:06 PM <DIR> .
01/13/2015 03:06 PM <DIR> ..
11/27/2014 09:31 AM <DIR> Adobe
11/27/2014 09:31 AM <DIR> Atheros
11/27/2014 09:53 AM <DIR> AVAST Software
01/09/2015 11:36 AM <DIR> calibre
11/29/2014 09:06 AM <DIR> DAEMON Tools Lite
01/13/2015 02:38 PM <DIR> ICQ
01/10/2015 09:55 PM <DIR> ICQ Search
01/10/2015 09:49 PM <DIR> ICQ-Profile
01/10/2015 09:49 PM <DIR> ICQM
11/27/2014 09:32 AM <DIR> Intel Corporation
11/27/2014 09:31 AM <DIR> Macromedia
11/27/2014 09:42 AM <DIR> Mozilla
12/16/2014 07:12 PM <DIR> PhotoFiltre Studio X
02/02/2015 03:51 PM <DIR> Skype
0 File(s) 0 bytes
16 Dir(s) 395,875,577,856 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 589 MB temporary data.


The system needed a reboot.

==== End of Fixlog 15:59:51 ====

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.