Prohlížeč plný reklam a vys. oken

[petal219]

ale je tu problém předtím se vyskakovací okna neobjevovala a teď se opět objevují a také zmizel FRST launcher i fixlist.txt a vytvořil se dávkový soubor LM


fixlog:Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-02-2015
Ran by Matouskovi at 2015-02-15 15:47:58 Run:1
Running from C:\Users\Matouskovi\Desktop
Loaded Profiles: Matouskovi & UpdatusUser (Available profiles: Matouskovi & EsterkaPú & Jindřiška & Gianluca & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2011-09-16] (LogMeIn, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [SpyEmergency] => C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe [3231032 2013-10-03] (NETGATE Technologies s.r.o.)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]

CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-01-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3284008 2013-03-11] (NETGATE Technologies s.r.o.)
S2 0c632643; "C:\Windows\system32\rundll32.exe" "c:\progra~3\intere~1\InterenetOptimizerSvc.dll",service
S2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S2 Hamachi2Svc; "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]
S4 LMIRfsClientNP; No ImagePath
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [18776 2011-04-21] (NETGATE Technologies s.r.o.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

C:\Program Files\NETGATE\Spy Emergency
c:\progra~3\intere~1
2015-02-15 14:54 - 2015-02-15 14:54 - 06103040 _____ () C:\Program Files (x86)\GUT8F06.tmp
2015-02-15 14:54 - 2015-02-15 14:54 - 00000000 ____D () C:\Program Files (x86)\GUM8F05.tmp
2015-02-15 14:49 - 2015-02-15 14:09 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 14:46 - 2015-02-15 14:46 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2015-02-15 14:35 - 2015-02-15 14:54 - 00026129 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 206061.crdownload
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\Nepotvrzeno 149854.crdownload
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher (2).exe
2015-02-15 14:32 - 2015-02-15 14:32 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe
2015-02-15 14:13 - 2015-02-15 14:07 - 00001333 _____ () C:\zoek-results2015-02-15-130727.log
2015-02-15 14:07 - 2015-02-15 13:28 - 00001806 _____ () C:\zoek-results2015-02-15-122826.log
2015-02-15 13:27 - 2014-06-10 15:12 - 00011186 _____ () C:\zoek-results2014-06-10-141202.log
2015-02-15 13:24 - 2015-02-15 14:47 - 00000000 ____D () C:\zoek_backup
2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
2015-02-15 13:23 - 2015-02-15 13:23 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
2015-02-15 13:16 - 2015-02-15 13:19 - 00000000 ____D () C:\AdwCleaner
2015-02-15 13:14 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
2015-02-15 13:13 - 2015-02-15 13:14 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
2015-02-15 13:12 - 2015-02-15 13:13 - 00225167 _____ () C:\Users\Matouskovi\Downloads\avgremover.log
2015-02-15 13:12 - 2015-02-15 13:12 - 03681088 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Matouskovi\Downloads\avg_remover_stf_x64_2015_5501.exe
2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\rsit
2015-02-15 12:55 - 2015-02-15 12:55 - 00000000 ____D () C:\Program Files\TREND micro
2015-02-15 12:54 - 2015-02-15 12:54 - 01222144 _____ () C:\Users\Matouskovi\Downloads\RSITx64.exe
2015-01-22 17:47 - 2015-01-08 19:40 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Spy Emergency
C:\Windows\system32\msvdbuf.vbe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvdbufSrv
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn GUI => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpyEmergency => value deleted successfully.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ProdReg => Value not found.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\CTPostBootSequencer => Value not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main\\Search Page => Error setting value.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main\\First Home Page => Value not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skype-ie-addon-data => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}" => Key deleted successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value deleted successfully.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com not found.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com not found.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com not found.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com not found.
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
SpyEmrgSrv => Service not found.
0c632643 => Service deleted successfully.
EslWireHelper => Service deleted successfully.
Hamachi2Svc => Service deleted successfully.
LMIRfsClientNP => Service deleted successfully.
SpyEmrg => Service not found.
SpyEmrgAccess => Service not found.
SpyEmrgGuard => Service not found.
EagleX64 => Service deleted successfully.
"C:\Program Files\NETGATE\Spy Emergency" => File/Directory not found.
"c:\progra~3\intere~1" => File/Directory not found.
"C:\Program Files (x86)\GUT8F06.tmp" => File/Directory not found.
"C:\Program Files (x86)\GUM8F05.tmp" => File/Directory not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin => Moved successfully.
"C:\Users\Matouskovi\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Matouskovi\Downloads\Nepotvrzeno 206061.crdownload => Moved successfully.
C:\Users\Matouskovi\Downloads\Nepotvrzeno 149854.crdownload => Moved successfully.
C:\Users\Matouskovi\Downloads\FRSTLauncher (2).exe => Moved successfully.
C:\Users\Matouskovi\Desktop\FRSTLauncher (2).exe => Moved successfully.
C:\zoek-results2015-02-15-130727.log => Moved successfully.
C:\zoek-results2015-02-15-122826.log => Moved successfully.
C:\zoek-results2014-06-10-141202.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Matouskovi\Downloads\zoek.exe => Moved successfully.
C:\Users\Matouskovi\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Matouskovi\Downloads\avgremover.log => Moved successfully.
C:\Users\Matouskovi\Downloads\avg_remover_stf_x64_2015_5501.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\TREND micro => Moved successfully.
C:\Users\Matouskovi\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Matouskovi\AppData\Roaming\Spy Emergency => Moved successfully.
"C:\Windows\system32\msvdbuf.vbe" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msvdbufSrv => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => Key Deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 285 MB temporary data.


The system needed a reboot.

==== End of Fixlog 15:48:12 ====

[vyosek]

V jakem prohlizeci vyskakuji??

Dejte novy log z FRST

[petal219]

reklamy se objevují v prohlížeči google chrome. a také je něják pomalý internet . log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by Matouskovi (administrator) on MATOUSKOVI-PC on 15-02-2015 17:57:01
Running from C:\Users\Matouskovi\Desktop
Loaded Profiles: Matouskovi & EsterkaPú & UpdatusUser (Available profiles: Matouskovi & EsterkaPú & Jindřiška & Gianluca & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [151552 2013-06-29] (IvoSoft)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [DAEMON Tools Lite] => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22059616 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\CurrentVersion\Windows: [Load] C:\Users\MATOUS~1\LOCALS~1\Temp\msiimaye.com <===== ATTENTION
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\MountPoints2: {1f9cd650-618a-11e3-b9c2-001ec94dec92} - F:\Autorun.exe
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\MountPoints2: {bdc6d619-5e2d-11e2-bd7b-001ec94dec92} - F:\autorun.exe
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1528716315-3860698994-2152196103-1003] => http=127.0.0.1:30911
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=119529 ... 1EC94DEC92
HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE11SR
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={search ... 1EC94DEC92
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {1E5E19B6-E982-44D7-92D4-FFAF5B79086E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {20511D9F-773C-463B-A818-0574CCEA4626} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {215F313D-444A-4842-BD27-1DA4581E2664} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {2416C31D-40D7-4241-9185-D4FCBCA569DB} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {4D1AA97F-2D6D-4A3C-8A0C-09C34AA3D943} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {529AAEDA-245E-4E68-8D09-A3063535B6D8} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {AFC27931-AA76-425D-96E0-4FC7C3B4D79A} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = http://mystart.incredibar.com/mb201/?se ... 0D3Jh&i=26
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {E1F75167-9259-4CF2-BF14-2CA7F0CB2000} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1003 -> {F6CA5044-0F24-4070-9FD0-C3E26808A9F1} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.11.0.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\EsterkaPú\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matouskovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1003: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr [2014-11-12]
FF HKU\S-1-5-21-1528716315-3860698994-2152196103-1003\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19]
CHR Extension: (Dokumenty Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19]
CHR Extension: (Disk Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19]
CHR Extension: (YouTube) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (Tabulky Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (Peněženka Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]
CHR Extension: (Gmail) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-13] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-11-03] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-22] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [497152 2009-04-23] (Analog Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-10] (Disc Soft Ltd)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-11-09] (Duplex Secure Ltd.)
S3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 17:57 - 2015-02-15 17:57 - 00030428 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
2015-02-15 17:56 - 2015-02-15 17:56 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher.exe
2015-02-15 17:56 - 2015-02-15 17:56 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Desktop\FRSTLauncher.exe
2015-02-15 17:56 - 2015-02-15 17:56 - 00015327 _____ () C:\Users\Matouskovi\Desktop\LM.bat
2015-02-15 15:49 - 2015-02-15 15:49 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2015-02-15 15:47 - 2015-02-15 17:56 - 00029696 _____ () C:\Users\Matouskovi\AppData\Local\MSGBOX.EXE
2015-02-15 15:40 - 2015-02-15 15:40 - 00655840 _____ () C:\Users\Matouskovi\Downloads\stažený soubor (2)
2015-02-15 15:39 - 2015-02-15 15:39 - 00655840 _____ () C:\Users\Matouskovi\Downloads\stažený soubor (1)
2015-02-15 15:39 - 2015-02-15 15:39 - 00655840 _____ () C:\Users\Matouskovi\Downloads\stažený soubor
2015-02-15 15:34 - 2015-02-15 15:34 - 00000661 _____ () C:\Users\Matouskovi\Desktop\škola.lnk
2015-02-15 15:33 - 2015-02-15 15:33 - 00000753 _____ () C:\Users\Matouskovi\Desktop\vše.lnk
2015-02-15 14:35 - 2015-02-15 17:57 - 00000000 ____D () C:\FRST
2015-02-15 14:34 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Desktop\FRST64.exe
2015-02-15 14:33 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Downloads\FRST64.exe
2015-02-15 11:20 - 2015-02-15 11:20 - 00000020 _____ () C:\Users\EsterkaPú\AppData\Roaming\appdataFr3.bin
2015-02-10 11:17 - 2015-02-10 11:17 - 00000020 _____ () C:\Users\Jindřiška\AppData\Roaming\appdataFr3.bin
2015-02-07 17:05 - 2015-02-07 17:05 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-01 19:34 - 2015-02-01 19:50 - 00000000 ____D () C:\Users\EsterkaPú\Desktop\LG
2015-02-01 19:32 - 2015-02-01 19:32 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\dvdcss
2015-01-21 17:24 - 2015-01-21 17:24 - 01182978 _____ () C:\Users\Matouskovi\Downloads\Semeno.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-15 17:55 - 2012-11-07 17:08 - 01921193 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 16:49 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 16:49 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 16:48 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-02-15 16:48 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-02-15 16:48 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 16:47 - 2013-10-24 13:33 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz
2015-02-15 16:42 - 2014-09-21 20:07 - 00096160 _____ () C:\Windows\setupact.log
2015-02-15 16:42 - 2012-11-07 17:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-15 16:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 15:49 - 2013-11-30 12:36 - 06456832 ___SH () C:\Users\Matouskovi\Desktop\Thumbs.db
2015-02-15 15:28 - 2015-01-07 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1 PC tools
2015-02-15 14:55 - 2012-11-14 18:06 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-15 14:55 - 2012-11-14 18:05 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-15 14:52 - 2014-06-10 14:59 - 00032627 _____ () C:\zoek-results.log
2015-02-15 14:50 - 2014-09-28 11:28 - 00029468 _____ () C:\Windows\PFRO.log
2015-02-15 13:19 - 2014-04-12 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-15 13:19 - 2012-11-14 18:11 - 00000979 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 13:19 - 2012-11-07 17:09 - 00000979 _____ () C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-15 12:19 - 2014-05-07 19:44 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-14 20:58 - 2012-12-08 17:22 - 00004010 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{961A0EA5-CBA7-4758-9183-B4472D8FEEE8}
2015-02-14 20:29 - 2012-11-14 18:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-13 10:56 - 2012-11-23 11:26 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\CrashDumps
2015-02-11 20:18 - 2012-11-23 11:33 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:18 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:15 - 2014-03-26 13:14 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\Battle.net
2015-02-11 16:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 16:08 - 2014-06-23 17:26 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1379855388
2015-02-10 11:23 - 2013-01-05 20:18 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Skype
2015-02-10 11:22 - 2013-11-06 08:04 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Seznam.cz
2015-02-10 11:18 - 2013-04-10 07:09 - 00000000 ____D () C:\Users\Jindřiška\AppData\Local\CrashDumps
2015-02-07 17:05 - 2012-11-07 17:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 17:05 - 2012-11-07 17:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 17:05 - 2012-11-07 17:15 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 19:32 - 2014-05-22 19:35 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\vlc
2015-01-25 17:44 - 2012-12-21 12:55 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\TS3Client
2015-01-22 15:18 - 2015-01-05 19:48 - 04582264 _____ () C:\Users\Matouskovi\Desktop\TechnicLauncher.exe
2015-01-22 10:29 - 2013-06-22 12:44 - 00000000 ____D () C:\Users\Matouskovi\Documents\Soubory aplikace Outlook
2015-01-19 14:15 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-17 18:59 - 2012-11-20 18:21 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Skype
2015-01-16 16:35 - 2013-03-24 18:44 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\.minecraft

==================== Files in the root of some directories =======

2015-02-15 15:49 - 2015-02-15 15:49 - 0000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2014-01-01 10:30 - 2014-01-17 06:55 - 0000027 _____ () C:\Users\Matouskovi\AppData\Roaming\mskviy.dat
2014-01-01 10:30 - 2014-01-16 11:02 - 0001747 _____ () C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat
2014-02-19 19:19 - 2014-02-19 19:19 - 0000600 _____ () C:\Users\Matouskovi\AppData\Roaming\winscp.rnd
2012-11-20 13:48 - 2014-05-29 12:04 - 0007168 _____ () C:\Users\Matouskovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-15 15:47 - 2015-02-15 17:56 - 0029696 _____ () C:\Users\Matouskovi\AppData\Local\MSGBOX.EXE
2014-01-09 13:16 - 2014-01-09 13:16 - 0000852 _____ () C:\Users\Matouskovi\AppData\Local\recently-used.xbel
2012-11-07 17:54 - 2014-05-30 20:04 - 0007642 _____ () C:\Users\Matouskovi\AppData\Local\Resmon.ResmonCfg
2014-04-21 09:57 - 2014-04-21 09:57 - 4685824 _____ () C:\ProgramData\ClassicShellSetup64_4_1_0.msi

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 16:15

==================== End Of Log ============================

[vyosek]

Se tam nejak zas bordel natahal

Aplikujte znovu AdwCleaner a Zoek http://forum.viry.cz/viewtopic.php?f=13 ... 0#p1379847 logy sem

[petal219]

adw:
# AdwCleaner v4.110 - Logfile created 15/02/2015 at 19:20:01
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Matouskovi - MATOUSKOVI-PC
# Running from : C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v32.0 (x86 cs)


-\\ Google Chrome v40.0.2214.111


-\\ Opera v27.0.1689.69


*************************

AdwCleaner[R2].txt - [894 bytes] - [15/02/2015 19:18:16]
AdwCleaner[S2].txt - [824 bytes] - [15/02/2015 19:20:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [882 bytes] ##########

[petal219]

a zoek:

Zoek.exe v5.0.0.0 Updated 13-February-2015
Tool run by Matouskovi on ne 15.02.2015 at 19:25:03,60.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Matouskovi\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-02-15-135243.log 32627 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\prefs.js:

Added to C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\prefs.js:

Added to C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Gianluca\AppData\Roaming\Mozilla\Firefox\Profiles\48szkt78.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\ESTERK~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\sepherdwilbur@aol.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\EsterkaPú\AppData\Roaming\Mozilla\Firefox\Profiles\4xafesmr.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com

ProfilePath: C:\Users\JINDIK~1\AppData\Roaming\Mozilla\Firefox\Profiles\9nj1kh0k.default
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind
- Undetermined - C:\Users\Jind

ProfilePath: C:\Users\MATOUS~1\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com
- skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\skipcerterror@foudil.fr
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com
- Undetermined - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com
- skipcerterrorfoudilfr - %ProfilePath%\extensions\skipcerterror@foudil.fr

ExtDir: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Undetermined - %ExtDir%\suggestor@suggestor.pirrit.com.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
F59A3BE52327B91541CA61A783741595 - C:\Users\Matouskovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
AAEECF49F3B841180007E8C8E6974F18 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Up to date, latest Stable version: 40.0.2214.111)


Skype Click to Call - Gianluca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{05EF0A21-C92E-4743-8E39-730E26024039} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{48FB8B09-5758-462C-971F-8241120BC74F} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"
{4F833CAA-94E3-40C1-BE60-4F3FBA29F155} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{7FB123D2-EA11-4D13-B9B7-18D27F58A421} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{96382310-48A0-4DDF-AD92-613B8A5CB223} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
{B698D1D6-D6AF-4397-8E21-CAC7D387B574} Google Url="http://www.google.cz/search?q={searchTe ... {startPage}"
{CDBF616F-FE64-4FDF-BE82-9D58616AA328} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{CE67BA7D-24B5-4481-AFB4-48B896032C3A} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12454"
{DC303589-C36F-4BB1-8484-B5FAC272634A} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{E5C3AF93-9698-4585-A13D-2D96003B49F5} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"

==== Reset Google Chrome ======================

C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\Matouskovi\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Matouskovi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gianluca\AppData\Local\Mozilla\Firefox\Profiles\48szkt78.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Matouskovi\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Gianluca\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=0 135 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Gianluca\AppData\Local\temp emptied successfully
C:\Users\Matouskovi\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\MATOUS~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 15.02.2015 at 20:18:46,30 ======================

[petal219]

ale opět vyskakují reklamy

[vyosek]

Odinstalujte Chrome

Smazte jeho profil a vytvorte novy https://support.google.com/chrome/answer/142059?hl=cs

Dejte novy log z FRST

[petal219]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by Matouskovi (administrator) on MATOUSKOVI-PC on 16-02-2015 17:20:17
Running from C:\Users\Matouskovi\Desktop
Loaded Profiles: Matouskovi & UpdatusUser (Available profiles: Matouskovi & EsterkaPú & Jindřiška & Gianluca & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) D:\Program Files (x86)\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(forum.viry.cz) C:\Users\Matouskovi\Desktop\FRST-OlderVersion\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [151552 2013-06-29] (IvoSoft)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {05EF0A21-C92E-4743-8E39-730E26024039} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {48FB8B09-5758-462C-971F-8241120BC74F} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {4F833CAA-94E3-40C1-BE60-4F3FBA29F155} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {7FB123D2-EA11-4D13-B9B7-18D27F58A421} URL = http://www.novinky.cz/hledej?w={searchT ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {96382310-48A0-4DDF-AD92-613B8A5CB223} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {B698D1D6-D6AF-4397-8E21-CAC7D387B574} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CDBF616F-FE64-4FDF-BE82-9D58616AA328} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {CE67BA7D-24B5-4481-AFB4-48B896032C3A} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {DC303589-C36F-4BB1-8484-B5FAC272634A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKU\S-1-5-21-1528716315-3860698994-2152196103-1006 -> {E5C3AF93-9698-4585-A13D-2D96003B49F5} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.11.0.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\EsterkaPú\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Matouskovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1528716315-3860698994-2152196103-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr [2014-11-12]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-16]
CHR Extension: (Dokumenty Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16]
CHR Extension: (Disk Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-16]
CHR Extension: (YouTube) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-16]
CHR Extension: (Tabulky Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-16]
CHR Extension: (Peněženka Google) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-16]
CHR Extension: (Gmail) - C:\Users\Matouskovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-08-13] ()
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376168 2014-11-03] (LogMeIn, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-22] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADIHdAudAddService; C:\Windows\System32\drivers\ADIHdAud.sys [497152 2009-04-23] (Analog Devices, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2014-02-21] (Razer, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-11-09] (Duplex Secure Ltd.)
S3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-05-31] (Creative Technology Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-16 17:20 - 2015-02-16 17:20 - 00019644 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
2015-02-16 17:19 - 2015-02-16 17:19 - 00002259 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-16 17:19 - 2015-02-16 17:19 - 00002259 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2015-02-16 17:19 - 2015-02-16 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-16 17:12 - 2015-02-16 17:17 - 00000000 ____D () C:\Users\Matouskovi\Desktop\FRST-OlderVersion
2015-02-15 20:19 - 2015-02-15 20:19 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2015-02-15 20:08 - 2015-02-15 19:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 19:28 - 2015-02-15 14:52 - 00032627 _____ () C:\zoek-results2015-02-15-135243.log
2015-02-15 19:24 - 2015-02-15 20:00 - 00000000 ____D () C:\zoek_backup
2015-02-15 19:18 - 2015-02-15 19:20 - 00000000 ____D () C:\AdwCleaner
2015-02-15 19:18 - 2015-02-15 19:17 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
2015-02-15 19:17 - 2015-02-15 19:17 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
2015-02-15 19:17 - 2015-02-15 19:17 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
2015-02-15 19:17 - 2015-02-15 19:17 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
2015-02-15 17:56 - 2015-02-15 17:56 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher.exe
2015-02-15 15:40 - 2015-02-15 15:40 - 00655840 _____ () C:\Users\Matouskovi\Downloads\stažený soubor (2)
2015-02-15 15:39 - 2015-02-15 15:39 - 00655840 _____ () C:\Users\Matouskovi\Downloads\stažený soubor (1)
2015-02-15 15:39 - 2015-02-15 15:39 - 00655840 _____ () C:\Users\Matouskovi\Downloads\stažený soubor
2015-02-15 15:34 - 2015-02-15 15:34 - 00000661 _____ () C:\Users\Matouskovi\Desktop\škola.lnk
2015-02-15 15:33 - 2015-02-15 15:33 - 00000753 _____ () C:\Users\Matouskovi\Desktop\vše.lnk
2015-02-15 14:35 - 2015-02-16 17:20 - 00000000 ____D () C:\FRST
2015-02-15 14:34 - 2015-02-16 17:12 - 02085888 _____ (Farbar) C:\Users\Matouskovi\Desktop\FRST64.exe
2015-02-15 14:33 - 2015-02-15 14:33 - 02134528 _____ (Farbar) C:\Users\Matouskovi\Downloads\FRST64.exe
2015-02-15 11:20 - 2015-02-15 11:20 - 00000020 _____ () C:\Users\EsterkaPú\AppData\Roaming\appdataFr3.bin
2015-02-10 11:17 - 2015-02-10 11:17 - 00000020 _____ () C:\Users\Jindřiška\AppData\Roaming\appdataFr3.bin
2015-02-07 17:05 - 2015-02-07 17:05 - 05070512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-02-01 19:34 - 2015-02-01 19:50 - 00000000 ____D () C:\Users\EsterkaPú\Desktop\LG
2015-02-01 19:32 - 2015-02-01 19:32 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\dvdcss
2015-01-21 17:24 - 2015-01-21 17:24 - 01182978 _____ () C:\Users\Matouskovi\Downloads\Semeno.pptx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-16 17:19 - 2012-11-14 18:05 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\Google
2015-02-16 17:19 - 2012-11-14 18:05 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-16 17:05 - 2014-09-21 20:07 - 00096888 _____ () C:\Windows\setupact.log
2015-02-16 17:05 - 2012-11-07 17:08 - 02076078 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 16:58 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 16:58 - 2009-07-14 05:45 - 00022080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 16:55 - 2011-04-12 09:34 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2015-02-16 16:55 - 2011-04-12 09:34 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2015-02-16 16:55 - 2009-07-14 06:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-16 16:51 - 2012-11-07 17:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-16 16:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 20:18 - 2014-09-28 11:28 - 00030946 _____ () C:\Windows\PFRO.log
2015-02-15 20:18 - 2014-06-10 14:59 - 00023357 _____ () C:\zoek-results.log
2015-02-15 19:16 - 2013-12-20 17:55 - 00323072 ___SH () C:\Users\Matouskovi\Downloads\Thumbs.db
2015-02-15 16:47 - 2013-10-24 13:33 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\Seznam.cz
2015-02-15 15:49 - 2013-11-30 12:36 - 06456832 ___SH () C:\Users\Matouskovi\Desktop\Thumbs.db
2015-02-15 15:28 - 2015-01-07 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1 PC tools
2015-02-15 14:55 - 2012-11-14 18:06 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-15 14:55 - 2012-11-14 18:05 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-15 13:19 - 2012-11-14 18:11 - 00000979 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-02-15 13:19 - 2012-11-07 17:09 - 00000979 _____ () C:\Users\Matouskovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-15 12:19 - 2014-05-07 19:44 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-14 20:58 - 2012-12-08 17:22 - 00004010 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{961A0EA5-CBA7-4758-9183-B4472D8FEEE8}
2015-02-14 20:29 - 2012-11-14 18:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-13 10:56 - 2012-11-23 11:26 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\CrashDumps
2015-02-11 20:18 - 2012-11-23 11:33 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-02-11 20:18 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-11 20:15 - 2014-03-26 13:14 - 00000000 ____D () C:\Users\Matouskovi\AppData\Local\Battle.net
2015-02-11 16:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 16:08 - 2014-06-23 17:26 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1379855388
2015-02-10 11:23 - 2013-01-05 20:18 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Skype
2015-02-10 11:22 - 2013-11-06 08:04 - 00000000 ____D () C:\Users\Jindřiška\AppData\Roaming\Seznam.cz
2015-02-10 11:18 - 2013-04-10 07:09 - 00000000 ____D () C:\Users\Jindřiška\AppData\Local\CrashDumps
2015-02-07 17:05 - 2012-11-07 17:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 17:05 - 2012-11-07 17:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 17:05 - 2012-11-07 17:15 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-01 19:32 - 2014-05-22 19:35 - 00000000 ____D () C:\Users\EsterkaPú\AppData\Roaming\vlc
2015-01-25 17:44 - 2012-12-21 12:55 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\TS3Client
2015-01-22 15:18 - 2015-01-05 19:48 - 04582264 _____ () C:\Users\Matouskovi\Desktop\TechnicLauncher.exe
2015-01-22 10:29 - 2013-06-22 12:44 - 00000000 ____D () C:\Users\Matouskovi\Documents\Soubory aplikace Outlook
2015-01-19 14:15 - 2012-11-22 19:43 - 00281392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-01-17 18:59 - 2012-11-20 18:21 - 00000000 ____D () C:\Users\Matouskovi\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2015-02-15 20:19 - 2015-02-15 20:19 - 0000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2014-01-01 10:30 - 2014-01-17 06:55 - 0000027 _____ () C:\Users\Matouskovi\AppData\Roaming\mskviy.dat
2014-01-01 10:30 - 2014-01-16 11:02 - 0001747 _____ () C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat
2014-02-19 19:19 - 2014-02-19 19:19 - 0000600 _____ () C:\Users\Matouskovi\AppData\Roaming\winscp.rnd
2012-11-20 13:48 - 2014-05-29 12:04 - 0007168 _____ () C:\Users\Matouskovi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-09 13:16 - 2014-01-09 13:16 - 0000852 _____ () C:\Users\Matouskovi\AppData\Local\recently-used.xbel
2012-11-07 17:54 - 2014-05-30 20:04 - 0007642 _____ () C:\Users\Matouskovi\AppData\Local\Resmon.ResmonCfg
2014-04-21 09:57 - 2014-04-21 09:57 - 4685824 _____ () C:\ProgramData\ClassicShellSetup64_4_1_0.msi

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 16:15




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:167.58 GB) (Free:40.74 GB) NTFS
Drive d: (Data disk) (Fixed) (Total:1863.01 GB) (Free:704.7 GB) NTFS
Drive e: (Sims3EP10) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF

Available physical RAM: 1187.16 MB
Total physical RAM: 4029.62 MB
Percentage of memory in use: 70%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0879521D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 34838E54)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=167.6 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Matouskovi\Desktop" je 13 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RaidCall
C:\Program Files (x86)\RaidCall\raidcall.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Razer Synapse
"C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DefaultOutboundAction REG_DWORD 0x0
DefaultInboundAction REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION
  
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
  HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  FF Extension: skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr [2014-11-12]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
  FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]
  
  2015-02-16 17:20 - 2015-02-16 17:20 - 00019644 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
  2015-02-16 17:12 - 2015-02-16 17:17 - 00000000 ____D () C:\Users\Matouskovi\Desktop\FRST-OlderVersion
  2015-02-15 20:19 - 2015-02-15 20:19 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
  2015-02-15 20:08 - 2015-02-15 19:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2015-02-15 19:28 - 2015-02-15 14:52 - 00032627 _____ () C:\zoek-results2015-02-15-135243.log
  2015-02-15 19:24 - 2015-02-15 20:00 - 00000000 ____D () C:\zoek_backup
  2015-02-15 19:18 - 2015-02-15 19:20 - 00000000 ____D () C:\AdwCleaner
  2015-02-15 19:18 - 2015-02-15 19:17 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
  2015-02-15 19:17 - 2015-02-15 19:17 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
  2015-02-15 19:17 - 2015-02-15 19:17 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
  2015-02-15 19:17 - 2015-02-15 19:17 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
  2015-02-15 17:56 - 2015-02-15 17:56 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher.exe
  2015-02-15 20:19 - 2015-02-15 20:19 - 0000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
  2014-01-01 10:30 - 2014-01-17 06:55 - 0000027 _____ () C:\Users\Matouskovi\AppData\Roaming\mskviy.dat
  2014-01-01 10:30 - 2014-01-16 11:02 - 0001747 _____ () C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat
  2014-02-19 19:19 - 2014-02-19 19:19 - 0000600 _____ () C:\Users\Matouskovi\AppData\Roaming\winscp.rnd
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[petal219]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-02-2015
Ran by Matouskovi at 2015-02-17 13:58:16 Run:2
Running from C:\Users\Matouskovi\Desktop
Loaded Profiles: Matouskovi & UpdatusUser (Available profiles: Matouskovi & EsterkaPú & Jindřiška & Gianluca & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [ProdReg] => C:\Program Files (x86)\Creative\Product Registration\ProdReg.exe [1690112 2014-02-24] (Creative Technology Ltd)
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\...\RunOnce: [CTPostBootSequencer] => "C:\Users\MATOUS~1\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct <===== ATTENTION

HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 12454&OSP=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Extension: skipcerterrorfoudilfr - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr [2014-11-12]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com [Not Found]
FF Extension: No Name - C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com [Not Found]

2015-02-16 17:20 - 2015-02-16 17:20 - 00019644 _____ () C:\Users\Matouskovi\Desktop\FRST.txt
2015-02-16 17:12 - 2015-02-16 17:17 - 00000000 ____D () C:\Users\Matouskovi\Desktop\FRST-OlderVersion
2015-02-15 20:19 - 2015-02-15 20:19 - 00000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2015-02-15 20:08 - 2015-02-15 19:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-15 19:28 - 2015-02-15 14:52 - 00032627 _____ () C:\zoek-results2015-02-15-135243.log
2015-02-15 19:24 - 2015-02-15 20:00 - 00000000 ____D () C:\zoek_backup
2015-02-15 19:18 - 2015-02-15 19:20 - 00000000 ____D () C:\AdwCleaner
2015-02-15 19:18 - 2015-02-15 19:17 - 01304576 _____ () C:\Users\Matouskovi\Desktop\zoek.exe
2015-02-15 19:17 - 2015-02-15 19:17 - 02112512 _____ () C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe
2015-02-15 19:17 - 2015-02-15 19:17 - 02112512 _____ () C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe
2015-02-15 19:17 - 2015-02-15 19:17 - 01304576 _____ () C:\Users\Matouskovi\Downloads\zoek.exe
2015-02-15 17:56 - 2015-02-15 17:56 - 00112640 _____ (forum.viry.cz) C:\Users\Matouskovi\Downloads\FRSTLauncher.exe
2015-02-15 20:19 - 2015-02-15 20:19 - 0000020 _____ () C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin
2014-01-01 10:30 - 2014-01-17 06:55 - 0000027 _____ () C:\Users\Matouskovi\AppData\Roaming\mskviy.dat
2014-01-01 10:30 - 2014-01-16 11:02 - 0001747 _____ () C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat
2014-02-19 19:19 - 2014-02-19 19:19 - 0000600 _____ () C:\Users\Matouskovi\AppData\Roaming\winscp.rnd

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ProdReg => Value not found.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Windows\CurrentVersion\RunOnce\\CTPostBootSequencer => Value not found.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main\\Search Page => Error setting value.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-1528716315-3860698994-2152196103-1006\Software\Microsoft\Internet Explorer\Main\\First Home Page => Value not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\Extensions\skipcerterror@foudil.fr => Moved successfully.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\faststartff@gmail.com not found.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com not found.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\1853a82e-ce44-4a8c-a6fe-9bcf74a65575@4b6b1c16-5f0a-4ef0-866f-b063e235ef97.com not found.
C:\Users\Matouskovi\AppData\Roaming\Mozilla\Firefox\Profiles\smscr827.default\extensions\sepherdwilbur@aol.com not found.
"C:\Users\Matouskovi\Desktop\FRST.txt" => File/Directory not found.
C:\Users\Matouskovi\Desktop\FRST-OlderVersion => Moved successfully.
C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results2015-02-15-135243.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Matouskovi\Desktop\zoek.exe => Moved successfully.
C:\Users\Matouskovi\Downloads\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Matouskovi\Desktop\adwcleaner_4.110.exe => Moved successfully.
C:\Users\Matouskovi\Downloads\zoek.exe => Moved successfully.
C:\Users\Matouskovi\Downloads\FRSTLauncher.exe => Moved successfully.
"C:\Users\Matouskovi\AppData\Roaming\appdataFr3.bin" => File/Directory not found.
C:\Users\Matouskovi\AppData\Roaming\mskviy.dat => Moved successfully.
C:\Users\Matouskovi\AppData\Roaming\mssdxk.dat => Moved successfully.
C:\Users\Matouskovi\AppData\Roaming\winscp.rnd => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 54.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 13:58:26 ====

[vyosek]

Jak se chova PC???

[petal219]

zatím ok děkuji moc za pomoc

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[petal219]

děkuji