KONTROLA LOGU

[chrudos10]

Zdravím,

prosím o kontrolu logu.
Díky

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Jelínkovi (administrator) on JELÍNKOVI-PC on 24-03-2015 22:20:12
Running from C:\Users\Jelínkovi\Desktop
Loaded Profiles: Jelínkovi (Available profiles: Jelínkovi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
() C:\Users\Jelínkovi\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2014-04-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [868352 2006-12-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Jelínkovi\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [Game Fire] => C:\Program Files (x86)\Smart PC Utilities\Game Fire\GFTray.exe [44032 2011-12-02] (Smart PC Utilities, Ltd.)
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Jelínkovi\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Jelínkovi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-18] ()
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3771904 2014-12-09] (Turtle Entertainment GmbH)
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\MountPoints2: E - E:\Autorun.exe
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\...\MountPoints2: {7c89468e-bf9e-11e3-bef1-001a9234e086} - E:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
CHR HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1875898016-1540026239-2231768052-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {39593A6B-DA82-4D70-B9BA-113CD769A532} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {67010C15-086D-4267-A850-D4E642333C81} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {720D5D2D-846A-4D9A-B686-731E45A2A827} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {82F8D674-3007-484D-9254-9F85F26CC0A1} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {8428E9BA-2CAD-43F8-820C-1E3E1A679256} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {A1DED023-5C94-472A-9818-532B935C17E1} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {CECA1AFD-F52E-4845-9FBB-FF1B66FDBFD3} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {D9C32BC9-F35B-43A0-81D0-E38AFCE1808D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1875898016-1540026239-2231768052-1000 -> {F9BCAEA3-4EFB-4051-AFAE-757DC153361F} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
BHO: Senses -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files (x86)\Senses\Senses-bho64.dll No File
BHO: No Name -> {11111111-1111-1111-1111-110611381131} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-04] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-04] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-17] (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Tcpip\Parameters: [DhcpNameServer] 10.10.5.254

FireFox:
========
FF ProfilePath: C:\Users\Jelínkovi\AppData\Roaming\Mozilla\Firefox\Profiles\n8ca5hhb.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1875898016-1540026239-2231768052-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jelínkovi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1875898016-1540026239-2231768052-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll No File
FF SearchPlugin: C:\Users\Jelínkovi\AppData\Roaming\Mozilla\Firefox\Profiles\n8ca5hhb.default\searchplugins\seznam-avast.xml [2014-09-27]
FF Extension: Seznam lištička - C:\Users\Jelínkovi\AppData\Roaming\Mozilla\Firefox\Profiles\n8ca5hhb.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: AdBlock for Firefox - C:\Users\Jelínkovi\AppData\Roaming\Mozilla\Firefox\Profiles\n8ca5hhb.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2014-09-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-05]

Chrome:
=======
CHR Profile: C:\Users\Jelínkovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Jelínkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-04]
CHR Extension: (No Name) - C:\Users\Jelínkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-09-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-04] (Avast Software s.r.o.)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybr64; C:\Windows\System32\DRIVERS\3xHybr64.sys [873216 2007-04-20] (Philips Semiconductors GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-04] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-04] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-04] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-04] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-04] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-09] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-09] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-09] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va026; \??\C:\Windows\SysWOW64\Drivers\X6va026 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 22:20 - 2015-03-24 22:20 - 00013218 _____ () C:\Users\Jelínkovi\Desktop\FRST.txt
2015-03-24 22:20 - 2015-03-24 22:20 - 00000000 ____D () C:\Users\Jelínkovi\Desktop\FRST-OlderVersion
2015-03-20 22:00 - 2015-03-20 22:00 - 00007597 _____ () C:\Users\Jelínkovi\AppData\Local\Resmon.ResmonCfg
2015-03-17 20:04 - 2015-03-17 20:10 - 00000229 _____ () C:\Users\Jelínkovi\Desktop\Nový textový dokument.txt
2015-03-13 15:14 - 2015-03-13 15:14 - 00000008 _____ () C:\Users\Jelínkovi\Desktop\launcher.conf
2015-03-05 20:28 - 2015-03-24 09:06 - 00000000 ____D () C:\Users\Jelínkovi\AppData\Local\ESL Wire Game Client
2015-03-05 20:28 - 2015-03-05 20:28 - 00000750 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2015-03-05 20:28 - 2015-03-05 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2015-03-05 20:28 - 2015-03-05 20:28 - 00000000 ____D () C:\ProgramData\ESL Wire
2015-03-05 20:28 - 2015-03-05 20:28 - 00000000 ____D () C:\Program Files\EslWire
2015-03-05 20:25 - 2015-03-05 20:25 - 00939656 _____ (Turtle Entertainment GmbH) C:\Users\Jelínkovi\Downloads\ESLWireSetup-1.18.0.8101.exe
2015-03-04 21:03 - 2015-03-04 21:03 - 00001893 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-04 21:03 - 2015-03-04 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-04 21:02 - 2015-03-04 21:02 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-03-04 21:01 - 2015-03-04 21:01 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-03-04 21:00 - 2015-03-04 21:05 - 00000000 ____D () C:\Users\Jelínkovi\Downloads\white_hit_zones_v.7(wot-shot.com)
2015-03-04 20:55 - 2015-03-04 20:58 - 272406674 _____ () C:\Users\Jelínkovi\Downloads\white_hit_zones_v.7(wot-shot.com).zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-24 22:20 - 2014-09-28 10:35 - 00000000 ____D () C:\FRST
2015-03-24 22:20 - 2014-09-28 10:31 - 02095616 _____ (Farbar) C:\Users\Jelínkovi\Desktop\FRST64.exe
2015-03-24 22:00 - 2014-03-05 18:15 - 00000000 ____D () C:\Users\Jelínkovi\AppData\Roaming\Mumble
2015-03-24 21:49 - 2014-03-05 19:01 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-24 21:19 - 2014-05-15 11:35 - 00000000 ____D () C:\Users\Jelínkovi\AppData\Roaming\Skype
2015-03-24 16:11 - 2014-03-05 17:50 - 01377816 _____ () C:\Windows\WindowsUpdate.log
2015-03-24 14:40 - 2014-06-11 07:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-24 09:13 - 2009-07-14 05:45 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-24 09:13 - 2009-07-14 05:45 - 00022656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-24 09:11 - 2014-05-15 11:33 - 00000000 ____D () C:\Users\Jelínkovi\AppData\Roaming\Seznam.cz
2015-03-24 09:06 - 2014-07-04 16:39 - 00022173 _____ () C:\Windows\setupact.log
2015-03-24 09:06 - 2014-03-05 18:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-24 09:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 22:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2015-03-20 13:50 - 2014-04-09 11:59 - 00000000 ____D () C:\Users\Jelínkovi\Documents\gothic3
2015-03-16 22:47 - 2009-07-14 06:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-11 20:20 - 2014-05-16 18:34 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2015-03-06 15:01 - 2014-07-21 07:08 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-05 06:44 - 2014-07-04 16:39 - 00014540 _____ () C:\Windows\PFRO.log
2015-03-04 21:02 - 2014-08-15 13:12 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-03-04 21:02 - 2014-03-05 18:31 - 00441728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-03-04 21:02 - 2014-03-05 18:31 - 00268640 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-03-04 21:02 - 2014-03-05 18:31 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-03-04 21:02 - 2014-03-05 18:31 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-03-04 21:02 - 2014-03-05 18:31 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-03-04 21:02 - 2014-03-05 18:31 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-03-04 21:00 - 2014-03-05 18:31 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-02-25 12:21 - 2014-05-15 11:34 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-24 13:35 - 2015-02-21 13:48 - 00000000 ____D () C:\Users\Jelínkovi\Documents\my farm life 2
2015-02-24 04:17 - 2014-03-05 18:58 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Jelínkovi\AppData\Roaming\AIHGXB
2014-09-25 15:52 - 2014-09-25 15:52 - 1508248 _____ (Object Browser) C:\Users\Jelínkovi\AppData\Roaming\AIHGXB.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jelínkovi\AppData\Roaming\KEAYWJIF
2014-09-25 15:51 - 2014-09-25 15:51 - 1955736 _____ (Object Browser) C:\Users\Jelínkovi\AppData\Roaming\KEAYWJIF.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Jelínkovi\AppData\Roaming\QWMS
2014-09-16 18:38 - 2014-09-16 18:38 - 1972632 _____ (Info01HD-V2.1V16.09) C:\Users\Jelínkovi\AppData\Roaming\QWMS.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Jelínkovi\AppData\Roaming\YJVIWV
2014-09-16 18:39 - 2014-09-16 18:39 - 1524120 _____ (Info01HD-V2.1V16.09) C:\Users\Jelínkovi\AppData\Roaming\YJVIWV.exe
2015-03-20 22:00 - 2015-03-20 22:00 - 0007597 _____ () C:\Users\Jelínkovi\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Jelínkovi\AppData\Local\Temp\9d43c60206159448403a35f0519d13ea.dll
C:\Users\Jelínkovi\AppData\Local\Temp\AutoRun.exe
C:\Users\Jelínkovi\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jelínkovi\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Jelínkovi\AppData\Local\Temp\EslWireSetup-1.18.0.8101-x64.exe
C:\Users\Jelínkovi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jelínkovi\AppData\Local\Temp\utils.dll
C:\Users\Jelínkovi\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-15 10:49

==================== End Of Log ============================

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[chrudos10]

tady je log

AdwCleaner v4.113 - Logfile created 25/03/2015 at 22:01:40
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jelínkovi - JELÍNKOVI-PC
# Running from : C:\Users\Jelínkovi\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Jelínkovi\AppData\Roaming\Mozilla\Firefox\Profiles\n8ca5hhb.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Users\Jelínkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
File Deleted : C:\Users\JELNKO~1\AppData\Local\Temp\Utils.dll

***** [ Scheduled tasks ] *****

Task Deleted : GPUP

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\680207d9-968d-4074-bbcf-c4071a858edf
Key Deleted : HKLM\SOFTWARE\c9cdf071-5830-4f0e-a5dd-6aa3ed860bdc
Key Deleted : HKLM\SOFTWARE\e33eb0c2-f4f9-4a2b-9178-29e0c6d60c7c
Key Deleted : HKLM\SOFTWARE\f961fec1-9ce7-40f3-902e-7a9718a6b6b4
Key Deleted : HKLM\SOFTWARE\Senses-nv
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v36.0.4 (x86 cs)


-\\ Google Chrome v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [12326 bytes] - [27/09/2014 18:00:02]
AdwCleaner[R1].txt - [1679 bytes] - [25/03/2015 21:45:19]
AdwCleaner[S0].txt - [11495 bytes] - [27/09/2014 18:07:37]
AdwCleaner[S1].txt - [1626 bytes] - [25/03/2015 22:01:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1685 bytes] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem