Prosím o preventívnu kontrolu logu

Zpráva

molar · #1 Příspěvek od **molar** » 20 kvě 2015 21:04

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by pc (administrator) on PC-PC on 20-05-2015 21:52:08
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available profiles: pc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [2716216 2009-09-11] (ESET)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2013-06-08] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [188728 2009-04-29] (ArcSoft Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {837fcc58-2841-11e2-9531-c4415d175ec5} - E:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f67-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f6c-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs-x32: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll" File Not Found
AppInit_DLLs-x32: c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll" File Not Found

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=111304 ... de2be08bdb
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0EA11A29C0}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.as ... 15559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... de2be08bdb
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0F51B05A-0C9D-444C-88CC-1F88FB19AA0A} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.as ... 15559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0EA11A29C0}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-07] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll [2013-05-10] (iSkysoft Software Co., Ltd.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.100

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\17ndmgg1.default
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-02-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Extension: Video DownloadHelper - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\17ndmgg1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
FF Extension: iSkysoft Video Converter Ultimate - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt [2013-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012-07-03]
FF HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-10-12]
FF HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-07]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-07]
CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-05-31]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 .EsetTrialReset; C:\Windows\reset.exe [357182 2009-03-20] () [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [23296 2009-09-11] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [735960 2009-09-11] (ESET)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2008-12-31] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Browser Manager; C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 eamon; C:\Windows\System32\DRIVERS\eamon.sys [144824 2009-09-11] (ESET)
R2 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [136584 2009-09-11] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [168544 2009-09-11] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [33608 2009-06-19] (ESET)
R2 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [44944 2009-09-11] (ESET)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-08-15] (HandSet Incorporated)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2012-03-11] (Padus, Inc.) [File not signed]
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129432 2011-08-15] (ZTE Incorporated)
S3 NPF; system32\drivers\NPF.sys [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-20 21:52 - 2015-05-20 21:52 - 00022472 _____ () C:\Users\pc\Desktop\FRST.txt
2015-05-20 20:33 - 2015-05-20 21:51 - 00000000 ____D () C:\Users\pc\Desktop\Kontrola PC
2015-05-20 19:53 - 2015-05-20 21:52 - 00000000 ____D () C:\FRST
2015-05-20 19:49 - 2015-05-20 19:49 - 02107904 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-05-16 20:23 - 2015-05-16 20:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-15 19:25 - 2015-05-15 19:31 - 00000000 ____D () C:\Users\pc\Desktop\piesok
2015-05-13 22:47 - 2015-05-13 22:48 - 1176526848 _____ () C:\Users\pc\Desktop\DivFix++.-A-Year-on-Ice-2013,-SK-tit(1).avi
2015-05-10 07:03 - 2015-05-13 23:06 - 00000000 ____D () C:\Users\pc\Desktop\malé videá
2015-05-09 22:36 - 2015-05-09 22:36 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-05-09 20:42 - 2015-05-09 22:17 - 928268990 _____ () C:\Users\pc\Desktop\Lokomotiva-Tomáš-Král-železnic.avi
2015-05-07 23:13 - 2015-05-07 23:15 - 940011520 _____ () C:\Users\pc\Desktop\Muži, kteří nenávidí ženy (2011) (CZ).avi
2015-05-04 06:58 - 2015-05-04 06:59 - 300102530 _____ () C:\Users\pc\Desktop\Mickeyho-klubík-III-(19)-Zlaté-Boo-Boo.avi
2015-05-04 06:53 - 2015-05-04 06:54 - 299340224 _____ () C:\Users\pc\Desktop\Mickeyho klubík III 20)-Plutova-pohádka.avi
2015-05-04 06:48 - 2015-05-04 06:52 - 377790464 _____ () C:\Users\pc\Desktop\Mickeyho Klubik I 39 - Mickey A Minine Na Safari.avi
2015-05-02 18:22 - 2015-05-02 18:25 - 1196361728 _____ () C:\Users\pc\Desktop\Monsters.Inc.2001.DVDrip.XviD.SK.CZ.avi
2015-04-30 23:57 - 2015-04-30 23:57 - 00000000 ____D () C:\Users\pc\Desktop\Dj-Sakin-and-Friends---Walk-on-Fire
2015-04-28 08:30 - 2015-04-28 08:34 - 00000000 ____D () C:\Users\pc\Desktop\oco chrysler
2015-04-28 08:29 - 2015-05-01 22:59 - 00000000 ____D () C:\ProgramData\HiSuite
2015-04-28 08:29 - 2010-06-24 13:01 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll
2015-04-27 21:06 - 2015-04-27 21:06 - 00000000 ____D () C:\Users\pc\Desktop\Cpk - Po
2015-04-27 21:05 - 2015-04-27 21:05 - 00000000 ____D () C:\Users\pc\Desktop\Cpk - To
2015-04-24 23:42 - 2015-04-24 23:42 - 00000000 __SHD () C:\Users\pc\AppData\Local\EmieUserList
2015-04-24 23:42 - 2015-04-24 23:42 - 00000000 __SHD () C:\Users\pc\AppData\Local\EmieSiteList
2015-04-24 23:42 - 2015-04-24 23:42 - 00000000 __SHD () C:\Users\pc\AppData\Local\EmieBrowserModeList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-20 21:28 - 2012-04-01 14:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-20 21:07 - 2012-03-11 19:37 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-20 17:57 - 2009-07-14 07:13 - 00731250 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 08:07 - 2012-03-11 19:37 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-20 06:55 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-20 06:55 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-20 06:48 - 2012-02-03 10:13 - 00000000 ____D () C:\ProgramData\clear.fi
2015-05-20 06:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-19 22:51 - 2012-09-06 11:02 - 01576719 ____N () C:\Windows\WindowsUpdate.log
2015-05-17 07:41 - 2013-01-27 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-15 08:02 - 2012-03-11 19:37 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 08:02 - 2012-03-11 19:37 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 19:05 - 2015-03-21 21:39 - 00000000 ____D () C:\Users\pc\Desktop\Oco
2015-05-13 22:29 - 2012-04-10 21:36 - 00000000 ___RD () C:\Users\pc\Desktop\Tlačivá
2015-05-13 21:27 - 2012-03-16 21:02 - 00000069 _____ () C:\Windows\NeroDigital.ini
2015-05-13 21:07 - 2013-05-30 23:41 - 00000000 ____D () C:\ProgramData\xml_param
2015-05-13 09:04 - 2012-03-10 14:06 - 00000000 ____D () C:\Users\pc\AppData\Roaming\SoftGrid Client
2015-05-11 22:32 - 2014-02-20 21:17 - 00000000 ____D () C:\Program Files (x86)\FastShare
2015-05-09 20:38 - 2014-03-02 16:09 - 00001200 _____ () C:\Users\pc\AppData\Local\MRDownloader.nast
2015-05-04 22:30 - 2015-04-05 21:36 - 00000000 ____D () C:\Users\pc\Desktop\Roldor
2015-05-03 12:57 - 2014-04-19 23:30 - 00000000 ____D () C:\Users\pc\AppData\Roaming\YouTube Downloader
2015-04-28 08:29 - 2012-03-13 22:31 - 00736160 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-27 07:08 - 2009-07-14 07:08 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-24 23:43 - 2012-03-10 16:04 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2015-04-24 23:42 - 2013-01-31 22:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-24 23:41 - 2012-02-02 16:09 - 00001421 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

==================== Files in the root of some directories =======

2010-11-18 18:08 - 2010-11-18 18:08 - 0055808 _____ (Igor Pavlov) C:\Program Files\7-zip.dll
2014-04-11 21:38 - 2014-04-11 21:41 - 0000551 _____ () C:\Users\pc\AppData\Roaming\AutoGK.ini
2012-03-16 20:50 - 2015-04-03 12:03 - 0078336 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-10 19:02 - 2012-03-10 19:02 - 0000090 _____ () C:\Users\pc\AppData\Local\fusioncache.dat
2014-08-31 15:52 - 2014-08-31 15:53 - 0000189 _____ () C:\Users\pc\AppData\Local\MRDownloader.err
2014-03-02 16:09 - 2015-05-09 20:38 - 0001200 _____ () C:\Users\pc\AppData\Local\MRDownloader.nast
2012-03-19 20:17 - 2014-12-13 01:17 - 0007599 _____ () C:\Users\pc\AppData\Local\Resmon.ResmonCfg
2012-03-23 20:10 - 2014-03-02 16:03 - 0063668 _____ () C:\Users\pc\AppData\Local\SRDownloader.err
2012-03-11 21:50 - 2014-03-02 16:03 - 0001248 _____ () C:\Users\pc\AppData\Local\SRDownloader.nast
2012-11-15 21:22 - 2015-04-19 10:53 - 0000043 ___SH () C:\ProgramData\.zreglib
2011-11-21 03:54 - 2011-11-21 03:56 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-14 10:45

==================== End Of Log ============================

#2 Příspěvek od **altrok** » 20 kvě 2015 21:25

Krasny den Vam preju

Na ESET mate zakoupenou licenci?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

molar · #3 Příspěvek od **molar** » 23 kvě 2015 09:22

# AdwCleaner v4.205 - Log vytvorený 23/05/2015 at 10:13:52
# Aktualizované 21/05/2015 by Xplode
# Databáza : 2015-05-21.2 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : pc - PC-PC
# Spustené z : C:\Users\pc\Desktop\adwcleaner_4.205.exe
# Nastavenia : Čistenie

***** [ Služby ] *****

[#] Služba Zmazané : Browser Manager

***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\Babylon
Priečinok Zmazané : C:\ProgramData\Browser Manager
Priečinok Zmazané : C:\Program Files (x86)\BS_Player_ControlBar
Priečinok Zmazané : C:\Program Files (x86)\Conduit
Priečinok Zmazané : C:\Program Files (x86)\Common Files\Spigot
Priečinok Zmazané : C:\Users\pc\AppData\Local\Conduit
Priečinok Zmazané : C:\Users\pc\AppData\LocalLow\BS_Player_ControlBar
Priečinok Zmazané : C:\Users\pc\AppData\LocalLow\Conduit
Priečinok Zmazané : C:\Users\pc\AppData\Roaming\Babylon
Priečinok Zmazané : C:\Users\pc\AppData\Roaming\Systweak
Súbor Zmazané : C:\END

***** [ Naplánované úlohy ] *****

Úloha Zmazané : Browser Manager

***** [ Zástupcovia ] *****

***** [ Registre ] *****

Hodnota Zmazané : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Prod.cap
Kľúč registra Zmazané : HKCU\Software\5957df88bc3dbf47
Kľúč registra Zmazané : HKLM\SOFTWARE\5957df88bc3dbf47
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{710AF8E1-D76B-461A-92DE-F7C0A52DDA07}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F26D1027-8ED3-47BA-B129-AF378AE4315B}
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Kľúč registra Zmazané : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Kľúč registra Zmazané : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{372679D9-D76C-43AB-9C2B-1FBBDFC86C9B}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKCU\Software\APN PIP
Kľúč registra Zmazané : HKCU\Software\BrowserMngr
Kľúč registra Zmazané : HKCU\Software\Conduit
Kľúč registra Zmazané : HKCU\Software\DataMngr
Kľúč registra Zmazané : HKCU\Software\SweetIM
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Toolbar
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Conduit
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Search Settings
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar
Kľúč registra Zmazané : HKLM\SOFTWARE\Babylon
Kľúč registra Zmazané : HKLM\SOFTWARE\BabylonToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\BrowserMngr
Kľúč registra Zmazané : HKLM\SOFTWARE\Conduit
Kľúč registra Zmazané : HKLM\SOFTWARE\DataMngr
Kľúč registra Zmazané : HKLM\SOFTWARE\PIP
Kľúč registra Zmazané : HKLM\SOFTWARE\SweetIM
Kľúč registra Zmazané : HKLM\SOFTWARE\BS_Player_ControlBar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_ControlBar Toolbar
Dáta Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll
Dáta Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17631

Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v38.0.1 (x86 sk)

-\\ Google Chrome v43.0.2357.65

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [10326 bajtov] - [23/05/2015 10:11:10]
AdwCleaner[S0].txt - [8392 bajtov] - [23/05/2015 10:13:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8452 bajtov] ########

Nod mám v pláne zakúpiť

#4 Příspěvek od **altrok** » 24 kvě 2015 21:58

Piratite antivir a vubec si neuvedomujete, jak moc si skodite. Pouzivate ESET Smart Security 4, v soucasnosti je verze 8. Co to pro Vas znamena do detailu rozebira Patrick Barker na svem blogu (Microsoft MVP) http://bsodanalysis.blogspot.cz/2015/02 ... ruses.html . Minimalne cast haveti mate kvuli cracklemu ESETu. Dalsi veci je poruseni pravidel fora. Nelegalni ESET odinstalujte a nahradte jej zakoupenym antivirem pripadne free alternativou. Pak dejte log z FRST, prilozte i Addition.

molar · #5 Příspěvek od **molar** » 27 kvě 2015 19:55

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015
Ran by pc (administrator) on PC-PC on 27-05-2015 20:42:23
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2013-06-08] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [188728 2009-04-29] (ArcSoft Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [1734144 2013-05-29] (iSkySoft)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {837fcc58-2841-11e2-9531-c4415d175ec5} - E:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f67-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f6c-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs-x32: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll" File not found
AppInit_DLLs-x32: c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll" File not found

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=111304 ... de2be08bdb
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0EA11A29C0}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.as ... 15559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... de2be08bdb
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0F51B05A-0C9D-444C-88CC-1F88FB19AA0A} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.as ... 15559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0EA11A29C0}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-07] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-07] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: iSkysoft Video Converter Ultimate -> {C7C3BC26-4F2B-4997-A3CB-163337FE975B} -> C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRIEPlugin.dll [2013-05-10] (iSkysoft Software Co., Ltd.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-06-07] (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 10.0.0.100

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\17ndmgg1.default
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-02-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Extension: Video DownloadHelper - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\17ndmgg1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-14]
FF HKLM-x32\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt
FF Extension: iSkysoft Video Converter Ultimate - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt [2013-05-31]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-10-12]
FF HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Firefox\Extensions: [{845257EF-A892-484e-8EB0-47F563D75939}] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRFirefoxExt

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-07]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-07]
CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-07]
CHR HKLM-x32\...\Chrome\Extension: [hlfeafapmnniobpffacckpddijdjgpmj] - C:\Program Files (x86)\iSkysoft\Video Converter Ultimate\SVRChromePlugin.crx [2013-05-31]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-12-03] (Ellora Assets Corp.) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2008-12-31] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 .EsetTrialReset; C:\Windows\reset.exe /s [X]
S2 Browser Manager; C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-08-15] (HandSet Incorporated)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2012-03-11] (Padus, Inc.) [File not signed]
S3 zghsmdm; C:\Windows\System32\DRIVERS\zghsmdm.sys [129432 2011-08-15] (ZTE Incorporated)
S3 NPF; system32\drivers\NPF.sys [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 20:42 - 2015-05-27 20:43 - 00022257 _____ () C:\Users\pc\Desktop\FRST.txt
2015-05-27 20:40 - 2015-05-27 20:40 - 02108928 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-05-27 20:40 - 2015-05-27 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe
2015-05-26 23:58 - 2015-05-26 23:58 - 00000000 ____D () C:\Users\pc\Desktop\tw1
2015-05-25 21:28 - 2015-05-25 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-05-25 21:28 - 2015-05-25 21:28 - 00000000 ____D () C:\Program Files\ESET
2015-05-24 21:51 - 2015-05-24 22:04 - 00000000 ____D () C:\Users\pc\Desktop\Nový priečinok
2015-05-23 10:11 - 2015-05-23 10:13 - 00000000 ____D () C:\AdwCleaner
2015-05-22 16:31 - 2015-05-22 16:32 - 687138816 _____ () C:\Users\pc\Desktop\DivFix++.Lokomotiva-Tomáš-Král-železnic.avi
2015-05-20 20:33 - 2015-05-27 20:38 - 00000000 ____D () C:\Users\pc\Desktop\Kontrola PC
2015-05-20 19:53 - 2015-05-27 20:42 - 00000000 ____D () C:\FRST
2015-05-16 20:23 - 2015-05-16 20:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-10 07:03 - 2015-05-13 23:06 - 00000000 ____D () C:\Users\pc\Desktop\malé videá
2015-05-09 22:36 - 2015-05-09 22:36 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-04-28 08:30 - 2015-04-28 08:34 - 00000000 ____D () C:\Users\pc\Desktop\oco chrysler
2015-04-28 08:29 - 2015-05-01 22:59 - 00000000 ____D () C:\ProgramData\HiSuite
2015-04-28 08:29 - 2010-06-24 13:01 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll
2015-04-27 21:06 - 2015-04-27 21:06 - 00000000 ____D () C:\Users\pc\Desktop\Cpk - Po
2015-04-27 21:05 - 2015-04-27 21:05 - 00000000 ____D () C:\Users\pc\Desktop\Cpk - To

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 20:28 - 2012-04-01 14:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-27 20:07 - 2012-03-11 19:37 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-27 13:41 - 2009-07-14 07:13 - 00731250 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-27 11:15 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-27 11:15 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-27 11:14 - 2012-09-06 11:02 - 01719942 ____N () C:\Windows\WindowsUpdate.log
2015-05-27 11:07 - 2012-03-11 19:37 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 11:07 - 2012-02-03 10:13 - 00000000 ____D () C:\ProgramData\clear.fi
2015-05-27 11:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 23:30 - 2012-07-06 22:36 - 00000000 ____D () C:\Users\pc\AppData\Local\ESET
2015-05-25 21:28 - 2012-07-03 22:06 - 00000000 ____D () C:\ProgramData\ESET
2015-05-25 21:11 - 2012-02-02 15:54 - 00000000 ____D () C:\Users\pc
2015-05-25 21:10 - 2014-04-11 20:09 - 00000000 ____D () C:\Users\pc\AppData\Roaming\dvdcss
2015-05-25 21:10 - 2014-01-07 10:37 - 00000000 ____D () C:\ProgramData\Intel
2015-05-25 21:10 - 2013-10-07 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-25 21:10 - 2013-05-30 23:29 - 00000000 ____D () C:\ProgramData\iSkysoft Video Converter Ultimate
2015-05-25 21:10 - 2013-04-22 21:28 - 00000000 ____D () C:\Program Files (x86)\BS_Player_ControlBar
2015-05-25 21:10 - 2012-09-15 00:41 - 00000000 ____D () C:\Users\pc\AppData\Roaming\systweak
2015-05-25 21:10 - 2012-09-15 00:40 - 00000000 ____D () C:\ProgramData\Browser Manager
2015-05-25 21:10 - 2012-03-12 22:00 - 00000000 ____D () C:\Users\pc\AppData\Roaming\ArcSoft
2015-05-25 21:10 - 2012-03-11 17:32 - 00000000 ____D () C:\Users\pc\AppData\Roaming\GHISLER
2015-05-25 21:10 - 2012-02-02 15:54 - 00000000 ____D () C:\Users\pc\AppData\Local\PowerCinema
2015-05-25 21:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-25 21:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-23 10:26 - 2015-04-05 21:36 - 00000000 ____D () C:\Users\pc\Desktop\Roldor
2015-05-23 10:25 - 2014-12-30 22:22 - 00000000 ____D () C:\Users\pc\Desktop\Rozprávky
2015-05-23 10:25 - 2014-05-06 22:53 - 00000000 ____D () C:\Users\pc\Desktop\ORANGE
2015-05-17 07:41 - 2013-01-27 00:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-15 08:02 - 2012-03-11 19:37 - 00003932 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 08:02 - 2012-03-11 19:37 - 00003680 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-14 19:05 - 2015-03-21 21:39 - 00000000 ____D () C:\Users\pc\Desktop\Oco
2015-05-13 22:29 - 2012-04-10 21:36 - 00000000 ___RD () C:\Users\pc\Desktop\Tlačivá
2015-05-13 21:27 - 2012-03-16 21:02 - 00000069 _____ () C:\Windows\NeroDigital.ini
2015-05-13 21:07 - 2013-05-30 23:41 - 00000000 ____D () C:\ProgramData\xml_param
2015-05-13 09:04 - 2012-03-10 14:06 - 00000000 ____D () C:\Users\pc\AppData\Roaming\SoftGrid Client
2015-05-11 22:32 - 2014-02-20 21:17 - 00000000 ____D () C:\Program Files (x86)\FastShare
2015-05-09 20:38 - 2014-03-02 16:09 - 00001200 _____ () C:\Users\pc\AppData\Local\MRDownloader.nast
2015-05-03 12:57 - 2014-04-19 23:30 - 00000000 ____D () C:\Users\pc\AppData\Roaming\YouTube Downloader
2015-04-28 08:29 - 2012-03-13 22:31 - 00736160 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-27 07:08 - 2009-07-14 07:08 - 00032542 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2010-11-18 18:08 - 2010-11-18 18:08 - 0055808 _____ (Igor Pavlov) C:\Program Files\7-zip.dll
2014-04-11 21:38 - 2014-04-11 21:41 - 0000551 _____ () C:\Users\pc\AppData\Roaming\AutoGK.ini
2012-03-16 20:50 - 2015-04-03 12:03 - 0078336 _____ () C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-03-10 19:02 - 2012-03-10 19:02 - 0000090 _____ () C:\Users\pc\AppData\Local\fusioncache.dat
2014-08-31 15:52 - 2014-08-31 15:53 - 0000189 _____ () C:\Users\pc\AppData\Local\MRDownloader.err
2014-03-02 16:09 - 2015-05-09 20:38 - 0001200 _____ () C:\Users\pc\AppData\Local\MRDownloader.nast
2012-03-19 20:17 - 2014-12-13 01:17 - 0007599 _____ () C:\Users\pc\AppData\Local\Resmon.ResmonCfg
2012-03-23 20:10 - 2014-03-02 16:03 - 0063668 _____ () C:\Users\pc\AppData\Local\SRDownloader.err
2012-03-11 21:50 - 2014-03-02 16:03 - 0001248 _____ () C:\Users\pc\AppData\Local\SRDownloader.nast
2012-11-15 21:22 - 2015-04-19 10:53 - 0000043 ___SH () C:\ProgramData\.zreglib
2011-11-21 03:54 - 2011-11-21 03:56 - 0015222 _____ () C:\ProgramData\ArcadeDeluxe5.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-24 00:48

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:680.54 GB) (Free:156.94 GB) NTFS

Available physical RAM: 2357.52 MB
Total physical RAM: 3766.7 MB
Percentage of memory in use: 37%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 3BC64694)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=680.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:7534E53F65492C9E
AlternateDataStreams: C:\ProgramData\Temp:D0894A08

==================== Security Center ==================

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pc\Desktop" je 121165 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"="C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================
Eset je už zakúpený,lic.na 2roky,zatiaľ beží trial

#6 Příspěvek od **altrok** » 27 kvě 2015 23:25

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.

Odinstalujte starou a zranitelnou verzi javy Java 7 Update 13 (64-bit). Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit.

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2013-06-08] ()
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {837fcc58-2841-11e2-9531-c4415d175ec5} - E:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f67-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f6c-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs-x32: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll" File not found
AppInit_DLLs-x32: c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll" File not found
C:\Windows\AutoKMS.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=111304 ... de2be08bdb
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM-x32 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = 
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&st=17&q={searchTerms}&barid={66046CAC-FEB8-11E1-89BF-DC0EA11A29C0}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN96874919524415559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=111304&tt=120912_ccp_3712_1&babsrc=SP_ss&mntrId=2a1a81c600000000000016de2be08bdb
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0F51B05A-0C9D-444C-88CC-1F88FB19AA0A} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559&CUI=UN96874919524415559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?src=6&st=17&q={searchTerms}&barid={66046CAC-FEB8-11E1-89BF-DC0EA11A29C0}
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-10-12]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [Not Found]
S2 .EsetTrialReset; C:\Windows\reset.exe /s [X]
S2 Browser Manager; C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [X]
C:\Windows\reset.exe
S3 NPF; system32\drivers\NPF.sys [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
2015-05-27 20:40 - 2015-05-27 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe
2015-05-23 10:11 - 2015-05-23 10:13 - 00000000 ____D () C:\AdwCleaner
Task: {3EA07969-A641-4466-8A8D-D2AACBCB7D45} - System32\Tasks\{8CAFB697-7C85-4A28-BF22-0BC5A0970A84} => pcalua.exe -a C:\Users\pc\Desktop\Odkazy\frd.exe -d C:\Users\pc\Desktop\Odkazy
Task: {7C7DC387-8021-486C-8042-994A609ECF3D} - System32\Tasks\{ACE08FBF-B008-4941-B814-273D26306045} => pcalua.exe -a "C:\Users\Public\Documents\ACDSee9PhotoManagerbuild55CZ\ACDSee 9 Photo Manager build 55 CZ.exe" -d C:\Users\Public\Documents\ACDSee9PhotoManagerbuild55CZ
Task: {C444C087-7967-4028-9034-F136D38F63BB} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows:7534E53F65492C9E
AlternateDataStreams: C:\ProgramData\Temp:D0894A08
Hosts:
EmptyTemp:
End

molar · #7 Příspěvek od **molar** » 28 kvě 2015 22:29

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015
Ran by pc at 2015-05-28 23:23:56 Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2013-06-08] ()
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {837fcc58-2841-11e2-9531-c4415d175ec5} - E:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f67-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\MountPoints2: {9d399f6c-ed60-11e4-b56d-dc0ea11a29c0} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs-x32: c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll" File not found
AppInit_DLLs-x32: c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll" File not found
C:\Windows\AutoKMS.exe
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=111304 ... de2be08bdb
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
SearchScopes: HKLM-x32 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL =
SearchScopes: HKLM-x32 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0EA11A29C0}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> DefaultScope {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.as ... 15559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... de2be08bdb
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {0F51B05A-0C9D-444C-88CC-1F88FB19AA0A} URL = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} URL = http://search.conduit.com/ResultsExt.as ... 15559&UM=1
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 0EA11A29C0}
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - No Name - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
Toolbar: HKU\S-1-5-21-3948631743-3800167670-1485411718-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=green ... =937811&p=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012-10-12]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [Not Found]
S2 .EsetTrialReset; C:\Windows\reset.exe /s [X]
S2 Browser Manager; C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [X]
C:\Windows\reset.exe
S3 NPF; system32\drivers\NPF.sys [X]
S3 slicedisk.sys; \??\C:\Windows\system32\slicedisk.sys [X]
2015-05-27 20:40 - 2015-05-27 20:40 - 00112640 _____ (forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe
2015-05-23 10:11 - 2015-05-23 10:13 - 00000000 ____D () C:\AdwCleaner
Task: {3EA07969-A641-4466-8A8D-D2AACBCB7D45} - System32\Tasks\{8CAFB697-7C85-4A28-BF22-0BC5A0970A84} => pcalua.exe -a C:\Users\pc\Desktop\Odkazy\frd.exe -d C:\Users\pc\Desktop\Odkazy
Task: {7C7DC387-8021-486C-8042-994A609ECF3D} - System32\Tasks\{ACE08FBF-B008-4941-B814-273D26306045} => pcalua.exe -a "C:\Users\Public\Documents\ACDSee9PhotoManagerbuild55CZ\ACDSee 9 Photo Manager build 55 CZ.exe" -d C:\Users\Public\Documents\ACDSee9PhotoManagerbuild55CZ
Task: {C444C087-7967-4028-9034-F136D38F63BB} - System32\Tasks\Browser Manager => Sc.exe start Browser Manager
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows:7534E53F65492C9E
AlternateDataStreams: C:\ProgramData\Temp:D0894A08
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AutoKMS => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value Removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value Removed successfully
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => value Removed successfully
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => value Removed successfully
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{837fcc58-2841-11e2-9531-c4415d175ec5}" => key Removed successfully
HKCR\CLSID\{837fcc58-2841-11e2-9531-c4415d175ec5} => key not found.
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d399f67-ed60-11e4-b56d-dc0ea11a29c0}" => key Removed successfully
HKCR\CLSID\{9d399f67-ed60-11e4-b56d-dc0ea11a29c0} => key not found.
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9d399f6c-ed60-11e4-b56d-dc0ea11a29c0}" => key Removed successfully
HKCR\CLSID\{9d399f6c-ed60-11e4-b56d-dc0ea11a29c0} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => value Removed successfully
"c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll" => value data Removed successfully.
"c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll" => value data Removed successfully.
C:\Windows\AutoKMS.exe => Moved successfully.
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page => value Removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value Removed successfully
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value Removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}" => key Removed successfully
HKCR\Wow6432Node\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => key not found.
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Removed successfully
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\BrowserMngrDefaultScope => value Removed successfully
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => key Removed successfully
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F51B05A-0C9D-444C-88CC-1F88FB19AA0A}" => key Removed successfully
HKCR\CLSID\{0F51B05A-0C9D-444C-88CC-1F88FB19AA0A} => key not found.
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{372679D9-D76C-43AB-9C2B-1FBBDFC86C9B}" => key Removed successfully
HKCR\CLSID\{372679D9-D76C-43AB-9C2B-1FBBDFC86C9B} => key not found.
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => key Removed successfully
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => key not found.
"HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}" => key Removed successfully
HKCR\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} => value Removed successfully
HKCR\Wow6432Node\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => value Removed successfully
HKCR\Wow6432Node\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => key not found.
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} => value Removed successfully
HKCR\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} => key not found.
Firefox SelectedSearchEngine Removed successfully
Firefox Keyword.URL Removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key Removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key Removed successfully
HKU\S-1-5-21-3948631743-3800167670-1485411718-1000\Software\Mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8} => value Removed successfully
C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph" => key Removed successfully
.EsetTrialReset => Service Removed successfully
Browser Manager => Service Removed successfully
"C:\Windows\reset.exe" => File/Folder not found.
NPF => Service Removed successfully
slicedisk.sys => Service Removed successfully
"C:\Users\pc\Desktop\FRSTLauncher.exe" => File/Folder not found.
C:\AdwCleaner => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EA07969-A641-4466-8A8D-D2AACBCB7D45}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EA07969-A641-4466-8A8D-D2AACBCB7D45}" => key Removed successfully
C:\Windows\System32\Tasks\{8CAFB697-7C85-4A28-BF22-0BC5A0970A84} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{8CAFB697-7C85-4A28-BF22-0BC5A0970A84}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C7DC387-8021-486C-8042-994A609ECF3D}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C7DC387-8021-486C-8042-994A609ECF3D}" => key Removed successfully
C:\Windows\System32\Tasks\{ACE08FBF-B008-4941-B814-273D26306045} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ACE08FBF-B008-4941-B814-273D26306045}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C444C087-7967-4028-9034-F136D38F63BB}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C444C087-7967-4028-9034-F136D38F63BB}" => key Removed successfully
C:\Windows\System32\Tasks\Browser Manager => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Manager" => key Removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows => ":7534E53F65492C9E" ADS Removed successfully.
C:\ProgramData\Temp => ":D0894A08" ADS Removed successfully.
Hosts restored successfully.
EmptyTemp: => Removed 404 MB temporary data.

The system needed a reboot.

==== End of Fixlog 23:24:14 ====

#8 Příspěvek od **altrok** » 28 kvě 2015 22:34

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

molar · #9 Příspěvek od **molar** » 28 kvě 2015 22:49

Veľmi pekne ďakujem za snahu a Váš čas

#10 Příspěvek od **altrok** » 28 kvě 2015 22:50

Nemate zac, rad jsem pomohl

Mejte se krasne a treba zase nekdy

VIRY.CZ

Prosím o preventívnu kontrolu logu

Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu

Re: Prosím o preventívnu kontrolu logu