Prosim o kontrolu logu - vyskakujici reklamy

[Maverick]

Dobry den, prosim o kontrolu logu. Zacaly mi v prohlizecich vyskakovat reklamni okna, otevirat se ruzne stranky na browser-hry a informace o vyhrach. Zde je vypis z logu FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by M (administrator) on M-PC on 11-06-2015 06:59:09
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) D:\= PROGRAMY =\Avast 2014\AvastSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(QIP.ru) C:\Program Files (x86)\QipGuard\QipGuard.exe
(Saitek) C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(TeamViewer GmbH) D:\= PROGRAMY =\TeamViewer6\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://tortoisesvn.net) D:\= PROGRAMY =\SVN\bin\TSVNCache.exe
(Samsung) D:\= PROGRAMY =\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avast Software s.r.o.) D:\= PROGRAMY =\Avast 2014\avastui.exe
(Samsung Electronics Co., Ltd.) D:\= PROGRAMY =\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\Plugin.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\5\Plugin.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\2\Plugin.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\Plugin.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [ISW] => [X]
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Tilt] => C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe [724992 2009-06-26] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\= PROGRAMY =\Avast 2014\AvastUI.exe [5515496 2015-05-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\= PROGRAMY =\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\...\Run: [DAEMON Tools Lite] => D:\= PROGRAMY =\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\...\Run: [KiesPreload] => D:\= PROGRAMY =\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\...\Run: [] => D:\= PROGRAMY =\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\= PROGRAMY =\Avast 2014\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\= PROGRAMY =\Avast 2014\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Record Page -> {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} -> C:\Program Files (x86)\Record Page\Extensions\2335267c-dbba-4dd5-a9d0-c4db8e6a75a4.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\= PROGRAMY =\Avast 2014\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-3198219806-2281913311-1279161303-1000 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4BC723EE-012E-4DCC-B992-6B66B96B63B2}: [NameServer] 8.8.8.8,10.10.10.6

FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF SearchEngineOrder.1: Seznam
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> D:\= PROGRAMY =\Java\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2015-05-05] (Reto-Moto ApS)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2013-04-19] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll [2010-08-09] (ParallelGraphics)
FF Plugin-x32: @software602.cz/602XML Filler -> D:\= PROGRAMY =\602\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3198219806-2281913311-1279161303-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\M\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-06-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3198219806-2281913311-1279161303-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-05-20] (Ubisoft)
FF SearchPlugin: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\searchplugins\seznam-avast.xml [2015-06-09]
FF Extension: HNG downloader/starter (live) - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\npretoxlive@live.heroesandgenerals.com [2012-05-05]
FF Extension: PutLocker Downloader - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\ptl@ptl.com.xpi [2013-06-26]
FF Extension: Adblock Plus - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-08]
FF Extension: Record Page - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\{d1b24110-ff8f-46b1-9312-0f9e2783ae7e}.xpi [2015-06-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\= PROGRAMY =\Avast 2014\WebRep\FF
FF Extension: Avast Online Security - D:\= PROGRAMY =\Avast 2014\WebRep\FF [2014-09-03]
FF Extension: No Name - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\extensions\searchffv2@gmail.com [not found]
FF Extension: No Name - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\extensions\searchffv2@gmail.com [not found]

Chrome:
=======
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-30]
CHR Extension: (Google Search) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-30]
CHR Extension: (Tampermonkey) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-11-23]
CHR Extension: (Record Page) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphgnejlklokobpandlkclmjldgbjppc [2015-06-09]
CHR Extension: (Heroes & Generals - Charlie) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gedlhmecleleofbcmeikmbnpocenmbof [2015-05-08]
CHR Extension: (AdBlock) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-17]
CHR Extension: (Bookmark Manager) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-22]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-03]
CHR Extension: (Skype Click to Call) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-09]
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-30]
CHR HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\= PROGRAMY =\Avast 2014\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

Opera:
=======
OPR Extension: (Record Page) - C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Extensions\dphgnejlklokobpandlkclmjldgbjppc [2015-06-09]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe http://www.omniboxes.com/?type=sc&ts=14 ... XX9VP8Z72X

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; D:\= PROGRAMY =\Avast 2014\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; D:\= PROGRAMY =\Avast 2014\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-30] ()
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [827520 2011-11-03] (Check Point Software Technologies)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\= PROGRAMY =\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-14] ()
R2 QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [191440 2012-01-12] (QIP.ru) [File not signed]
R2 SaiDOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [241152 2008-04-04] (Saitek) [File not signed]
R2 Service Mgr RecordPage; C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe [649480 2015-06-11] ()
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-05-08] (PS Media s.r.o.)
R2 TeamViewer6; D:\= PROGRAMY =\TeamViewer6\TeamViewer_Service.exe [2228008 2010-12-07] (TeamViewer GmbH)
R2 Update Mgr RecordPage; C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe [575240 2015-06-11] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-08-18] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R1 ISODrive; D:\= PROGRAMY =\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (EZB Systems, Inc.)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33672 2011-11-03] (Check Point Software Technologies)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R3 SaiH0762; C:\Windows\System32\DRIVERS\SaiH0762.sys [178560 2008-04-04] (Saitek)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-08] () [File not signed]
R2 VBoxAswDrv; D:\= PROGRAMY =\Avast 2014\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)
U3 a308xopp; C:\Windows\System32\Drivers\a308xopp.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz130; \??\C:\Users\M\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
S3 NTACCESS; \??\F:\NTACCESS_64.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 SetupNTGLM7X; \??\F:\NTGLM7X.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 06:59 - 2015-06-11 06:59 - 00026288 _____ C:\Users\M\Desktop\FRST.txt
2015-06-11 06:56 - 2015-06-11 06:56 - 02108928 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2015-06-11 06:55 - 2015-06-11 06:55 - 00001852 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 16:05 - 2015-06-09 16:05 - 00000000 ____D C:\Program Files (x86)\Record Page
2015-06-09 15:55 - 2015-06-09 15:55 - 02231296 _____ C:\Users\M\Desktop\adwcleaner_4.206.exe
2015-06-09 15:34 - 2015-06-09 15:34 - 00003192 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-06-08 15:58 - 2015-06-08 15:58 - 00000476 __RSH C:\ProgramData\ntuser.pol
2015-06-08 15:57 - 2015-06-09 16:02 - 00001812 _____ C:\Windows\PFRO.log
2015-06-06 13:36 - 2015-06-11 06:53 - 00000000 ____D C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
2015-06-01 17:28 - 2015-06-06 13:41 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-01 17:28 - 2015-06-01 17:28 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-29 20:51 - 2015-06-11 06:46 - 00002688 _____ C:\Windows\setupact.log
2015-05-29 20:51 - 2015-05-29 20:51 - 00000000 _____ C:\Windows\setuperr.log
2015-05-28 20:31 - 2015-05-28 20:37 - 00000000 ____D C:\Users\M\Documents\Project CARS
2015-05-25 19:20 - 2015-05-25 19:20 - 00000000 ____D C:\Program Files\avast software
2015-05-21 12:59 - 2015-05-30 21:06 - 00000000 ____D C:\Users\M\Documents\The Witcher 3
2015-05-21 12:45 - 2015-05-21 12:45 - 00000000 ____D C:\Users\M\AppData\Local\Colossal Order
2015-05-21 12:41 - 2015-05-21 12:41 - 00000868 _____ C:\Users\Public\Desktop\Cities Skylines - Deluxe Edition.lnk
2015-05-20 23:06 - 2015-05-20 23:06 - 00000889 _____ C:\Users\M\Desktop\The Witcher 3 Wild Hunt.lnk
2015-05-20 23:06 - 2015-05-20 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 06:59 - 2014-10-15 20:43 - 00000000 ____D C:\FRST
2015-06-11 06:54 - 2014-09-02 22:31 - 01179457 _____ C:\Windows\WindowsUpdate.log
2015-06-11 06:54 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-11 06:54 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-11 06:52 - 2009-07-14 17:18 - 18748306 _____ C:\Windows\system32\perfh005.dat
2015-06-11 06:52 - 2009-07-14 17:18 - 06378726 _____ C:\Windows\system32\perfc005.dat
2015-06-11 06:52 - 2009-07-14 07:13 - 00006228 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 06:51 - 2014-10-14 22:16 - 00003808 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1413316471
2015-06-11 06:47 - 2012-07-04 12:30 - 00004160 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-11 06:46 - 2015-05-08 20:02 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2015-06-11 06:46 - 2014-10-18 18:50 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 06:46 - 2011-11-27 10:32 - 00000000 ____D C:\Users\M\AppData\Local\TSVNCache
2015-06-11 06:46 - 2010-10-16 12:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-11 06:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 16:00 - 2014-10-15 22:06 - 00000000 ____D C:\AdwCleaner
2015-06-09 16:00 - 2014-10-15 20:40 - 00000658 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk
2015-06-09 16:00 - 2014-10-14 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-09 16:00 - 2014-10-04 09:28 - 00000958 _____ C:\Users\Public\Desktop\IL-2 Sturmovik Battle of Stalingrad.lnk
2015-06-09 16:00 - 2014-04-28 22:04 - 00000000 ____D C:\Users\M\AppData\Local\TB
2015-06-09 16:00 - 2013-03-15 22:27 - 00000961 _____ C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 16:00 - 2012-08-15 16:09 - 00000665 _____ C:\Users\M\Desktop\War Thunder.lnk
2015-06-09 16:00 - 2012-08-15 16:09 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
2015-06-09 16:00 - 2011-10-19 11:13 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Benchmark Sims
2015-06-09 16:00 - 2011-02-02 10:44 - 00000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-09 15:34 - 2015-05-08 20:02 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-08 16:13 - 2014-10-18 18:50 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 16:05 - 2014-11-25 00:21 - 00000000 ___RD C:\Users\M\Desktop\MIRKA
2015-06-06 13:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-06-06 13:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2015-06-01 17:28 - 2014-08-28 22:18 - 00000000 ____D C:\Users\M\AppData\Local\Adobe
2015-06-01 17:28 - 2012-04-04 09:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-01 17:28 - 2011-05-14 07:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 17:27 - 2014-12-01 22:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-29 23:54 - 2011-09-29 18:45 - 00000000 ____D C:\ProgramData\Origin
2015-05-28 17:42 - 2011-02-08 20:32 - 00000000 ____D C:\Users\M\AppData\Roaming\DAEMON Tools Lite
2015-05-28 17:42 - 2010-10-16 18:41 - 00000000 ____D C:\Windows\Panther
2015-05-28 17:38 - 2012-02-11 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG3100 series
2015-05-26 12:57 - 2011-02-08 20:32 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-05-21 12:24 - 2010-11-16 18:17 - 00000000 ____D C:\Users\M\Documents\My Games
2015-05-21 12:22 - 2015-02-01 11:44 - 00000000 ____D C:\Users\M\Documents\Ubisoft
2015-05-19 22:08 - 2010-10-30 18:31 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 22:08 - 2010-10-30 18:31 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2012-04-16 21:33 - 2012-04-30 08:14 - 0003584 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-13 10:16 - 2014-12-13 10:16 - 0010293 _____ () C:\Users\M\AppData\Local\recently-used.xbel
2012-04-12 08:42 - 2015-02-07 23:44 - 0027620 _____ () C:\Users\M\AppData\Local\SRDownloader.err
2012-04-06 10:00 - 2015-02-07 23:44 - 0001136 _____ () C:\Users\M\AppData\Local\SRDownloader.nast
2012-01-24 07:01 - 2012-01-24 07:01 - 0000000 _____ () C:\Users\M\AppData\Local\{5A0EF47B-D26B-4CEF-9BFB-556569447A1F}

Some files in TEMP:
====================
C:\Users\M\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\M\AppData\Local\Temp\Quarantine.exe
C:\Users\M\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 11:40

==================== End of log ============================

[Maverick]

Zde je vypis logu po cisteni AdwCleanerem


# AdwCleaner v4.206 - Log vytvořen 11/06/2015 v 07:09:53
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-09.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : M - M-PC
# Spuštěno z : C:\Users\M\Desktop\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\Record Page
Soubor Smazáno : C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_pacgpkgadgmibnhpdidcnfafllnmeomc_0
Soubor Smazáno : C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pacgpkgadgmibnhpdidcnfafllnmeomc

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v32.0.2 (x86 cs)


-\\ Google Chrome v43.0.2357.81

[C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.omniboxes.com/?type=hp&ts=143359055 ... XX9VP8Z72X

-\\ Chromium v


-\\ Comodo Dragon v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [53995 bytů] - [15/10/2014 22:06:43]
AdwCleaner[R1].txt - [6552 bytů] - [20/02/2015 20:14:15]
AdwCleaner[R2].txt - [10752 bytů] - [09/06/2015 15:56:02]
AdwCleaner[R3].txt - [1860 bytů] - [11/06/2015 07:08:29]
AdwCleaner[S0].txt - [51223 bytů] - [15/10/2014 22:10:57]
AdwCleaner[S1].txt - [9373 bytů] - [20/02/2015 20:16:25]
AdwCleaner[S2].txt - [8225 bytů] - [09/06/2015 16:00:52]
AdwCleaner[S3].txt - [1780 bytů] - [11/06/2015 07:09:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1838 bytů] ##########

[Maverick]

A zde je novy log z FRST po cisteni AdwCleanerem :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by M (administrator) on M-PC on 11-06-2015 07:14:58
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) D:\= PROGRAMY =\Avast 2014\AvastSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(QIP.ru) C:\Program Files (x86)\QipGuard\QipGuard.exe
(Saitek) C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(TeamViewer GmbH) D:\= PROGRAMY =\TeamViewer6\TeamViewer_Service.exe
() C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(http://tortoisesvn.net) D:\= PROGRAMY =\SVN\bin\TSVNCache.exe
(Samsung) D:\= PROGRAMY =\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avast Software s.r.o.) D:\= PROGRAMY =\Avast 2014\avastui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Samsung Electronics Co., Ltd.) D:\= PROGRAMY =\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\Plugin.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\5\Plugin.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\2\Plugin.exe
() C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\Plugin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files (x86)\Google\Update\Install\{76B7C50F-D80C-4084-AD64-DE91C9CF359D}\43.0.2357.124_43.0.2357.81_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_CA660.tmp\setup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-06] (Realtek Semiconductor)
HKLM\...\Run: [ISW] => [X]
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Tilt] => C:\Program Files (x86)\GIGABYTE\GHOST\Tilt.exe [724992 2009-06-26] ()
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\= PROGRAMY =\Avast 2014\AvastUI.exe [5515496 2015-05-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\= PROGRAMY =\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\...\Run: [DAEMON Tools Lite] => D:\= PROGRAMY =\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\...\Run: [KiesPreload] => D:\= PROGRAMY =\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\...\Run: [] => D:\= PROGRAMY =\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\= PROGRAMY =\Avast 2014\ashShA64.dll [2015-04-22] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (http://tortoisesvn.net)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\= PROGRAMY =\Avast 2014\aswWebRepIE64.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Record Page -> {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} -> C:\Program Files (x86)\Record Page\Extensions\2335267c-dbba-4dd5-a9d0-c4db8e6a75a4.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> D:\= PROGRAMY =\Avast 2014\aswWebRepIE.dll [2015-04-22] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-20] (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKU\S-1-5-21-3198219806-2281913311-1279161303-1000 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4BC723EE-012E-4DCC-B992-6B66B96B63B2}: [NameServer] 8.8.8.8,10.10.10.6

FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF SearchEngineOrder.1: Seznam
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> D:\= PROGRAMY =\Java\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-20] (Oracle Corporation)
FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [2015-05-05] (Reto-Moto ApS)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2013-04-19] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npCortona.dll [2010-08-09] (ParallelGraphics)
FF Plugin-x32: @software602.cz/602XML Filler -> D:\= PROGRAMY =\602\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3198219806-2281913311-1279161303-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\M\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-06-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3198219806-2281913311-1279161303-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-05-20] (Ubisoft)
FF SearchPlugin: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\searchplugins\seznam-avast.xml [2015-06-09]
FF Extension: HNG downloader/starter (live) - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\npretoxlive@live.heroesandgenerals.com [2012-05-05]
FF Extension: PutLocker Downloader - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\ptl@ptl.com.xpi [2013-06-26]
FF Extension: Record Page - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi [2015-06-11]
FF Extension: Adblock Plus - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\= PROGRAMY =\Avast 2014\WebRep\FF
FF Extension: Avast Online Security - D:\= PROGRAMY =\Avast 2014\WebRep\FF [2014-09-03]
FF Extension: No Name - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\extensions\searchffv2@gmail.com [not found]
FF Extension: No Name - C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\extensions\searchffv2@gmail.com [not found]

Chrome:
=======
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-30]
CHR Extension: (Google Search) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-30]
CHR Extension: (Tampermonkey) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-11-23]
CHR Extension: (Heroes & Generals - Charlie) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gedlhmecleleofbcmeikmbnpocenmbof [2015-05-08]
CHR Extension: (AdBlock) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-17]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-03]
CHR Extension: (Record Page) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-11]
CHR Extension: (Skype Click to Call) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-06-09]
CHR Extension: (Google Wallet) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-30]
CHR HKU\S-1-5-21-3198219806-2281913311-1279161303-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\= PROGRAMY =\Avast 2014\WebRep\Chrome\aswWebRepChrome.crx [2015-04-22]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

Opera:
=======
OPR Extension: (Record Page) - C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-11]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe http://www.omniboxes.com/?type=sc&ts=14 ... XX9VP8Z72X

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; D:\= PROGRAMY =\Avast 2014\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; D:\= PROGRAMY =\Avast 2014\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-30] ()
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [14848 2011-01-10] () [File not signed]
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [827520 2011-11-03] (Check Point Software Technologies)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S3 Origin Client Service; D:\= PROGRAMY =\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-14] ()
R2 QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [191440 2012-01-12] (QIP.ru) [File not signed]
R2 SaiDOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [241152 2008-04-04] (Saitek) [File not signed]
R2 Service Mgr RecordPage; C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe [649480 2015-06-11] ()
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-05-08] (PS Media s.r.o.)
R2 TeamViewer6; D:\= PROGRAMY =\TeamViewer6\TeamViewer_Service.exe [2228008 2010-12-07] (TeamViewer GmbH)
R2 Update Mgr RecordPage; C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe [575240 2015-06-11] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-22] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-22] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-22] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-22] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-22] ()
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2011-01-10] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-08-18] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R1 ISODrive; D:\= PROGRAMY =\UltraISO\drivers\ISODrv64.sys [115600 2009-02-10] (EZB Systems, Inc.)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33672 2011-11-03] (Check Point Software Technologies)
R3 npusbio; C:\Windows\System32\Drivers\npusbio_x64.sys [38400 2012-07-09] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R3 SaiH0762; C:\Windows\System32\DRIVERS\SaiH0762.sys [178560 2008-04-04] (Saitek)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-02-08] () [File not signed]
R2 VBoxAswDrv; D:\= PROGRAMY =\Avast 2014\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)
U3 as0bj81a; C:\Windows\System32\Drivers\as0bj81a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz130; \??\C:\Users\M\AppData\Local\Temp\cpuz130\cpuz_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS [X]
S3 NTACCESS; \??\F:\NTACCESS_64.sys [X]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]
S3 SetupNTGLM7X; \??\F:\NTGLM7X.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 07:14 - 2015-06-11 07:15 - 00026424 _____ C:\Users\M\Desktop\FRST.txt
2015-06-11 07:13 - 2015-06-11 07:13 - 00000000 ____D C:\Program Files (x86)\Record Page
2015-06-11 07:07 - 2015-06-11 07:08 - 00000000 ____D C:\Users\M\Desktop\VIRY
2015-06-11 06:56 - 2015-06-11 06:56 - 02108928 _____ (Farbar) C:\Users\M\Desktop\FRST64.exe
2015-06-11 06:55 - 2015-06-11 06:55 - 00001852 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 15:55 - 2015-06-09 15:55 - 02231296 _____ C:\Users\M\Desktop\adwcleaner_4.206.exe
2015-06-09 15:34 - 2015-06-09 15:34 - 00003192 _____ C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe
2015-06-08 15:58 - 2015-06-08 15:58 - 00000476 __RSH C:\ProgramData\ntuser.pol
2015-06-08 15:57 - 2015-06-09 16:02 - 00001812 _____ C:\Windows\PFRO.log
2015-06-06 13:36 - 2015-06-11 06:53 - 00000000 ____D C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
2015-06-01 17:28 - 2015-06-06 13:41 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-01 17:28 - 2015-06-01 17:28 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-29 20:51 - 2015-06-11 07:11 - 00002856 _____ C:\Windows\setupact.log
2015-05-29 20:51 - 2015-05-29 20:51 - 00000000 _____ C:\Windows\setuperr.log
2015-05-28 20:31 - 2015-05-28 20:37 - 00000000 ____D C:\Users\M\Documents\Project CARS
2015-05-25 19:20 - 2015-05-25 19:20 - 00000000 ____D C:\Program Files\avast software
2015-05-21 12:59 - 2015-05-30 21:06 - 00000000 ____D C:\Users\M\Documents\The Witcher 3
2015-05-21 12:45 - 2015-05-21 12:45 - 00000000 ____D C:\Users\M\AppData\Local\Colossal Order
2015-05-21 12:41 - 2015-05-21 12:41 - 00000868 _____ C:\Users\Public\Desktop\Cities Skylines - Deluxe Edition.lnk
2015-05-20 23:06 - 2015-05-20 23:06 - 00000889 _____ C:\Users\M\Desktop\The Witcher 3 Wild Hunt.lnk
2015-05-20 23:06 - 2015-05-20 23:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-11 07:15 - 2014-10-15 20:43 - 00000000 ____D C:\FRST
2015-06-11 07:14 - 2014-09-02 22:31 - 01183465 _____ C:\Windows\WindowsUpdate.log
2015-06-11 07:13 - 2014-10-18 18:50 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-11 07:11 - 2015-05-08 20:02 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2015-06-11 07:11 - 2014-10-18 18:50 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-11 07:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-11 07:10 - 2010-10-16 12:44 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-11 07:09 - 2014-10-15 22:06 - 00000000 ____D C:\AdwCleaner
2015-06-11 06:54 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-11 06:54 - 2009-07-14 06:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-11 06:52 - 2009-07-14 17:18 - 18748306 _____ C:\Windows\system32\perfh005.dat
2015-06-11 06:52 - 2009-07-14 17:18 - 06378726 _____ C:\Windows\system32\perfc005.dat
2015-06-11 06:52 - 2009-07-14 07:13 - 00006228 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 06:51 - 2014-10-14 22:16 - 00003808 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1413316471
2015-06-11 06:47 - 2012-07-04 12:30 - 00004160 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-11 06:46 - 2011-11-27 10:32 - 00000000 ____D C:\Users\M\AppData\Local\TSVNCache
2015-06-09 16:00 - 2014-10-15 20:40 - 00000658 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk
2015-06-09 16:00 - 2014-10-14 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-09 16:00 - 2014-10-04 09:28 - 00000958 _____ C:\Users\Public\Desktop\IL-2 Sturmovik Battle of Stalingrad.lnk
2015-06-09 16:00 - 2014-04-28 22:04 - 00000000 ____D C:\Users\M\AppData\Local\TB
2015-06-09 16:00 - 2013-03-15 22:27 - 00000961 _____ C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 16:00 - 2012-08-15 16:09 - 00000665 _____ C:\Users\M\Desktop\War Thunder.lnk
2015-06-09 16:00 - 2012-08-15 16:09 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\War Thunder
2015-06-09 16:00 - 2011-10-19 11:13 - 00000000 ____D C:\Users\M\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Benchmark Sims
2015-06-09 16:00 - 2011-02-02 10:44 - 00000979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-09 15:34 - 2015-05-08 20:02 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-08 16:05 - 2014-11-25 00:21 - 00000000 ___RD C:\Users\M\Desktop\MIRKA
2015-06-06 13:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2015-06-06 13:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2015-06-01 17:28 - 2014-08-28 22:18 - 00000000 ____D C:\Users\M\AppData\Local\Adobe
2015-06-01 17:28 - 2012-04-04 09:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-01 17:28 - 2011-05-14 07:04 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 17:27 - 2014-12-01 22:45 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-29 23:54 - 2011-09-29 18:45 - 00000000 ____D C:\ProgramData\Origin
2015-05-28 17:42 - 2011-02-08 20:32 - 00000000 ____D C:\Users\M\AppData\Roaming\DAEMON Tools Lite
2015-05-28 17:42 - 2010-10-16 18:41 - 00000000 ____D C:\Windows\Panther
2015-05-28 17:38 - 2012-02-11 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MG3100 series
2015-05-26 12:57 - 2011-02-08 20:32 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-05-21 12:24 - 2010-11-16 18:17 - 00000000 ____D C:\Users\M\Documents\My Games
2015-05-21 12:22 - 2015-02-01 11:44 - 00000000 ____D C:\Users\M\Documents\Ubisoft
2015-05-19 22:08 - 2010-10-30 18:31 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 22:08 - 2010-10-30 18:31 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2012-04-16 21:33 - 2012-04-30 08:14 - 0003584 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-13 10:16 - 2014-12-13 10:16 - 0010293 _____ () C:\Users\M\AppData\Local\recently-used.xbel
2012-04-12 08:42 - 2015-02-07 23:44 - 0027620 _____ () C:\Users\M\AppData\Local\SRDownloader.err
2012-04-06 10:00 - 2015-02-07 23:44 - 0001136 _____ () C:\Users\M\AppData\Local\SRDownloader.nast
2012-01-24 07:01 - 2012-01-24 07:01 - 0000000 _____ () C:\Users\M\AppData\Local\{5A0EF47B-D26B-4CEF-9BFB-556569447A1F}

Some files in TEMP:
====================
C:\Users\M\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\M\AppData\Local\Temp\Quarantine.exe
C:\Users\M\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-24 11:40

==================== End of log ============================

[JaRon]

ahoj
pouzi zoek podla navodu kolegu http://forum.viry.cz/viewtopic.php?f=54 ... k#p1400981

[Maverick]

Zde je ZOEK log :

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by M on źt 11.06.2015 at 9:22:23,70.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\M\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

11.6.2015 9:23:51 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\CheckPoint deleted successfully
C:\PROGRA~2\Eagle Dynamics deleted successfully
C:\PROGRA~2\Electronic Arts deleted successfully
C:\PROGRA~2\Garmin deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\Alwil Software deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\ThirdWire deleted successfully
C:\PROGRA~3\Ubisoft deleted successfully
C:\Users\M\AppData\Roaming\DAEMON Tools Pro deleted successfully
C:\Users\M\AppData\Local\2012 deleted successfully
C:\Users\M\AppData\Local\DCS deleted successfully
C:\Users\M\AppData\Local\EA Games deleted successfully
C:\Users\M\AppData\Local\GHISLER deleted successfully
C:\Users\M\AppData\Local\LucasArts deleted successfully
C:\Users\M\AppData\Local\TB deleted successfully
C:\Users\M\AppData\Local\TSVNCache deleted successfully
C:\Users\M\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3198219806-2281913311-1279161303-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-3198219806-2281913311-1279161303-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-3198219806-2281913311-1279161303-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9EE4DEF-8047-4CBF-B34E-26540B3D2A38} deleted successfully
HKEY_USERS\S-1-5-21-3198219806-2281913311-1279161303-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB183E85-3E62-4F7F-90D7-13C7BDA15A77} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IswSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IswSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Service Mgr RecordPage deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Service Mgr RecordPage deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update Mgr RecordPage deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update Mgr RecordPage deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\M\AppData\Roaming\Broad Intelligence\MediaCoder\Profiles\pafy7hqk.default\prefs.js:

Added to C:\Users\M\AppData\Roaming\Broad Intelligence\MediaCoder\Profiles\pafy7hqk.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/?clid=22668");
user_pref("browser.search.defaulturl", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
user_pref("keyword.URL", "http://search.seznam.cz/?sourceid=quick ... earchTerms}&");

Added to C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\M\AppData\Roaming\Broad Intelligence\MediaCoder\Profiles\pafy7hqk.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_11.06.2015_0943_.backup

ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default

user.js not found
---- Lines neurowise removed from prefs.js ----
user_pref("extensions.neurowise.asul", "1431108279388");
user_pref("extensions.neurowise.aul", "1431108187605");
user_pref("extensions.neurowise.irl", true);
user_pref("extensions.neurowise.is", "cbslug10");
user_pref("extensions.neurowise.ug", "9D1BCCA9-8C3C-4CE8-8F49-83328E6B8F67");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----

prefs_11.06.2015_0943_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\PROGRA~2\CheckPoint not found
C:\PROGRA~2\Eagle Dynamics not found
C:\PROGRA~2\Electronic Arts not found
C:\PROGRA~2\Garmin not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~3\87737dd0-ad90-4193-bd48-336966b8d777 deleted
C:\PROGRA~2\COMMON~1\87737dd0-ad90-4193-bd48-336966b8d777 deleted
C:\STF6003.tmp deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-3198219806-2281913311-1279161303-1000 deleted
C:\windows\SysNative\Tasks\avastBCLRestart_chrome.exe deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\Syswow64\tmp3265.tmp deleted
C:\Windows\Syswow64\tmp3266.tmp deleted
C:\Windows\Syswow64\tmpB386.tmp deleted
C:\Windows\Syswow64\tmpB387.tmp deleted
C:\Windows\Syswow64\tmpC053.tmp deleted
C:\Windows\Syswow64\tmpC054.tmp deleted
C:\Windows\Syswow64\tmpC247.tmp deleted
C:\Windows\Syswow64\tmpC248.tmp deleted
C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\CT3072253 deleted
C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\CT3289075 deleted
"C:\Users\M\AppData\Local\{5A0EF47B-D26B-4CEF-9BFB-556569447A1F}" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\M\AppData\Roaming\Broad Intelligence\MediaCoder\Profiles\pafy7hqk.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="D:\ [06.06.2015 13:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default
- HNG downloaderstarter live - %ProfilePath%\extensions\npretoxlive@live.heroesandgenerals.com
- PutLocker Downloader - %ProfilePath%\extensions\ptl@ptl.com.xpi
- Record Page - %ProfilePath%\extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
99E2145307150EB8AB78F4F888F97DBE - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll - Nexon Game Controller
398334B85CBD2CEED553CC5C160B0D8D PROGRAMY =\602\Filler\npfiller.dll=- D:\= PROGRAMY =\602\Filler\npfiller.dll -= PROGRAMY =\602\Filler\npfiller.dll Software602 Form Filler
E1B84BA8DD77F8259408496A1710E78A - C:\Users\M\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player


==== Deleted Firefox Extensions ======================

C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\1abl6ohg.default\extensions\ptl@ptl.com.xpi deleted

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - D:\[06.06.2015 13:36]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dhdgffkkebhmkfjojejmpbldmpobfkfo - No path found[]

Comodo Drag&Drop Service - M\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - M\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Comodo Media Downloader - M\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Tampermonkey - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
Heroes & Generals - Charlie - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gedlhmecleleofbcmeikmbnpocenmbof
AdBlock - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
{scripts [background.js]}content_scripts:[{js:[content.js]matches:[<all_urls>]run_at:document_end}]content_security_policy:script-src 'self' 'unsafe-eval' https://recordpage-a.akamaihd.net https://recordpage-a.akamaihd.net https://cdn.getrecordpage.com; object-src 'self'description:homepage_url:http://www.getrecordpage.comicons:{48:icon.png}key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fbvM4yiPFgZnu76deayrpb9e9RM0YrFXf/xn1yd7vdM44OAxLsgK2HrOV/7sJLWCpQnBB9vdHhaRV9xcsBIEsGgr8xZ7thPyTpGzrD6OBcnIBoUvzpDd3RMZsOVDKlb49COGTpbK2/NUuaQiGPWkKztV4qFsRTbF9qysWrGmFusrOVv7A15FCLpnVNMzyeTg1yRD14vp4ZkCvQqji3a6g+OyN6ZheQHMO9peleXz5Kt49wmChUG6AGw88S6KOAUlz2h+kAyPLnIuZ/D45xy/opfSWpnBH9GrSpdgGI8moLiF0khSk7zXFGEM6Txu0aRoCM89ROvkOyqinxcvie5bQIDAQABmanifest_version:2name:Record Pagepermissions:[managementstoragetabswebRequestwebRequestBlocking<all_urls>]update_url:http://cdn.getrecordpage.com/updatevers ... 5639.28287} - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana
Skype Click to Call - M\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
{scripts [background.js]}content_scripts:[{js:[content.js]matches:[<all_urls>]run_at:document_end}]content_security_policy:script-src 'self' 'unsafe-eval' https://recordpage-a.akamaihd.net https://recordpage-a.akamaihd.net https://cdn.getrecordpage.com; object-src 'self'description:homepage_url:http://www.getrecordpage.comicons:{48:icon.png}key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fbvM4yiPFgZnu76deayrpb9e9RM0YrFXf/xn1yd7vdM44OAxLsgK2HrOV/7sJLWCpQnBB9vdHhaRV9xcsBIEsGgr8xZ7thPyTpGzrD6OBcnIBoUvzpDd3RMZsOVDKlb49COGTpbK2/NUuaQiGPWkKztV4qFsRTbF9qysWrGmFusrOVv7A15FCLpnVNMzyeTg1yRD14vp4ZkCvQqji3a6g+OyN6ZheQHMO9peleXz5Kt49wmChUG6AGw88S6KOAUlz2h+kAyPLnIuZ/D45xy/opfSWpnBH9GrSpdgGI8moLiF0khSk7zXFGEM6Txu0aRoCM89ROvkOyqinxcvie5bQIDAQABmanifest_version:2name:Record Pagepermissions:[managementstoragetabswebRequestwebRequestBlocking<all_urls>]update_url:http://cdn.getrecordpage.com/updatevers ... 5639.28287} - M\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana

==== Chromium Startpages ======================

C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Preferences
00x148mm\",\"height_microns\":200000,\"name\":\"JPN_OUFUKU\",\"vendor_id\":\"69\",\"width_microns\":148000},{\"custom_display_name\":\"Běžná obálka č.10\",\"height_microns\":241300,\"name\":\"NA_NUMBER_10\",\"vendor_id\":\"20\",\"width_microns\":104700},{\"custom_display_name\":\"Obálka DL\",\"height_microns\":220000,\"name\":\"ISO_DL\",\"vendor_id\":\"27\",\"width_microns\":110000},{\"custom_display_name\":\"Choukei 3 120x235mm\",\"height_microns\":235000,\"name\":\"JPN_CHOU3\",\"vendor_id\":\"73\",\"width_microns\":120000},{\"custom_display_name\":\"Choukei 4 90x205mm\",\"height_microns\":205000,\"name\":\"JPN_CHOU4\",\"vendor_id\":\"74\",\"width_microns\":90000},{\"custom_display_name\":\"Youkei 4 105x235mm\",\"height_microns\":235000,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"Youkei 6 98x190mm\",\"height_microns\":190000,\"name\":\"NA_MONARCH\",\"vendor_id\":\"125\",\"width_microns\":98000},{\"custom_display_name\":\"Wide 101.6x180.6mm 4\\\"x7.1\\\"\",\"height_microns\":180600,\"vendor_id\":\"126\",\"width_microns\":101600},{\"custom_display_name\":\"Letter+ (Měřítko)\",\"height_microns\":337800,\"vendor_id\":\"272\",\"width_microns\":228600},{\"custom_display_name\":\"279.4x431.8mm 11\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"name\":\"NA_LEDGER\",\"vendor_id\":\"3\",\"width_microns\":279400},{\"custom_display_name\":\"342.9x431.8mm 13.5\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"262\",\"width_microns\":342900},{\"custom_display_name\":\"431.8x558.8mm 17\\\"x22\\\" (Měřítko)\",\"height_microns\":558800,\"name\":\"NA_C\",\"vendor_id\":\"24\",\"width_microns\":431800},{\"custom_display_name\":\"A4+ (Měřítko)\",\"height_microns\":355600,\"vendor_id\":\"273\",\"width_microns\":222700},{\"custom_display_name\":\"A3 (Měřítko)\",\"height_microns\":420000,\"name\":\"ISO_A3\",\"vendor_id\":\"8\",\"width_microns\":297000},{\"custom_display_name\":\"A3+ 33x48cm 13\\\"x19\\\" (Měřítko)\",\"height_microns\":483000,\"vendor_id\":\"274\",\"width_microns\":329000},{\"custom_display_name\":\"A2 (Měřítko)\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"66\",\"width_microns\":420000},{\"custom_display_name\":\"B4 (Měřítko)\",\"height_microns\":364000,\"name\":\"JIS_B4\",\"vendor_id\":\"12\",\"width_microns\":257000},{\"custom_display_name\":\"B3 (Měřítko)\",\"height_microns\":515000,\"name\":\"JIS_B3\",\"vendor_id\":\"257\",\"width_microns\":364000},{\"custom_display_name\":\"25x30cm 10\\\"x12\\\" (Měřítko)\",\"height_microns\":304800,\"vendor_id\":\"297\",\"width_microns\":254000},{\"custom_display_name\":\"36x43cm 14\\\"x17\\\" (Měřítko)\",\"height_microns\":431800,\"vendor_id\":\"296\",\"width_microns\":355600}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"Canon MG3100 series Printer (kopie 1)\",\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"selectedDestinationExtensionId\":\"\"}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"clear_site_data_on_exit":false,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]battlelog.battlefield.com,*":{"setting":1},"[*.]games.tiscali.cz,*":{"setting":1},"[*.]www.zing.cz,*":{"setting":1},"http://store.steampowered.com:80,http://store.steampowered.com:80":{"setting":1},"https://[*.]archive.org:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{"https://[*.]archive.org:443,*":{"setting":1}},"notifications":{},"plugins":{"[*.]battlelog.battlefield.com,*":{"setting":1},"[*.]java.com,*":{"setting":1},"http://192.168.1.102:8080,*":{"setting":1}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]battlelog.battlefield.com,*":{"fullscreen":1,"plugins":1},"[*.]games.tiscali.cz,*":{"fullscreen":1},"[*.]java.com,*":{"plugins":1},"[*.]www.zing.cz,*":{"fullscreen":1},"http://192.168.1.102:8080,*":{"plugins":1},"http://store.steampowered.com:80,http://store.steampowered.com:80":{"fullscreen":1},"https://[*.]archive.org:443,*":{"fullscreen":1,"mouselock":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"multiple_profile_prefs_version":1,"name":"Vchoz profil","password_manager_enabled":false,"password_manager_groups_for_domains":[null,null,null,null,null,null,6],"per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"D:\\STÁHNUTO"},"selectfile":{"last_directory":"C:\\Users\\M\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13043188706517948"},"spdy":{"servers":["ssl.gstatic.com:443","www.youtube.com:443","googleads.g.doubleclick.net:443","toolbarqueries.google.com:443","clients2.google.com:443","i3.ytimg.com:443","s.ytimg.com:443","apis.google.com:443"]},"sync":{"suppress_start":true},"tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false},"translate_accepted_count":{"en":0,"ru":0},"translate_blocked_languages":["cs","en"],"translate_denied_count":{"en":7,"ru":3},"translate_language_blacklist":["en"],"translate_last_denied_time":1.416398e+12,"translate_site_blacklist":["mightandmagicheroeskingdoms.ubi.com","battlelog.battlefield.com","f1onlinethegame.com","accounts.codemasters.com","www.silenthunteronline.com"],"translate_too_often_denied":true,"translate_whitelists":{}}
mgnkcojhhkbfbldkacnbeo":"3C3ADEBDF3B54F767750C23F9DDBE9B29CF7FFAAF859D4CDCCA42FB9A63E382C","bopakagnckmlgajfccecajhnimjiiedh":"72D9F5E0C009754839875E5261886265972CF8DD3FA641E275CBFD4257541151","coobgpohoikkiipiblmjeljniedjpjpf":"E2FBEDADC28461CB78D69258227EE5BB63011BD7532991A78B148C3E832DF448","dhdgffkkebhmkfjojejmpbldmpobfkfo":"D5E50AACE2D8D55D09A2C45F49F56A7A9FD838F0AF541F9F57D0F5247C0036AF","eemcgdkfndhakfknompkggombfjjjeno":"B22DADD22DF95F63ACE7D74BE8B254D4E9BCC715666C39D08312A2603B102BA7","ennkphjdgehloodpbhlhldgbnhmacadg":"65FE8CB0CEC931BD9FB75E7089409165654AE8F0A226D297ABC672273EB71BA3","gedlhmecleleofbcmeikmbnpocenmbof":"BB8270D33B22D4A011F5B294D7A84AC492E82C873DFD35241EEA506F80EF39A7","gfdkimpbcpahaombhbimeihdjnejgicl":"A8AEF25E6C70A9C1C7ADCC878440A0E0BEBDE364712C2A90B80A0C2FE744FDD6","gighmmpiobklfepjocnamgkkbiglidom":"4286D39804F799F16C91BA535128794161311127A6D557B982699E6C78502E4D","gomekmidlodglbbmalcneegieacbdmki":"8B29A86B8BDEA32BB960066701166B29C9985FCFAF7DA33764D7335A5714803E","hgfhaaeheijfpmonfiigkpljdigboana":"0CEBFA6FC26E8E1551FC57155543A00E234226740B2A4DE7DDBF6120F8511AF7","kmendfapggjehodndflmmgagdbamhnfd":"828C57199A6E7D41D6B97275A6C70FB52E2BEA26F627E8407D71EB53FA712B0F","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"03F1E7674124822425786C76DC2DA72BBE3E8CBC39F98396C77361A60CD6B397","mfehgcgbbipciphmccgaenjidiccnmng":"2BD2EABA4809326D072EBEE001FC8CAA58A9F374573EAAE7CB84FA52265017FF","mgndgikekgjfcpckkfioiadnlibdjbkf":"332E40507A2B306CAEAB8007E604AA53CD1B74C1CEB53571C555F8C0A62D2ED5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"610ACA8BC951AC0761B6A6BDE5B5F73F854685B6721CDBD2CEA0D88673A7309F","neajdppkdcdipfabeoofebfddakdcjhd":"F438266FA4DFC99CFA5A285D2EAE60E9E0C7555BF20281DC58C08816F0AEDFD5","nkeimhogjdpnpccoofpliimaahmaaome":"8730A1F02957E8599AD415F9D3B6F6C27489D1DAC9450A305442B8840695379C","nmmhkkegccagdldgiimedpiccmgmieda":"A714F984CAEF0162D2C80B531B68F7E2CB8C1CB1DDA7F1D364819C4E982E5C0E","pacgpkgadgmibnhpdidcnfafllnmeomc":"1DA957A2221FC8FA03F8E004EEC7591645F93D69769590ED89DFB74F3387E965","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"5FBB8CC5AB62EFD57BA6660E1A1479E3052B24FA312B3FA05E38D012BD24ABCE","pjkljhegncpnkpknbcohdijeoejaedia":"CD5304AB13CC1967845F0DC452E1BAACE09156330723FD3C898BD792608D680D"}},"google":{"services":{"last_username":"DB98390141BB305FBFB22C9E9671D32B91FB401E52C70BF07730D804412454FF","username":"E3AA5F639A495286B479B053D88C06A87DB3A13A0A59559B7C9E7A9C94D7FDE9"}},"homepage":"CF65E1112B6DAD94BF71E46B4B2A9CDD504D4DD24F1560DC5A62DB3F1F3AED27","homepage_is_newtabpage":"D0AEB5F61ABF530474D93D5C86CFF1AEB0BF8AFC0E2132022D9D11863751FBA5","pinned_tabs":"A35D7E2018EA583691C4C8C0840981667E129C6C02515177F008839584479E25","prefs":{"preference_reset_time":"0F1C91DD41088528EF8AA90FA60A9DA7F2C9740AF7265730F2842564DCFEA399"},"profile":{"reset_prompt_memento":"0ED7541D386B2F0EAC623371BD971C87B0B003B220E324DFE8FB34D5D8080998"},"safebrowsing":{"incidents_sent":"5705666545A55559F9BF566D0CEFC671D3C37803D61633253421CFA176FA00EF"},"search_provider_overrides":"EA605D6BD2A01EDF23EDBFA32763014F95FBDB27A28517E352264BDDAA88FAFC","session":{"restore_on_startup":"1453C57A652841E6D070E213BECDF6E1BE08F94BD932B8076F0AE91F13D15023","startup_urls":"BCDC48C20A1E6E19AEAD646A172100280C1BD0134DA4180C46DAFAC49790C37A"},"software_reporter":{"prompt_reason":"2E99AF21441A8388221683AB47722A603AB9C030CCCDC6889277C5B45F1BBCBF","prompt_seed":"B4E8177A88ECECB9F4541E78681BB6E278964FD490DCFAEC31878808277BAE5B","prompt_version":"6B71A81A5EDDCE84B08D347E3F8E81403DA6C1B27422916E5D5C2229EE1C5039"},"sync":{"remaining_rollback_tries":"12A361E5D9DDABB6BF62FE4970470B5DBF215C051FE2F34ED417198D3A954FD4"}},"super_mac":"8C43F8A03EB64CC2227F53DE304711BFF152A724B79668D28C2A3D821BF36BF1"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":null,"startup_urls":["https://www.seznam.cz/?clid=22668"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}
mgnkcojhhkbfbldkacnbeo":"3C3ADEBDF3B54F767750C23F9DDBE9B29CF7FFAAF859D4CDCCA42FB9A63E382C","bopakagnckmlgajfccecajhnimjiiedh":"72D9F5E0C009754839875E5261886265972CF8DD3FA641E275CBFD4257541151","coobgpohoikkiipiblmjeljniedjpjpf":"E2FBEDADC28461CB78D69258227EE5BB63011BD7532991A78B148C3E832DF448","dhdgffkkebhmkfjojejmpbldmpobfkfo":"D5E50AACE2D8D55D09A2C45F49F56A7A9FD838F0AF541F9F57D0F5247C0036AF","eemcgdkfndhakfknompkggombfjjjeno":"B22DADD22DF95F63ACE7D74BE8B254D4E9BCC715666C39D08312A2603B102BA7","ennkphjdgehloodpbhlhldgbnhmacadg":"65FE8CB0CEC931BD9FB75E7089409165654AE8F0A226D297ABC672273EB71BA3","gedlhmecleleofbcmeikmbnpocenmbof":"BB8270D33B22D4A011F5B294D7A84AC492E82C873DFD35241EEA506F80EF39A7","gfdkimpbcpahaombhbimeihdjnejgicl":"A8AEF25E6C70A9C1C7ADCC878440A0E0BEBDE364712C2A90B80A0C2FE744FDD6","gighmmpiobklfepjocnamgkkbiglidom":"4286D39804F799F16C91BA535128794161311127A6D557B982699E6C78502E4D","gomekmidlodglbbmalcneegieacbdmki":"8B29A86B8BDEA32BB960066701166B29C9985FCFAF7DA33764D7335A5714803E","hgfhaaeheijfpmonfiigkpljdigboana":"0CEBFA6FC26E8E1551FC57155543A00E234226740B2A4DE7DDBF6120F8511AF7","kmendfapggjehodndflmmgagdbamhnfd":"828C57199A6E7D41D6B97275A6C70FB52E2BEA26F627E8407D71EB53FA712B0F","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"03F1E7674124822425786C76DC2DA72BBE3E8CBC39F98396C77361A60CD6B397","mfehgcgbbipciphmccgaenjidiccnmng":"2BD2EABA4809326D072EBEE001FC8CAA58A9F374573EAAE7CB84FA52265017FF","mgndgikekgjfcpckkfioiadnlibdjbkf":"332E40507A2B306CAEAB8007E604AA53CD1B74C1CEB53571C555F8C0A62D2ED5","mhjfbmdgcfjbbpaeojofohoefgiehjai":"610ACA8BC951AC0761B6A6BDE5B5F73F854685B6721CDBD2CEA0D88673A7309F","neajdppkdcdipfabeoofebfddakdcjhd":"F438266FA4DFC99CFA5A285D2EAE60E9E0C7555BF20281DC58C08816F0AEDFD5","nkeimhogjdpnpccoofpliimaahmaaome":"8730A1F02957E8599AD415F9D3B6F6C27489D1DAC9450A305442B8840695379C","nmmhkkegccagdldgiimedpiccmgmieda":"A714F984CAEF0162D2C80B531B68F7E2CB8C1CB1DDA7F1D364819C4E982E5C0E","pacgpkgadgmibnhpdidcnfafllnmeomc":"1DA957A2221FC8FA03F8E004EEC7591645F93D69769590ED89DFB74F3387E965","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"5FBB8CC5AB62EFD57BA6660E1A1479E3052B24FA312B3FA05E38D012BD24ABCE","pjkljhegncpnkpknbcohdijeoejaedia":"CD5304AB13CC1967845F0DC452E1BAACE09156330723FD3C898BD792608D680D"}},"google":{"services":{"last_username":"DB98390141BB305FBFB22C9E9671D32B91FB401E52C70BF07730D804412454FF","username":"E3AA5F639A495286B479B053D88C06A87DB3A13A0A59559B7C9E7A9C94D7FDE9"}},"homepage":"CF65E1112B6DAD94BF71E46B4B2A9CDD504D4DD24F1560DC5A62DB3F1F3AED27","homepage_is_newtabpage":"D0AEB5F61ABF530474D93D5C86CFF1AEB0BF8AFC0E2132022D9D11863751FBA5","pinned_tabs":"A35D7E2018EA583691C4C8C0840981667E129C6C02515177F008839584479E25","prefs":{"preference_reset_time":"0F1C91DD41088528EF8AA90FA60A9DA7F2C9740AF7265730F2842564DCFEA399"},"profile":{"reset_prompt_memento":"0ED7541D386B2F0EAC623371BD971C87B0B003B220E324DFE8FB34D5D8080998"},"safebrowsing":{"incidents_sent":"5705666545A55559F9BF566D0CEFC671D3C37803D61633253421CFA176FA00EF"},"search_provider_overrides":"EA605D6BD2A01EDF23EDBFA32763014F95FBDB27A28517E352264BDDAA88FAFC","session":{"restore_on_startup":"1453C57A652841E6D070E213BECDF6E1BE08F94BD932B8076F0AE91F13D15023","startup_urls":"BCDC48C20A1E6E19AEAD646A172100280C1BD0134DA4180C46DAFAC49790C37A"},"software_reporter":{"prompt_reason":"2E99AF21441A8388221683AB47722A603AB9C030CCCDC6889277C5B45F1BBCBF","prompt_seed":"B4E8177A88ECECB9F4541E78681BB6E278964FD490DCFAEC31878808277BAE5B","prompt_version":"6B71A81A5EDDCE84B08D347E3F8E81403DA6C1B27422916E5D5C2229EE1C5039"},"sync":{"remaining_rollback_tries":"12A361E5D9DDABB6BF62FE4970470B5DBF215C051FE2F34ED417198D3A954FD4"}},"super_mac":"8C43F8A03EB64CC2227F53DE304711BFF152A724B79668D28C2A3D821BF36BF1"},"session":{"restore_on_startup":4,"restore_on_startup_migrated":null,"startup_urls":["https://www.seznam.cz/?clid=22668"],"urls_to_restore_on_startup":null},"sync":{"remaining_rollback_tries":0}}

C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Preferences
"urls_to_restore_on_startup": [ "http://www.seznam.cz/" ]


==== Chromium Fix ======================

C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage deleted successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pstatic.kingtopdeals.com_0.localstorage-journal deleted successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana deleted successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana deleted successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hgfhaaeheijfpmonfiigkpljdigboana_0.localstorage deleted successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_hgfhaaeheijfpmonfiigkpljdigboana_0.localstorage deleted successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hgfhaaeheijfpmonfiigkpljdigboana deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\M\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\M\AppData\Local\Comodo\Dragon\User Data\Default\Web Data was reset successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\M\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\M\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\M\AppData\Local\Mozilla\Firefox\Profiles\1abl6ohg.default\cache2 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Mozilla\Firefox\Profiles\h90d7ib3.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\M\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\M\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=239 folders=69 45591008 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hedev\AppData\Local\Temp emptied successfully
C:\Users\M\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\M\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied
C:\RECYCLER successfully emptied

==== EOF on źt 11.06.2015 at 9:56:09,14 ======================

[JaRon]

este nieco vyskakuje

[Maverick]

Ted jak to tak zkousim tak zatim ne. Je to tedy cisty? A da se nejak zjistit jak se mi tam ta havet dostala?

[JaRon]

ano je to ciste
doporucujem precistit s CCleanerom, ak si tak neurobil za 2-3 mesiace
zistit sa to neda, pretoze islo o zmes otravneho SW, ktory si zbieral dlhsi cas

[Maverick]

Ok a moc moc dekuji za pomoc !!!

[JaRon]

rado sa stalo