kontrola pc

[Márty84]

Log z ADWCleaneru je jen po skenu. Doufam, ze jste nalezy nechala i odstranit.

Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[dapemato]

posílám výsledek...

poslední protokol...
2015/11/03 13:19:09 +0100 U-398F8DF968D14 Uživatel MESSAGE Executing scheduled update: Daily
2015/11/03 13:19:17 +0100 U-398F8DF968D14 Uživatel MESSAGE Scheduled update executed successfully: database updated from version v2015.11.02.05 to version v2015.11.03.04


a pro kontrolu znovu log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-11-2015
Ran by Uživatel (administrator) on U-398F8DF968D14 (07-11-2015 14:01:22)
Running from C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory
Loaded Profiles: Uživatel & UpdatusUser (Available Profiles: Uživatel & UpdatusUser & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(weather-life.com) C:\Program Files\Weather\weather.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() C:\Program Files\Weather\usbwr.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Overwolf LTD) C:\Program Files\Overwolf\Overwolf.exe
(Overwolf LTD) C:\Program Files\Common Files\Overwolf\0.53.394.0\OverwolfHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\FRST(1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18702336 2013-04-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [cfweatherStation] => C:\Program Files\Weather\Weather.exe [536064 2008-07-16] (weather-life.com)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Overwolf] => C:\Program Files\Overwolf\\Overwolf.exe [39200 2014-05-28] (Overwolf LTD)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => %systemroot%\system32\tscupgrd.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-01-21] (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:203cdca2 /dir:C:\Program

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21DDFDED-7FD1-4198-988D-2F0EEF8BBB88}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=143922 ... J1LS802805
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {2910A40F-3882-452F-A83F-6892F0A50582} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {6843c611-16a1-4008-9935-abee902b0711} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {69c7e45f-b26d-484e-9531-f4d558bc12d6} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {B28D168B-7E76-4539-906F-8251F9C08F5E} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {cacfcb71-a0e9-4db4-9236-16418456ee16} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {fba920f7-3fdb-4b8f-aadc-d0ff9d6f73ae} URL = hxxp://www.istartsurf.com/web/?utm_source=b&ut ... earchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-21] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-26] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1 ... J1LS802805
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-26] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1644491937-73586283-682003330-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1644491937-73586283-682003330-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF user.js: detected! => C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\user.js [2015-08-25]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-18] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-25] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.istartsurf.com/?type=hppp&ts=143922 ... J1LS802805
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hppp&ts=143922 ... J1LS802805"
CHR DefaultSearchURL: Default -> hxxp://www.istartsurf.com/web/?type=dspp&ts=14 ... earchTerms}
CHR DefaultSearchKeyword: Default -> istartsurf
CHR Profile: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-21] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893384 2015-10-26] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-10-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1864480 2014-05-28] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2013-10-04] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2445112 2015-05-15] (AVG Technologies)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2013-04-23] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-21] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-21] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2013-05-22] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-02-04] (Samsung Electronics Co., Ltd.) [File not signed]
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2013-05-22] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2013-04-23] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2013-04-23] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128440 2012-12-19] (NVIDIA Corporation)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2015-05-15] (TuneUp Software)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
S4 IntelIde; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-07 13:43 - 2015-11-07 13:43 - 00001461 _____ C:\Documents and Settings\All Users\Plocha\Overwolf.lnk
2015-11-07 13:41 - 2015-11-07 13:41 - 00000837 _____ C:\Documents and Settings\All Users\Plocha\TeamSpeak 3 Client.lnk
2015-11-07 10:11 - 2015-11-07 11:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-03 17:07 - 2015-11-03 17:07 - 01708032 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Plocha\adwcleaner_5.017.exe
2015-11-03 17:07 - 2015-11-03 17:07 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-11-03 17:06 - 2015-11-03 17:07 - 01708032 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Dokumenty\adwcleaner_5.017.exe
2015-11-03 17:06 - 2015-11-03 17:06 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací\Opera Software
2015-11-03 17:06 - 2015-11-03 17:06 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Opera Software
2015-11-02 20:35 - 2015-11-02 20:35 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Malwarebytes
2015-11-02 20:30 - 2015-11-02 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2015-11-02 20:16 - 2015-11-02 20:18 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Dokumenty\Stažené soubory
2015-11-02 20:16 - 2015-11-02 20:16 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Macromedia
2015-11-02 20:16 - 2015-11-02 20:16 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Adobe
2015-11-02 20:14 - 2015-11-02 20:14 - 00000000 __SHD C:\Documents and Settings\Administrator.U-398F8DF968D14\IETldCache
2015-11-02 20:14 - 2015-11-02 20:14 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací\Mozilla
2015-11-02 20:14 - 2015-11-02 20:14 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Mozilla
2015-11-02 20:13 - 2015-11-04 21:48 - 00000178 ___SH C:\Documents and Settings\Administrator.U-398F8DF968D14\ntuser.ini
2015-11-02 20:13 - 2015-11-04 19:40 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Temp
2015-11-02 20:13 - 2015-11-03 17:07 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Plocha
2015-11-02 20:13 - 2015-11-03 17:07 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Dokumenty
2015-11-02 20:13 - 2015-11-03 17:06 - 00000000 __RHD C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací
2015-11-02 20:13 - 2015-11-03 17:06 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací
2015-11-02 20:13 - 2015-11-02 20:14 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14
2015-11-02 20:13 - 2015-08-18 18:17 - 00001599 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-11-02 20:13 - 2015-08-18 18:17 - 00000792 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Windows Media Player.lnk
2015-11-02 20:13 - 2015-08-18 18:17 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy
2015-11-02 20:13 - 2015-08-18 18:16 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Příslušenství
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Po spuštění
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Okolní tiskárny
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Okolní síť
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Oblíbené položky
2015-11-02 20:13 - 2013-04-22 14:28 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Šablony
2015-11-02 20:03 - 2015-11-02 20:03 - 11021080 _____ C:\Documents and Settings\Uživatel\Plocha\VID_20150620_180746.3gp
2015-11-01 09:37 - 2015-11-02 20:30 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2015-11-01 09:37 - 2015-11-01 09:37 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2015-11-01 09:36 - 2015-11-01 09:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-01 09:36 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-28 10:55 - 2015-10-28 10:55 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-10-28 10:55 - 2015-10-28 10:55 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2015-10-27 12:32 - 2015-10-22 10:15 - 201812804 _____ C:\Documents and Settings\Uživatel\Dokumenty\Scania r700 v3.scs
2015-10-26 16:04 - 2015-10-26 16:04 - 00021453 _____ C:\Documents and Settings\Uživatel\Dokumenty\index.php
2015-10-23 17:17 - 2015-10-23 17:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\ETS2MP
2015-10-23 17:17 - 2015-10-23 17:17 - 00000864 _____ C:\Documents and Settings\All Users\Plocha\Play Euro Truck Simulator 2 Multiplayer.lnk
2015-10-23 17:17 - 2015-10-23 17:17 - 00000000 ____D C:\Program Files\Euro Truck Simulator 2 Multiplayer
2015-10-23 17:17 - 2015-10-23 17:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Euro Truck Simulator 2 Multiplayer
2015-10-21 18:17 - 2015-07-14 20:25 - 1979543610 _____ C:\Documents and Settings\Uživatel\Plocha\Šílený-Max-Zběsilá-cesta-2015-CZ-tit-v-obraze-Top-kvalita.avi
2015-10-18 12:37 - 2015-10-18 12:37 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Data aplikací\AVG
2015-10-17 09:51 - 2015-10-17 09:51 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Data aplikací\AVG
2015-10-16 21:26 - 2015-10-16 21:26 - 00001755 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG PC TuneUp 2015.lnk
2015-10-16 21:26 - 2015-10-16 21:26 - 00001749 _____ C:\Documents and Settings\All Users\Plocha\AVG PC TuneUp 2015.lnk
2015-10-16 21:26 - 2015-10-16 21:26 - 00001735 _____ C:\Documents and Settings\All Users\Plocha\AVG údržba 1 kliknutím.lnk
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\AVG
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\LocalService\Data aplikací\AVG
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG PC TuneUp 2015
2015-10-16 21:26 - 2015-05-15 14:57 - 00037176 _____ (AVG Technologies) C:\WINDOWS\system32\TURegOpt.exe
2015-10-16 21:25 - 2015-10-16 21:25 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\AVG
2015-10-16 21:22 - 2015-10-16 21:22 - 00000000 ____D C:\Program Files\AVG
2015-10-16 21:20 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG
2015-10-16 21:19 - 2015-10-16 21:19 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Opera Software
2015-10-16 21:19 - 2015-10-16 21:19 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Opera Software
2015-10-16 21:18 - 2015-11-07 08:34 - 00000398 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1445026697.job
2015-10-16 21:18 - 2015-10-16 21:18 - 00000675 _____ C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-10-16 21:18 - 2015-10-16 21:18 - 00000675 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-10-16 21:16 - 2015-11-05 15:13 - 00000000 ____D C:\Program Files\Opera
2015-10-16 21:16 - 2015-10-24 11:42 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Cheat Engine 6.4
2015-10-16 21:16 - 2015-10-16 21:16 - 00000000 ____D C:\Program Files\Cheat Engine 6.4
2015-10-15 12:06 - 2015-10-15 12:06 - 00053842 _____ C:\Documents and Settings\Uživatel\Plocha\ruže.php
2015-10-13 19:27 - 2015-10-13 19:27 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\WinRAR
2015-10-13 19:27 - 2015-10-13 19:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
2015-10-11 12:14 - 2015-10-11 12:14 - 00000000 ____D C:\Documents and Settings\UĹľivatel\Local Settings\Data aplikacĂ­
2015-10-11 12:14 - 2015-10-11 12:14 - 00000000 ____D C:\Documents and Settings\UĹľivatel
2015-10-10 12:56 - 2015-10-12 16:57 - 00000000 ____D C:\Minecraft
2015-10-08 16:52 - 2015-10-08 16:52 - 00000216 _____ C:\Documents and Settings\Uživatel\Plocha\MXGP - The Official Motocross Videogame Demo.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-07 14:01 - 2015-08-19 16:59 - 00000000 ____D C:\FRST
2015-11-07 14:01 - 2015-01-22 19:59 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\temp
2015-11-07 14:01 - 2015-01-03 12:08 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory
2015-11-07 14:01 - 2013-04-23 11:47 - 00000000 ____D C:\Program Files\Weather
2015-11-07 13:57 - 2013-04-23 08:00 - 00033360 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-11-07 13:51 - 2013-04-29 16:02 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Skype
2015-11-07 13:43 - 2015-02-12 17:03 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2015-11-07 13:43 - 2015-02-10 16:08 - 00000388 _____ C:\WINDOWS\Tasks\Overwolf Updater Task.job
2015-11-07 13:43 - 2015-02-10 16:07 - 00000000 ____D C:\Program Files\Overwolf
2015-11-07 13:43 - 2015-02-10 16:06 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Overwolf
2015-11-07 13:43 - 2013-04-22 16:24 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-11-07 13:41 - 2015-02-10 16:05 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-11-07 13:25 - 2015-07-01 20:11 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-07 13:20 - 2015-08-11 18:03 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-07 11:22 - 2014-02-07 20:45 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\LogMeIn Hamachi
2015-11-07 11:18 - 2013-04-22 14:30 - 01462307 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-07 11:12 - 2015-10-05 17:15 - 00000000 ____D C:\LFS
2015-11-07 11:11 - 2015-01-27 16:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-07 10:32 - 2013-04-23 11:38 - 00000000 ____D C:\Program Files\Steam
2015-11-07 08:53 - 2013-06-26 15:07 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\NFS Underground 2
2015-11-07 08:40 - 2015-01-21 18:09 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-11-07 08:36 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-07 08:35 - 2014-02-07 20:45 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2015-11-07 08:34 - 2015-08-11 18:03 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-07 08:34 - 2013-04-22 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-11-07 08:34 - 2013-04-22 16:26 - 00000049 _____ C:\WINDOWS\wiaservc.log
2015-11-07 08:34 - 2013-04-22 14:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 22:00 - 2014-09-19 22:00 - 02150832 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-11-06 22:00 - 2014-04-05 13:13 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-11-06 22:00 - 2013-04-22 14:34 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2015-11-06 22:00 - 2013-04-22 14:34 - 00000000 ____D C:\Documents and Settings\Uživatel
2015-11-06 22:00 - 2013-04-22 14:33 - 00032632 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-06 22:00 - 2013-04-22 14:33 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-11-05 15:10 - 2013-09-12 16:37 - 00000000 __SHD C:\WINDOWS\CSC
2015-11-03 18:07 - 2014-04-26 19:25 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Nico Mak Computing
2015-11-03 18:07 - 2013-04-22 14:34 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2015-11-03 17:08 - 2015-08-24 19:45 - 00000000 ____D C:\AdwCleaner
2015-11-02 20:30 - 2015-08-24 19:58 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2015-11-02 20:30 - 2013-04-22 16:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-11-02 20:21 - 2013-04-22 16:24 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-11-02 20:04 - 2013-04-22 14:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2015-11-02 16:44 - 2013-04-22 14:34 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2015-10-30 17:20 - 2013-04-22 14:34 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2015-10-29 13:43 - 2013-04-29 18:14 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Euro Truck Simulator 2
2015-10-28 10:55 - 2015-08-18 18:03 - 00583163 _____ C:\WINDOWS\setupapi.log
2015-10-26 11:11 - 2014-02-07 20:51 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys
2015-10-25 10:25 - 2013-04-22 16:24 - 01121880 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-24 20:21 - 2014-11-17 19:59 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-10-24 11:43 - 2013-06-10 17:39 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Street Racing Syndicate
2015-10-22 15:59 - 2015-03-28 18:03 - 00000000 ____D C:\WarThunder
2015-10-22 13:14 - 2015-03-29 09:12 - 00000000 ____D C:\Documents and Settings\Uživatel\.launcher_log
2015-10-21 18:17 - 2013-04-26 16:50 - 00071168 _____ C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-21 15:42 - 2013-04-29 16:23 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\.minecraft
2015-10-19 18:05 - 2015-09-16 14:10 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-10-18 12:37 - 2013-04-23 07:56 - 00000000 __RHD C:\Documents and Settings\UpdatusUser\Data aplikací
2015-10-17 09:51 - 2013-04-23 07:56 - 00000000 ___HD C:\Documents and Settings\UpdatusUser\Local Settings\Data aplikací
2015-10-16 21:26 - 2013-04-22 14:33 - 00000000 ____D C:\Documents and Settings\LocalService\Data aplikací
2015-10-16 21:22 - 2014-05-06 14:11 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\AVG
2015-10-16 19:25 - 2013-04-27 11:15 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-10-16 19:25 - 2013-04-27 11:15 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-10-15 19:25 - 2013-04-29 16:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2015-10-13 19:27 - 2014-05-16 15:05 - 00000000 ____D C:\Program Files\WinRAR
2015-10-13 19:27 - 2013-04-22 14:34 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2015-10-10 12:56 - 2013-06-02 11:54 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\GHISLER
2015-10-08 16:52 - 2014-06-21 10:45 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\Steam
2015-10-08 16:51 - 2015-09-11 15:53 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Aerosoft
2015-10-08 16:51 - 2013-04-23 07:59 - 00000000 ___HD C:\Program Files\InstallShield Installation Information

==================== Files in the root of some directories =======

2014-03-18 21:54 - 2014-03-18 21:54 - 33908960 _____ () C:\Program Files\AvatarGameCZ.exe
2013-10-04 15:33 - 2013-10-04 15:33 - 4241280 _____ (Dll-Files.com ) C:\Program Files\dffsetup-d3d11.exe
2013-06-10 18:44 - 2013-06-10 18:44 - 0011291 _____ () C:\Documents and Settings\Uživatel\Data aplikací\SmarThruOptions.xml
2013-04-26 16:50 - 2015-10-21 18:17 - 0071168 _____ () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\temp\sqlite3.dll
C:\Documents and Settings\Uživatel\Local Settings\temp\CmdLineExt.dll
C:\Documents and Settings\Uživatel\Local Settings\temp\SkypeSetup.exe
C:\Documents and Settings\Uživatel\Local Settings\temp\~5D8.exe
C:\Documents and Settings\Uživatel\Local Settings\temp\~5D9.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

[Márty84]

Fakt jste nechala odstranit nalezy ADWCleaneru? Porad tam vidim to, co by mel normalne odstranit
Ten novy log z MBAM taky neni zrovna takovy, jaky bych ocekaval


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[dapemato]

# AdwCleaner v5.019 - Logfile created 08/11/2015 at 20:10:29
# Updated 08/11/2015 by Xplode
# Database : 2015-11-08.2 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Uživatel - U-398F8DF968D14
# Running from : C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\adwcleaner_5.019.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

File Found : C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\user.js

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Download.SwInstaller
Key Found : HKLM\SOFTWARE\Classes\Download.SwInstaller.1
Key Found : HKLM\SOFTWARE\Classes\Download.SwInstallerAttributes
Key Found : HKLM\SOFTWARE\Classes\Download.SwInstallerAttributes.1
Key Found : HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl
Key Found : HKLM\SOFTWARE\Classes\Swdir.SwInstallerCtl.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{8663977e-01e4-4f5c-b343-4675834e8a9f}
Key Found : HKLM\SOFTWARE\Classes\Interface\{e59567b2-2035-4a62-8b1e-f27a426bbca9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1F91A9A1-01BA-4C81-863D-3BA0751E1419}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8663977e-01e4-4f5c-b343-4675834e8a9f}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cb29ad2-ca79-46e5-865c-8d56b2bce662}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9d1a84cb-3e2b-4cce-b7b7-d0214959f011}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aed6e119-4324-4e26-956b-6ad9acef9e7e}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cb39f555-997f-45cb-8086-e5e6e2866daf}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e59567b2-2035-4a62-8b1e-f27a426bbca9}
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\CoinisRS
Key Found : HKCU\Software\DownLite
Key Found : HKCU\Software\PRODUCTSETUP
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.istartsurf.com/?type=hppp&ts=143922 ... J1LS802805
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2910A40F-3882-452F-A83F-6892F0A50582}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6843c611-16a1-4008-9935-abee902b0711}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{69c7e45f-b26d-484e-9531-f4d558bc12d6}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B28D168B-7E76-4539-906F-8251F9C08F5E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cacfcb71-a0e9-4db4-9236-16418456ee16}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{fba920f7-3fdb-4b8f-aadc-d0ff9d6f73ae}

***** [ Web browsers ] *****

[C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\prefs.js] [Preference] Found : user_pref("browser.newtab.url", "hxxp://www.istartsurf.com/newtab/?type=nt&ts=1 ... J1LS802805");
[C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\prefs.js] [Preference] Found : user_pref("browser.search.defaultenginename", "istartsurf");
[C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\prefs.js] [Preference] Found : user_pref("browser.search.selectedEngine", "istartsurf");
[C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : istartsurf.com
[C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : istartsurf
[C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://www.istartsurf.com/?type=hppp&ts=143922 ... J1LS802805
[C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.istartsurf.com/webfavicon.ico
[C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://www.istartsurf.com/web/?type=dspp&ts=14 ... earchTerms}
[C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.istartsurf.com/?type=hppp&ts=143922 ... J1LS802805

########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [6040 bytes] ##########

další...

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: U~ivatel

User: uživatel

User: U§ivatel
->Temporary Internet Files folder emptied: 0 bytes

User: U×ivatel
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Uživatel
->Temp folder emptied: 42761391 bytes
->Temporary Internet Files folder emptied: 233715576 bytes
->FireFox cache emptied: 369093668 bytes
->Google Chrome cache emptied: 819568 bytes
->Flash cache emptied: 6236 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10544763 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 908722734 bytes

Total Files Cleaned = 1 493,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: UpdatusUser

User: U~ivatel

User: uživatel

User: U§ivatel

User: U×ivatel

User: Uživatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\SecurityScanner\McUicnt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\SecurityScanner folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\SecurityScan_Inner folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\McUicnt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\McUICnt\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\McLightInstaller\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\McLightInstaller folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\Common\McUICnt folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\Common\McCHSvc folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS\Common folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee\MCLOGS folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\McAfee folder moved successfully.
C:\DelFix.txt moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 02082015_182627

Files moved on Reboot...
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\EJ1BC178\desktop.ini not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\DLOIMZRB\desktop.ini not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CZGV85X2\desktop.ini not found!
File C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\BXC2JK5P\desktop.ini not found!
File move failed. C:\WINDOWS\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

a ještě


Zoek.exe v5.0.0.1 Updated 08-November-2015
Tool run by Uživatel on ne 08.11.2015 at 20:25:41,17.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.11.2015 20:28:11 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\DOCUME~1\ALLUSE~1\DATAAP~1\CenlEdosu deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Riot Games deleted successfully
C:\Documents and Settings\Uživatel\Data aplikací\Media Player Classic deleted successfully
C:\Documents and Settings\Uživatel\Data aplikací\SanDisk SecureAccess deleted successfully
C:\Documents and Settings\Uživatel\Data aplikací\wfirewall deleted successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\WarThunder deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Documents and Settings\ADMINI~1.U-3\Data aplikací\Mozilla\Firefox\Profiles\ldo66aby.default\prefs.js:

Added to C:\Documents and Settings\ADMINI~1.U-3\Data aplikací\Mozilla\Firefox\Profiles\ldo66aby.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Documents and Settings\UIVATE~1\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\prefs.js:

Added to C:\Documents and Settings\UIVATE~1\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Documents and Settings\Uživatel\Data aplikací\.technic deleted
C:\Documents and Settings\Uživatel\Data aplikací\mctitanpokemine3 deleted
C:\Program Files\Sweet Home 3D deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Package Cache deleted
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity deleted
C:\WINDOWS\SET104.tmp deleted
C:\WINDOWS\SET107.tmp deleted
C:\WINDOWS\SET113.tmp deleted
C:\WINDOWS\System32\SET2DA.tmp deleted
C:\WINDOWS\System32\SET2DB.tmp deleted
C:\WINDOWS\System32\SET2DC.tmp deleted
C:\WINDOWS\System32\SET87.tmp deleted
C:\WINDOWS\System32\SET88.tmp deleted
C:\WINDOWS\System32\SET8E.tmp deleted
C:\WINDOWS\System32\SETE2B.tmp deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Documents and Settings\ADMINI~1.U-3\Data aplikací\Mozilla\Firefox\Profiles\ldo66aby.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Documents and Settings\UIVATE~1\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [25.08.2015 09:06]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default
7E54D1EC87CE306CB1A26CE59AFE6E37 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
D33D39A318AEA70691CED7530E2D9DF9 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
CFBC726A1712BD8DC9914EA06DBCE20B - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
7D127425BBE91DF37448A7F44C1DDA52 - C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll - Google Update
AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25
238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18
78006383FEDBCDC290B8BD178903D6AB - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director
863AF0003392FEBC2667A8A790DED955 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.80

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21.01.2015 18:18]

Avast Online Security - Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Startpages ======================

C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",
"urls_to_restore_on_startup": [ "http://www.google.com" ]

C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
p":4,"startup_urls":[]},"homepage":"http://www.google.com/"}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Opera Software\Opera Stable\Preferences was reset successfully
C:\Documents and Settings\Uživatel\Data aplikací\Opera Software\Opera Stable\Preferences was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data-journal.protect was reset successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data.protect was reset successfully
C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Opera Software\Opera Stable\Web Data was reset successfully
C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Opera Software\Opera Stable\Web Data-journal was reset successfully
C:\Documents and Settings\Uživatel\Data aplikací\Opera Software\Opera Stable\Web Data was reset successfully
C:\Documents and Settings\Uživatel\Data aplikací\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Uživatel\Local Settings\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\96COM7WM will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CUEXYGD0 will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\F0PCBBYK will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G7FBXGDG will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\HLA3PCFR will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\ldo66aby.default\cache2 emptied successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací\Opera Software\Opera Stable\Cache emptied successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Opera Software\Opera Stable\Cache emptied successfully
C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2741 folders=613 2930566226 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Administrator\Local Settings\temp emptied successfully
C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\temp emptied successfully
C:\Documents and Settings\UpdatusUser\Local Settings\temp emptied successfully
C:\Documents and Settings\Uživatel\Local Settings\temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\Uživatel\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\96COM7WM" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\CUEXYGD0" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\F0PCBBYK" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\G7FBXGDG" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\HLA3PCFR" not deleted

==== EOF on ne 08.11.2015 at 21:53:38,79 ======================

[Márty84]

Prosim ctete a delejte ty kroky pecliveji, jinak to nema smysl

Log z ADWCleaneru je opet jen ze skenu, misto po odstraneni nalezu.

Dale jste poslala log z OTM, pritom to jsme ted spolu vubec nepouzili (je z 2.8.)

Chybi log z Junkware.

Takhle to fakt nepujde

[dapemato]

adwcleaner ... scan a poté cleaning...toto vyběhlo

# AdwCleaner v5.019 - Logfile created 10/11/2015 at 20:34:15
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Uživatel - U-398F8DF968D14
# Running from : C:\Documents and Settings\Uživatel\Plocha\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [707 bytes] ##########

[dapemato]

teď jrt.txt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Microsoft Windows XP x86
Ran by Uživatel on út 10.11.2015 at 20:41:29,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Documents and Settings\Uživatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Documents and Settings\Uživatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Documents and Settings\Uživatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Documents and Settings\Uživatel\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on út 10.11.2015 at 20:44:38,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Márty84]

OK.

Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[dapemato]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by Uživatel (administrator) on U-398F8DF968D14 (10-11-2015 22:01:04)
Running from C:\Documents and Settings\Uživatel\Plocha
Loaded Profiles: Uživatel & UpdatusUser (Available Profiles: Uživatel & UpdatusUser & Administrator)
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(weather-life.com) C:\Program Files\Weather\weather.exe
(Overwolf LTD) C:\Program Files\Overwolf\Overwolf.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
() C:\Program Files\Weather\usbwr.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\WINDOWS\system32\PnkBstrA.exe
(AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Overwolf LTD) C:\Program Files\Common Files\Overwolf\0.53.394.0\OverwolfHelper.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [amd_dc_opt] => C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18702336 2013-04-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [cfweatherStation] => C:\Program Files\Weather\Weather.exe [536064 2008-07-16] (weather-life.com)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Overwolf] => C:\Program Files\Overwolf\\Overwolf.exe [39200 2014-05-28] (Overwolf LTD)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [tscuninstall] => %systemroot%\system32\tscupgrd.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-01-21] (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:203cdca2 /dir:C:\Program

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{21DDFDED-7FD1-4198-988D-2F0EEF8BBB88}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION => Default URLSearchHook is missing
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-21] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-26] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-1644491937-73586283-682003330-1003 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll [2008-04-14] (Společnost Microsoft)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\n3t41v53.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll [2013-04-26] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1644491937-73586283-682003330-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-1644491937-73586283-682003330-1003: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-18] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-25] [not signed]

Chrome:
=======
CHR Profile: C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Avast Online Security) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-21] (AVAST Software)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1893384 2015-10-26] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-10-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [1864480 2014-05-28] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2013-10-04] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2445112 2015-05-15] (AVG Technologies)
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913920 2007-01-05] (Microsoft Corporation) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2013-04-23] (Creative)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2015-01-21] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2015-01-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2015-01-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2015-01-21] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2015-01-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2015-01-21] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2015-01-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2015-01-21] ()
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [278984 2013-05-22] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [38400 2009-02-04] (Samsung Electronics Co., Ltd.) [File not signed]
R3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25416 2013-05-22] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2013-04-23] (Creative Technology Ltd.)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2013-04-23] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NVHDA; C:\WINDOWS\System32\drivers\nvhda32.sys [128440 2012-12-19] (NVIDIA Corporation)
R0 sfdrv01; C:\WINDOWS\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\WINDOWS\System32\drivers\sfvfs02.sys [66048 2005-09-29] (Protection Technology) [File not signed]
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2015-05-15] (TuneUp Software)
S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
S4 IntelIde; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-10 22:01 - 2015-11-10 22:01 - 00014673 _____ C:\Documents and Settings\Uživatel\Plocha\FRST.txt
2015-11-10 21:59 - 2015-11-10 21:59 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Uživatel\Plocha\FRSTLauncher.exe
2015-11-10 21:56 - 2015-11-10 21:57 - 01702400 _____ (Farbar) C:\Documents and Settings\Uživatel\Plocha\FRST.exe
2015-11-10 21:30 - 2015-11-10 22:01 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Temp
2015-11-10 21:30 - 2015-11-10 21:30 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\temp
2015-11-10 21:30 - 2015-11-10 21:30 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2015-11-10 21:30 - 2015-11-10 21:30 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2015-11-10 21:30 - 2015-11-10 21:30 - 00000000 ____D C:\Documents and Settings\Default User\Local Settings\Temp
2015-11-10 21:30 - 2015-11-10 21:30 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2015-11-10 21:30 - 2015-11-10 21:30 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Temp
2015-11-10 21:30 - 2015-11-10 20:46 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-10 20:48 - 2015-11-08 21:53 - 00016169 _____ C:\zoek-results2015-11-08-205338.log
2015-11-10 20:46 - 2015-11-10 20:46 - 01309184 _____ C:\Documents and Settings\Uživatel\Plocha\zoek.exe
2015-11-10 20:41 - 2015-11-10 20:41 - 01801288 _____ (Malwarebytes) C:\Documents and Settings\Uživatel\Plocha\JRT.exe
2015-11-10 20:32 - 2015-11-10 20:32 - 01712128 _____ C:\Documents and Settings\Uživatel\Plocha\adwcleaner_5.019.exe
2015-11-08 20:28 - 2015-11-10 21:42 - 00011028 _____ C:\zoek-results.log
2015-11-08 20:24 - 2015-11-08 21:12 - 00000000 ____D C:\zoek_backup
2015-11-07 19:41 - 2015-11-07 19:44 - 54374665 _____ C:\Documents and Settings\Uživatel\Dokumenty\Tatra_148_pack.rar
2015-11-07 13:43 - 2015-11-07 13:43 - 00001461 _____ C:\Documents and Settings\All Users\Plocha\Overwolf.lnk
2015-11-07 13:41 - 2015-11-07 13:41 - 00000837 _____ C:\Documents and Settings\All Users\Plocha\TeamSpeak 3 Client.lnk
2015-11-07 10:11 - 2015-11-07 11:11 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-03 17:07 - 2015-11-03 17:07 - 01708032 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Plocha\adwcleaner_5.017.exe
2015-11-03 17:07 - 2015-11-03 17:07 - 00000664 _____ C:\WINDOWS\system32\d3d9caps.dat
2015-11-03 17:06 - 2015-11-03 17:07 - 01708032 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Dokumenty\adwcleaner_5.017.exe
2015-11-03 17:06 - 2015-11-03 17:06 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací\Opera Software
2015-11-03 17:06 - 2015-11-03 17:06 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Opera Software
2015-11-02 20:35 - 2015-11-02 20:35 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Malwarebytes
2015-11-02 20:30 - 2015-11-02 20:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
2015-11-02 20:16 - 2015-11-02 20:18 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Dokumenty\Stažené soubory
2015-11-02 20:16 - 2015-11-02 20:16 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Macromedia
2015-11-02 20:16 - 2015-11-02 20:16 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Adobe
2015-11-02 20:14 - 2015-11-02 20:14 - 00000000 __SHD C:\Documents and Settings\Administrator.U-398F8DF968D14\IETldCache
2015-11-02 20:14 - 2015-11-02 20:14 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací\Mozilla
2015-11-02 20:14 - 2015-11-02 20:14 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací\Mozilla
2015-11-02 20:13 - 2015-11-04 21:48 - 00000178 ___SH C:\Documents and Settings\Administrator.U-398F8DF968D14\ntuser.ini
2015-11-02 20:13 - 2015-11-03 17:07 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Plocha
2015-11-02 20:13 - 2015-11-03 17:07 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Dokumenty
2015-11-02 20:13 - 2015-11-03 17:06 - 00000000 __RHD C:\Documents and Settings\Administrator.U-398F8DF968D14\Data aplikací
2015-11-02 20:13 - 2015-11-03 17:06 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Local Settings\Data aplikací
2015-11-02 20:13 - 2015-11-02 20:14 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14
2015-11-02 20:13 - 2015-08-18 18:17 - 00001599 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Vzdálená pomoc.lnk
2015-11-02 20:13 - 2015-08-18 18:17 - 00000792 _____ C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Windows Media Player.lnk
2015-11-02 20:13 - 2015-08-18 18:17 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy
2015-11-02 20:13 - 2015-08-18 18:16 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Příslušenství
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start\Programy\Po spuštění
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___RD C:\Documents and Settings\Administrator.U-398F8DF968D14\Nabídka Start
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Okolní tiskárny
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Okolní síť
2015-11-02 20:13 - 2013-04-22 16:24 - 00000000 ____D C:\Documents and Settings\Administrator.U-398F8DF968D14\Oblíbené položky
2015-11-02 20:13 - 2013-04-22 14:28 - 00000000 ___HD C:\Documents and Settings\Administrator.U-398F8DF968D14\Šablony
2015-11-02 20:03 - 2015-11-02 20:03 - 11021080 _____ C:\Documents and Settings\Uživatel\Plocha\VID_20150620_180746.3gp
2015-11-01 09:37 - 2015-11-02 20:30 - 00000784 _____ C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
2015-11-01 09:37 - 2015-11-01 09:37 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes Anti-Malware
2015-11-01 09:36 - 2015-11-01 09:36 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-11-01 09:36 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-28 10:55 - 2015-10-28 10:55 - 00000000 ____D C:\Program Files\LogMeIn Hamachi
2015-10-28 10:55 - 2015-10-28 10:55 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\LogMeIn Hamachi
2015-10-27 12:32 - 2015-10-22 10:15 - 201812804 _____ C:\Documents and Settings\Uživatel\Dokumenty\Scania r700 v3.scs
2015-10-26 16:04 - 2015-10-26 16:04 - 00021453 _____ C:\Documents and Settings\Uživatel\Dokumenty\index.php
2015-10-23 17:17 - 2015-10-23 17:56 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\ETS2MP
2015-10-23 17:17 - 2015-10-23 17:17 - 00000864 _____ C:\Documents and Settings\All Users\Plocha\Play Euro Truck Simulator 2 Multiplayer.lnk
2015-10-23 17:17 - 2015-10-23 17:17 - 00000000 ____D C:\Program Files\Euro Truck Simulator 2 Multiplayer
2015-10-23 17:17 - 2015-10-23 17:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Euro Truck Simulator 2 Multiplayer
2015-10-21 18:17 - 2015-07-14 20:25 - 1979543610 _____ C:\Documents and Settings\Uživatel\Plocha\Šílený-Max-Zběsilá-cesta-2015-CZ-tit-v-obraze-Top-kvalita.avi
2015-10-18 12:37 - 2015-10-18 12:37 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Data aplikací\AVG
2015-10-17 09:51 - 2015-10-17 09:51 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Data aplikací\AVG
2015-10-16 21:26 - 2015-10-16 21:26 - 00001755 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG PC TuneUp 2015.lnk
2015-10-16 21:26 - 2015-10-16 21:26 - 00001749 _____ C:\Documents and Settings\All Users\Plocha\AVG PC TuneUp 2015.lnk
2015-10-16 21:26 - 2015-10-16 21:26 - 00001735 _____ C:\Documents and Settings\All Users\Plocha\AVG údržba 1 kliknutím.lnk
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\AVG
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\LocalService\Data aplikací\AVG
2015-10-16 21:26 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\AVG PC TuneUp 2015
2015-10-16 21:26 - 2015-05-15 14:57 - 00037176 _____ (AVG Technologies) C:\WINDOWS\system32\TURegOpt.exe
2015-10-16 21:25 - 2015-10-16 21:25 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\AVG
2015-10-16 21:22 - 2015-10-16 21:22 - 00000000 ____D C:\Program Files\AVG
2015-10-16 21:20 - 2015-10-16 21:26 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\AVG
2015-10-16 21:19 - 2015-10-16 21:19 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Opera Software
2015-10-16 21:19 - 2015-10-16 21:19 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Opera Software
2015-10-16 21:18 - 2015-11-10 21:42 - 00000398 _____ C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1445026697.job
2015-10-16 21:18 - 2015-10-16 21:18 - 00000675 _____ C:\Documents and Settings\All Users\Plocha\Opera.lnk
2015-10-16 21:18 - 2015-10-16 21:18 - 00000675 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Opera.lnk
2015-10-16 21:16 - 2015-11-05 15:13 - 00000000 ____D C:\Program Files\Opera
2015-10-16 21:16 - 2015-10-24 11:42 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Cheat Engine 6.4
2015-10-16 21:16 - 2015-10-16 21:16 - 00000000 ____D C:\Program Files\Cheat Engine 6.4
2015-10-15 12:06 - 2015-10-15 12:06 - 00053842 _____ C:\Documents and Settings\Uživatel\Plocha\ruže.php
2015-10-13 19:27 - 2015-10-13 19:27 - 00000000 ____D C:\Documents and Settings\Uživatel\Nabídka Start\Programy\WinRAR
2015-10-13 19:27 - 2015-10-13 19:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\WinRAR
2015-10-11 12:14 - 2015-10-11 12:14 - 00000000 ____D C:\Documents and Settings\UĹľivatel\Local Settings\Data aplikacĂ­
2015-10-11 12:14 - 2015-10-11 12:14 - 00000000 ____D C:\Documents and Settings\UĹľivatel

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-10 22:01 - 2015-08-19 16:59 - 00000000 ____D C:\FRST
2015-11-10 22:01 - 2013-04-23 11:47 - 00000000 ____D C:\Program Files\Weather
2015-11-10 22:01 - 2013-04-22 14:34 - 00000000 ____D C:\Documents and Settings\Uživatel\Plocha
2015-11-10 22:00 - 2013-04-22 14:34 - 00000000 ___HD C:\Documents and Settings\Uživatel\Local Settings\Data aplikací
2015-11-10 21:59 - 2013-04-23 08:00 - 00033360 _____ C:\WINDOWS\system32\nvAppTimestamps
2015-11-10 21:48 - 2015-01-21 18:09 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-11-10 21:44 - 2013-04-29 16:02 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\Skype
2015-11-10 21:44 - 2013-04-22 14:30 - 01540142 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-10 21:44 - 2008-04-14 13:00 - 00013646 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-10 21:43 - 2015-02-10 16:06 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\Overwolf
2015-11-10 21:43 - 2014-02-07 20:45 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\LogMeIn Hamachi
2015-11-10 21:43 - 2014-02-07 20:45 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2015-11-10 21:43 - 2013-04-22 16:26 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-11-10 21:43 - 2013-04-22 16:26 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-11-10 21:42 - 2015-08-11 18:03 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-10 21:42 - 2013-04-22 14:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-10 21:41 - 2014-09-19 22:00 - 02150832 _____ C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
2015-11-10 21:41 - 2014-04-05 13:13 - 00065536 _____ C:\WINDOWS\system32\config\TuneUp.evt
2015-11-10 21:41 - 2013-04-22 14:34 - 00000178 ___SH C:\Documents and Settings\Uživatel\ntuser.ini
2015-11-10 21:41 - 2013-04-22 14:33 - 00032504 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-10 21:41 - 2013-04-22 14:33 - 00000000 ___HD C:\Documents and Settings\LocalService\Local Settings\Data aplikací
2015-11-10 21:25 - 2015-07-01 20:11 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-10 21:25 - 2013-04-27 11:15 - 00780488 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-11-10 21:25 - 2013-04-27 11:15 - 00142536 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-11-10 21:20 - 2015-08-11 18:03 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-10 20:42 - 2013-04-23 07:56 - 00000178 ___SH C:\Documents and Settings\UpdatusUser\ntuser.ini
2015-11-10 20:34 - 2015-08-24 19:45 - 00000000 ____D C:\AdwCleaner
2015-11-10 20:29 - 2015-01-03 12:08 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Stažené soubory
2015-11-10 19:43 - 2015-02-10 16:08 - 00000388 _____ C:\WINDOWS\Tasks\Overwolf Updater Task.job
2015-11-10 18:17 - 2013-04-23 11:38 - 00000000 ____D C:\Program Files\Steam
2015-11-10 07:03 - 2013-04-22 14:34 - 00000000 ____D C:\Documents and Settings\Uživatel
2015-11-10 07:02 - 2013-04-22 14:34 - 00000000 ___RD C:\Documents and Settings\Uživatel\Dokumenty
2015-11-09 14:29 - 2015-07-13 16:39 - 00000000 ____D C:\Program Files\Farming Simulator 2015
2015-11-08 21:13 - 2013-04-22 16:24 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-11-08 21:13 - 2013-04-22 14:34 - 00000000 __RHD C:\Documents and Settings\Uživatel\Data aplikací
2015-11-08 10:35 - 2015-01-27 16:55 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-07 20:20 - 2015-10-05 17:15 - 00000000 ____D C:\LFS
2015-11-07 19:43 - 2015-02-10 16:07 - 00000000 ____D C:\Program Files\Overwolf
2015-11-07 17:38 - 2013-06-26 15:07 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\NFS Underground 2
2015-11-07 13:43 - 2015-02-12 17:03 - 00000000 ____D C:\Program Files\Common Files\Overwolf
2015-11-07 13:43 - 2013-04-22 16:24 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-11-07 13:41 - 2015-02-10 16:05 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-11-05 15:10 - 2013-09-12 16:37 - 00000000 __SHD C:\WINDOWS\CSC
2015-11-02 20:30 - 2015-08-24 19:58 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2015-11-02 20:30 - 2013-04-22 16:24 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-10-29 13:43 - 2013-04-29 18:14 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Euro Truck Simulator 2
2015-10-28 10:55 - 2015-08-18 18:03 - 00583163 _____ C:\WINDOWS\setupapi.log
2015-10-26 11:11 - 2014-02-07 20:51 - 00026176 ____H (LogMeIn, Inc.) C:\WINDOWS\system32\hamachi.sys
2015-10-25 10:25 - 2013-04-22 16:24 - 01121880 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-24 20:21 - 2014-11-17 19:59 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-10-24 11:43 - 2013-06-10 17:39 - 00000000 ____D C:\Documents and Settings\Uživatel\Dokumenty\Street Racing Syndicate
2015-10-22 15:59 - 2015-03-28 18:03 - 00000000 ____D C:\WarThunder
2015-10-22 13:14 - 2015-03-29 09:12 - 00000000 ____D C:\Documents and Settings\Uživatel\.launcher_log
2015-10-21 18:17 - 2013-04-26 16:50 - 00071168 _____ C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-21 15:42 - 2013-04-29 16:23 - 00000000 ____D C:\Documents and Settings\Uživatel\Data aplikací\.minecraft
2015-10-19 18:05 - 2015-09-16 14:10 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2015-10-18 12:37 - 2013-04-23 07:56 - 00000000 __RHD C:\Documents and Settings\UpdatusUser\Data aplikací
2015-10-17 09:51 - 2013-04-23 07:56 - 00000000 ___HD C:\Documents and Settings\UpdatusUser\Local Settings\Data aplikací
2015-10-16 21:26 - 2013-04-22 14:33 - 00000000 ____D C:\Documents and Settings\LocalService\Data aplikací
2015-10-16 21:22 - 2014-05-06 14:11 - 00000000 ____D C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\AVG
2015-10-15 19:25 - 2013-04-29 16:01 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2015-10-13 19:27 - 2014-05-16 15:05 - 00000000 ____D C:\Program Files\WinRAR
2015-10-13 19:27 - 2013-04-22 14:34 - 00000000 ___RD C:\Documents and Settings\Uživatel\Nabídka Start\Programy
2015-10-12 16:57 - 2015-10-10 12:56 - 00000000 ____D C:\Minecraft

==================== Files in the root of some directories =======

2014-03-18 21:54 - 2014-03-18 21:54 - 33908960 _____ () C:\Program Files\AvatarGameCZ.exe
2013-10-04 15:33 - 2013-10-04 15:33 - 4241280 _____ (Dll-Files.com ) C:\Program Files\dffsetup-d3d11.exe
2013-06-10 18:44 - 2013-06-10 18:44 - 0011291 _____ () C:\Documents and Settings\Uživatel\Data aplikací\SmarThruOptions.xml
2013-04-26 16:50 - 2015-10-21 18:17 - 0071168 _____ () C:\Documents and Settings\Uživatel\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:298.08 GB) (Free:15.3 GB) NTFS ==>[drive with boot components (Windows XP)]

Available physical RAM: 2068.45 MB
Total physical RAM: 3071.11 MB
Percentage of memory in use: 32%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298.1 GB) (Disk ID: C0F2C0F2)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1445026697.job => C:\Program Files\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\Overwolf Updater Task.job => C:\Program Files\Overwolf\OverwolfUpdater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Uivatel\Plocha" je 4099 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\TopCD\\Traktor 3\\farm2012.dll"="C:\\TopCD\\Traktor 3\\farm2012.dll:*:Disabled:Agrar Simulator 2011"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2045\\Agent.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2045\\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe:*:Enabled:Mafia II"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\TopCD\\Traktor 2\\game.exe"="C:\\TopCD\\Traktor 2\\game.exe:*:Enabled:GIANTS Game Engine"
"C:\\Program Files\\Steam\\Steam.exe"="C:\\Program Files\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe:*:Enabled:Need for Speed World"
"C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe"="C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\Avatar.exe:*:Enabled:James Cameron's AVATAR(tm): THE GAME"
"C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe"="C:\\Program Files\\Ubisoft\\James Cameron's AVATAR - THE GAME\\bin\\AvatarLauncher.exe:*:Enabled:Updater"
"C:\\Program Files\\Steam\\SteamApps\\common\\LEGO Marvel Super Heroes\\LEGOMARVEL.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\LEGO Marvel Super Heroes\\LEGOMARVEL.exe:*:Enabled:LEGO MARVEL Super Heroes"
"C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"="C:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe:*:Enabled:speed2"
"C:\\Documents and Settings\\Uivatel\\Data aplikac\\uTorrent\\utorrent.exe"="C:\\Documents and Settings\\Uivatel\\Data aplikac\\uTorrent\\utorrent.exe:*:Enabled:Torrent"
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"="C:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe:*:Disabled:Crysis2"
"C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham City Demo\\Binaries\\Win32\\BatmanAC.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham City Demo\\Binaries\\Win32\\BatmanAC.exe:*:Enabled:Batman: Arkham City Demo"
"C:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"="C:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Java\\jre1.8.0_25\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.8.0_25\\bin\\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Steam\\SteamApps\\common\\Spintires\\SpinTires.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Spintires\\SpinTires.exe:*:Enabled:Spintires"
"C:\\WarThunder\\launcher.exe"="C:\\WarThunder\\launcher.exe:*:Enabled:War Thunder launcher"
"C:\\WarThunder\\bpreport.exe"="C:\\WarThunder\\bpreport.exe:*:Enabled:War Thunder Crash Reporter"
"C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2880\\Agent.exe"="C:\\Documents and Settings\\All Users\\Data aplikac\\Battle.net\\Agent\\Agent.2880\\Agent.exe:*:Enabled:Battle.net Update Agent"
"C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham Origins\\SinglePlayer\\Binaries\\Win32\\BatmanOrigins.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham Origins\\SinglePlayer\\Binaries\\Win32\\BatmanOrigins.exe:*:Enabled:Batman: Arkham Origins"
"C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham Origins\\Online\\Binaries\\Win32\\BatmanOriginsOnline.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Batman Arkham Origins\\Online\\Binaries\\Win32\\BatmanOriginsOnline.exe:*:Enabled:Batman: Arkham Origins"
"C:\\Program Files\\Farming Simulator 2015\\FarmingSimulator2015.exe"="C:\\Program Files\\Farming Simulator 2015\\FarmingSimulator2015.exe:*:Enabled:Farming Simulator 15"
"C:\\Program Files\\Farming Simulator 2015\\x86\\FarmingSimulator2015Game.exe"="C:\\Program Files\\Farming Simulator 2015\\x86\\FarmingSimulator2015Game.exe:*:Enabled:Farming Simulator 15"
"C:\\Program Files\\Farming Simulator 2015\\x64\\FarmingSimulator2015Game.exe"="C:\\Program Files\\Farming Simulator 2015\\x64\\FarmingSimulator2015Game.exe:*:Enabled:Farming Simulator 15"
"C:\\Documents and Settings\\Uivatel\\WoTLauncher.exe"="C:\\Documents and Settings\\Uivatel\\WoTLauncher.exe:*:Enabled:World of Tanks Launcher"
"C:\\Games\\World_of_Tanks\\WoTLauncher.exe"="C:\\Games\\World_of_Tanks\\WoTLauncher.exe:*:Enabled:World of Tanks_Launcher"
"C:\\Games\\World_of_Tanks\\WorldofTanks.exe"="C:\\Games\\World_of_Tanks\\WorldofTanks.exe:*:Enabled:World of Tanks"
"C:\\TopCD\\Race\\Race.exe"="C:\\TopCD\\Race\\Race.exe:*:Enabled:Race"
"C:\\Program Files\\Steam\\SteamApps\\common\\Blockade3d\\main.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Blockade3d\\main.exe:*:Enabled:BLOCKADE 3D"
"C:\\Program Files\\Steam\\SteamApps\\common\\MXGP - The Official Motocross Videogame Demo\\MXGP.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\MXGP - The Official Motocross Videogame Demo\\MXGP.exe:*:Enabled:MXGP - The Official Motocross Videogame Demo"
"C:\\Program Files\\Java\\jre1.8.0_25\\bin\\java.exe"="C:\\Program Files\\Java\\jre1.8.0_25\\bin\\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\_Petra\\hry\\MotoGP2\\motogp2.exe"="C:\\_Petra\\hry\\MotoGP2\\motogp2.exe:*:Enabled:motogp2"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:'Firefox' (C:\\Program Files\\Mozilla Firefox)"
"C:\\Program Files\\Steam\\SteamApps\\common\\Euro Truck Simulator 2\\bin\\win_x86\\eurotrucks2.exe"="C:\\Program Files\\Steam\\SteamApps\\common\\Euro Truck Simulator 2\\bin\\win_x86\\eurotrucks2.exe:*:Enabled:Euro Truck Simulator 2"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP"="139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002"
"443:TCP"="443:TCP:*:Enabled:War Thunder"
"20010:UDP"="20010:UDP:*:Enabled:War Thunder"
"3478:UDP"="3478:UDP:*:Enabled:War Thunder"
"7850:TCP"="7850:TCP:*:Enabled:War Thunder"
"7852:TCP"="7852:TCP:*:Enabled:War Thunder"
"7853:TCP"="7853:TCP:*:Enabled:War Thunder"
"27022:TCP"="27022:TCP:*:Enabled:War Thunder"
"6881:TCP"="6881:TCP:*:Enabled:War Thunder"
"33333:TCP"="33333:TCP:*:Enabled:War Thunder"
"20443:TCP"="20443:TCP:*:Enabled:War Thunder"
"8090:TCP"="8090:TCP:*:Enabled:War Thunder"
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"80:TCP"="80:TCP:*:Enabled:War Thunder"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

[Márty84]

***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Uivatel\Plocha" je 4099 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku


Pozor na pouzivani TuneUp, dokaze to nadelat peknou paseku


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION => Default URLSearchHook is missing
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)

2015-11-10 21:30 - 2015-11-10 20:46 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-10 20:48 - 2015-11-08 21:53 - 00016169 _____ C:\zoek-results2015-11-08-205338.log
2015-11-08 20:28 - 2015-11-10 21:42 - 00011028 _____ C:\zoek-results.log
2015-11-08 20:24 - 2015-11-08 21:12 - 00000000 ____D C:\zoek_backup

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1445026697.job => C:\Program Files\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\Overwolf Updater Task.job => C:\Program Files\Overwolf\OverwolfUpdater.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[dapemato]

Fix result of Farbar Recovery Scan Tool (x86) Version:16-11-2015
Ran by Uživatel (2015-11-17 15:44:19) Run:1
Running from C:\Documents and Settings\Uživatel\Plocha
Loaded Profiles: Uživatel & UpdatusUser (Available Profiles: Uživatel & UpdatusUser & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [RGSC] => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [305064 2008-11-14] (Take-Two Interactive Software, Inc.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57987712 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1644491937-73586283-682003330-1003\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [773728 2012-12-04] (ZONER software)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: [S-1-5-21-1644491937-73586283-682003330-1004] ATTENTION => Default URLSearchHook is missing
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)

2015-11-10 21:30 - 2015-11-10 20:46 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-10 20:48 - 2015-11-08 21:53 - 00016169 _____ C:\zoek-results2015-11-08-205338.log
2015-11-08 20:28 - 2015-11-10 21:42 - 00011028 _____ C:\zoek-results.log
2015-11-08 20:24 - 2015-11-08 21:12 - 00000000 ____D C:\zoek_backup

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1445026697.job => C:\Program Files\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\Overwolf Updater Task.job => C:\Program Files\Overwolf\OverwolfUpdater.exe

Hosts:
EmptyTemp:
Reboot:
End


*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC => value removed successfully.
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully.
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-1644491937-73586283-682003330-1003\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
Could not restore Default URLSearchHook.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully.
C:\WINDOWS\zoek-delete.exe => moved successfully
C:\zoek-results2015-11-08-205338.log => moved successfully
C:\zoek-results.log => moved successfully
C:\zoek_backup => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1445026697.job => moved successfully
C:\WINDOWS\Tasks\Overwolf Updater Task.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 629.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 15:44:59 ====

[Márty84]

Sikulka

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.





20.2. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975