VIRY.CZ

Dobrý den,

prosím o kontrolu logu z FRST, v prohlížečích se mi začali zobrazovat nechtěné reklamy a když spustím v Mozille adobe flash tak spadne.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 04
Ran by Flash (administrator) on FLASH-HP on 20-01-2014 23:23:28
Running from C:\Users\Flash\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Corporation) C:\Windows\System32\hpservice.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(The Firebird Project) C:\Program Files\Firebird\bin\fbguard.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
() C:\Program Files\Kooperativa\Services\KoopPDFServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\xampp\mysql\bin\mysqld.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
() C:\Windows\System32\LFX6PUPO.EXE
(The Firebird Project) C:\Program Files\Firebird\bin\fbserver.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Chicony) C:\Windows\ChiFuncExt.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Windows\HKExt3.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Yontoo LLC) C:\Users\Flash\AppData\Roaming\Yontoo\YontooDesktop.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Oracle Corporation) C:\Windows\System32\javaw.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Unicorn Systems) C:\Program Files\ČP\CPMODUpdater\CPMODUpdater.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
() C:\CPP\CppKalkulacky\CppCalcServer.exe
() C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Dropbox, Inc.) C:\Users\Flash\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Flash\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [LchDrvKey] - C:\Windows\LchDrvKey.exe [36864 2007-03-28] ()
HKLM\...\Run: [HKExt3] - C:\Windows\HKExt3.exe [313856 2008-09-16] ()
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [506936 2009-03-10] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\0297ab24-8301-4afb-bc6f-e099205a72dc.exe [180184 2013-11-23] (AVAST Software)
HKLM\...\Run: [WSHelperSetup.exe] - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Flash\AppData\Local\Google\Update\GoogleUpdate.exe [133104 2009-10-01] (Google Inc.)
HKCU\...\Run: [CPMODUpdater] - C:\Program Files\ČP\CPMODUpdater\CPMODUpdater.exe [50688 2013-06-19] (Unicorn Systems)
HKCU\...\Run: [Yontoo Desktop] - C:\Users\Flash\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-01-31] (Yontoo LLC)
HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [WSHelperSetup.exe] - C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
MountPoints2: {7c9c7b7a-aeaa-11de-a68e-00247eaafac1} - F:\Setup.exe
MountPoints2: {9c2d0cef-cd38-11df-b39e-00247eaafac1} - G:\LaunchU3.exe -a
MountPoints2: {cba6710a-fe08-11df-bb72-00247eaafac1} - G:\NokiaPCIA_Autorun.exe
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe ()
Startup: C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Flash\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kooperativa - PDF Server.lnk
ShortcutTarget: Kooperativa - PDF Server.lnk -> C:\Program Files\Kooperativa\KoopPxBN\KoopPDFServerSA.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 247EAAFAC1}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9791872DBC36CB01
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 247EAAFAC1}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 247EAAFAC1}
SearchScopes: HKCU - {140D3B1E-D327-44F5-BE3E-49D29734CACC} URL = http://search.avg.com/dispatcher.aspx?i ... earchTerms}
SearchScopes: HKCU - {D697A8B1-0A26-4406-8BDD-E0F74E5B6163} URL = http://websearch.ask.com/redirect?clien ... AC9903D7B8
SearchScopes: HKCU - {DFCF58E0-D96D-4342-984B-1CE9D8D5D4E4} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://search.sweetim.com/search.asp?sr ... 247EAAFAC1}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Windows\WebIE.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll ()
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default
FF user.js: detected! => C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\user.js
FF NewTab: hxxp://home.sweetim.com/?src=97&barid={B7C2094B-2AE4-11E2-904B-00247EAAFAC1}
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: http://www.netvibes.com
FF Keyword.URL: hxxp://search.sweetim.com/search.asp?barid={B7C2094B-2AE4-11E2-904B-00247EAAFAC1}&src=2&crg=3.1010000.10011&q=
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Flash\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Flash\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ovi Maps 3D browser plugin - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\maps@ovi.com [2011-04-21]
FF Extension: netbeans-firefox-extension - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\netbeans-firefox-extension@netbeans.org [2010-06-11]
FF Extension: Flagfox - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2014-01-16]
FF Extension: Garmin Communicator - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-21]
FF Extension: Live HTTP Headers - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2011-05-18]
FF Extension: Firebug - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\firebug@software.joehewitt.com.xpi [2011-05-10]
FF Extension: Tab Scope - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\tabscope@xuldev.org.xpi [2011-05-08]
FF Extension: Fast Video Download (with SearchMenu) - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2011-05-17]
FF Extension: Shine Bright Skin Aero - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2011-05-08]
FF Extension: DownThemAll! - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-05-08]
FF Extension: FoxTab - C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi [2011-05-08]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM\...\Firefox\Extensions: [fe_6.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_6.0
FF Extension: Firefox Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_6.0 [2011-11-21]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-02]
FF HKLM\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: Thunderbird Address Book Synchronisation Extension - C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-11-21]

Chrome:
=======
CHR HomePage: hxxp://basket.idnes.cz/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Flash\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Flash\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Flash\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8524_0\npSkypeChromePlugin.dll (Skype Technologies S.A.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.6) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Google Update) - C:\Users\Flash\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Translate) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2010-07-04]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2010-07-04]
CHR Extension: (Play.cz) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacomocbpihfdldecacpjedmmcbdgdop [2010-07-04]
CHR Extension: (avast! Online Security) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-02]
CHR Extension: (SweetIM for Facebook) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2012-11-17]
CHR Extension: (Skype Click to Call) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-11-07]
CHR Extension: (FastestFox for Chrome) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2010-07-04]
CHR Extension: (Yontoo) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [2013-02-06]
CHR Extension: (Pen\u011B\u017Eenka Google) - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files\VipBoxSportsApp.com\stv11.crx [2013-09-03]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-11-10]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-18]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files\Yontoo\YontooLayers.crx [2012-11-10]
CHR StartMenuInternet: Google Chrome - C:\Users\Flash\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-10-23] (Acronis)
R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [24640 2009-08-05] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-08-29] (Cisco Systems, Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\bin\fbguard.exe [65536 2007-12-12] (The Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\bin\fbserver.exe [1531989 2007-12-12] (The Firebird Project)
S3 FLCDLOCK; C:\Windows\system32\flcdlock.exe [349432 2008-08-06] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520 2010-11-15] (Hewlett-Packard Company)
R2 KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2220032 2010-12-06] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 MySQL; C:\xampp\mysql\bin\mysqld.exe [5497856 2009-08-05] ()
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760 2009-04-27] ()
S2 sfrem01; C:\Windows\system32\sfrem01.exe [358008 2006-07-05] (Protection Technology (StarForce))
R2 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [495832 2007-10-23] ()
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2010-05-21] ()
S4 msvsmon90; "C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe" /service msvsmon90 [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-28] ()
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [33408 2006-02-20] (B.H.A Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306299 2008-08-29] (Cisco Systems, Inc.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32256 2008-08-06] (Hewlett-Packard Development Company L.P.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S3 HPFXBULKLEDM; C:\Windows\System32\drivers\hppcbulkio.sys [20504 2010-04-22] (Hewlett Packard)
S3 HPFXFAX; C:\Windows\System32\drivers\hppcfaxio.sys [21528 2010-04-22] (Hewlett Packard)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [35776 2011-05-17] (http://libusb-win32.sourceforge.net)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [59776 2006-08-11] (Protection Technology (StarForce))
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2009-10-01] ()
R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368736 2009-10-02] (Acronis)
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2009-10-02] (Acronis)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-05-07] (CyberLink Corp.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [x]

==================== NetSvcs (Whitelisted) ===================

NETSVC: wmcmgc -> No Registry Path.

==================== One Month Created Files and Folders ========

2014-01-20 23:23 - 2014-01-20 23:23 - 00029256 _____ C:\Users\Flash\Desktop\FRST.txt
2014-01-20 23:22 - 2014-01-20 23:22 - 00000000 ____D C:\FRST
2014-01-20 23:21 - 2014-01-20 23:21 - 00112640 _____ (forum.viry.cz) C:\Users\Flash\Desktop\Nepotvrzeno 199387.crdownload
2014-01-20 23:21 - 2014-01-20 23:21 - 00112640 _____ (forum.viry.cz) C:\Users\Flash\Desktop\FRSTLauncher.exe
2014-01-20 23:14 - 2014-01-20 23:14 - 01221120 _____ (Farbar) C:\Users\Flash\Desktop\FRST.exe
2014-01-20 23:08 - 2014-01-20 23:09 - 03218352 _____ (McAfee, Inc.) C:\Users\Flash\Desktop\MCPR.exe
2014-01-20 12:17 - 2014-01-20 12:17 - 00003023 _____ C:\Users\Flash\Desktop\OVB Simulace.lnk
2014-01-20 12:17 - 2014-01-20 12:17 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Simulace_2009
2014-01-20 12:11 - 2014-01-20 12:13 - 119313988 _____ C:\Users\Flash\Desktop\OVB.zip
2014-01-18 12:31 - 2014-01-18 12:35 - 00000000 ____D C:\Windows\rescache
2014-01-15 13:17 - 2014-01-15 13:17 - 00035840 _____ C:\Users\Flash\Desktop\Soupis_návrhů_ZUK_2012_vsichni.xls
2014-01-15 08:35 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 08:34 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 08:34 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 08:34 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 08:34 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 08:34 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 08:34 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 08:34 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 08:34 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-11 13:16 - 2014-01-11 13:16 - 00196236 _____ C:\Users\Flash\Desktop\OVB004707571_20091204092808_037_00.tif
2014-01-11 13:14 - 2014-01-11 13:14 - 00994695 _____ C:\Users\Flash\Desktop\OVB004639760_20090908134614_027_00.tif
2014-01-11 13:14 - 2014-01-11 13:14 - 00524770 _____ C:\Users\Flash\Desktop\OVB004639760_20090908134607_026_00.tif
2014-01-11 13:14 - 2014-01-11 13:14 - 00059325 _____ C:\Users\Flash\Desktop\OVB004639760_20090908134604_025_00.tif
2014-01-11 13:12 - 2014-01-11 13:12 - 00938891 _____ C:\Users\Flash\Desktop\OVB004639559_20090908134504_016_00.tif
2014-01-11 13:12 - 2014-01-11 13:12 - 00288588 _____ C:\Users\Flash\Desktop\OVB004639559_20090908134455_014_00.tif
2014-01-11 13:11 - 2014-01-11 13:11 - 00416927 _____ C:\Users\Flash\Desktop\039006526913_20121109143301_003_00.tif
2014-01-11 13:10 - 2014-01-11 13:10 - 00240843 _____ C:\Users\Flash\Desktop\032022883981_20100505133239_194_00.tif
2014-01-11 13:09 - 2014-01-11 13:09 - 00093979 _____ C:\Users\Flash\Desktop\OVB12101325852_20121218084415_174_00.tif
2014-01-10 16:45 - 2014-01-10 16:45 - 00000000 ____D C:\Users\Flash\Desktop\prav
2014-01-10 16:27 - 2014-01-10 16:27 - 02874368 _____ C:\Users\Flash\Desktop\srovnání programů na spoření na důchod.ppt
2014-01-10 15:12 - 2014-01-10 15:12 - 00000803 _____ C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPP - IQ2.lnk
2014-01-10 15:12 - 2014-01-10 15:12 - 00000773 _____ C:\Users\Flash\Desktop\CPP - IQ2.lnk
2014-01-10 15:12 - 2014-01-10 15:12 - 00000000 ____D C:\CPP
2014-01-08 14:49 - 2014-01-08 14:50 - 00000000 ____D C:\Users\Flash\Desktop\Horbova
2014-01-06 17:31 - 2014-01-10 16:04 - 00022528 _____ C:\Users\Flash\Desktop\Prezencka.xls
2013-12-31 09:02 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-31 09:02 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-31 09:02 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-31 09:02 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-31 09:02 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-31 09:02 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-31 09:02 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-31 09:02 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-31 09:02 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-31 09:02 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-31 09:01 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-31 09:01 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-31 09:01 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-31 09:01 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-31 09:01 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-31 09:01 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-31 09:01 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-31 09:01 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-31 09:01 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 08:25 - 2013-12-30 08:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 08:25 - 2013-12-30 08:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 08:25 - 2013-12-30 08:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-28 17:31 - 2013-12-28 17:31 - 00001160 _____ C:\Windows\PFRO.log
2013-12-25 10:13 - 2013-12-25 10:13 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Wondershare
2013-12-25 10:13 - 2013-12-25 10:13 - 00000000 ____D C:\Program Files\Wondershare
2013-12-24 21:13 - 2013-12-24 21:13 - 00000000 ____D C:\Users\Flash\AppData\Local\Wondershare
2013-12-24 21:12 - 2013-12-24 21:12 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2013-12-24 12:13 - 2014-01-18 10:41 - 00005408 _____ C:\Windows\setupact.log
2013-12-24 12:13 - 2013-12-24 12:13 - 00000000 _____ C:\Windows\setuperr.log
2013-12-24 10:33 - 2013-12-30 08:30 - 00023930 _____ C:\Windows\IE11_main.log
2013-12-23 14:15 - 2013-12-24 10:55 - 06807248 _____ C:\Users\Flash\Desktop\lekarska_zprava.psd
2013-12-23 09:08 - 2013-12-23 09:08 - 16283041 _____ C:\Users\Flash\Desktop\lek_zprava.psd

==================== One Month Modified Files and Folders =======

2014-01-20 23:23 - 2014-01-20 23:23 - 00029256 _____ C:\Users\Flash\Desktop\FRST.txt
2014-01-20 23:22 - 2014-01-20 23:22 - 00000000 ____D C:\FRST
2014-01-20 23:21 - 2014-01-20 23:21 - 00112640 _____ (forum.viry.cz) C:\Users\Flash\Desktop\Nepotvrzeno 199387.crdownload
2014-01-20 23:21 - 2014-01-20 23:21 - 00112640 _____ (forum.viry.cz) C:\Users\Flash\Desktop\FRSTLauncher.exe
2014-01-20 23:14 - 2014-01-20 23:14 - 01221120 _____ (Farbar) C:\Users\Flash\Desktop\FRST.exe
2014-01-20 23:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\config\Journal
2014-01-20 23:09 - 2014-01-20 23:08 - 03218352 _____ (McAfee, Inc.) C:\Users\Flash\Desktop\MCPR.exe
2014-01-20 23:04 - 2012-04-18 19:51 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-20 22:46 - 2009-10-01 17:35 - 00000962 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-110904173-369363387-719593607-1000UA.job
2014-01-20 22:40 - 2009-10-01 14:08 - 01475574 _____ C:\Windows\WindowsUpdate.log
2014-01-20 22:10 - 2009-07-14 05:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-20 22:10 - 2009-07-14 05:34 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 18:09 - 2013-02-06 14:30 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Yontoo
2014-01-20 12:17 - 2014-01-20 12:17 - 00003023 _____ C:\Users\Flash\Desktop\OVB Simulace.lnk
2014-01-20 12:17 - 2014-01-20 12:17 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Simulace_2009
2014-01-20 12:13 - 2014-01-20 12:11 - 119313988 _____ C:\Users\Flash\Desktop\OVB.zip
2014-01-20 11:48 - 2009-10-01 17:35 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-110904173-369363387-719593607-1000Core.job
2014-01-18 12:35 - 2014-01-18 12:31 - 00000000 ____D C:\Windows\rescache
2014-01-18 10:55 - 2009-11-01 10:07 - 00001680 _____ C:\Windows\MAILTRAN.INI
2014-01-18 10:45 - 2012-12-26 14:42 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Dropbox
2014-01-18 10:44 - 2012-12-26 14:43 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-18 10:41 - 2013-12-24 12:13 - 00005408 _____ C:\Windows\setupact.log
2014-01-18 10:41 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 10:37 - 2009-07-14 05:33 - 01828608 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-17 08:15 - 2009-10-01 22:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 08:12 - 2013-07-30 07:26 - 00000000 ____D C:\Windows\system32\MRT
2014-01-17 08:00 - 2009-10-01 21:22 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 13:17 - 2014-01-15 13:17 - 00035840 _____ C:\Users\Flash\Desktop\Soupis_návrhů_ZUK_2012_vsichni.xls
2014-01-15 13:14 - 2009-10-01 14:15 - 01741474 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-11 13:16 - 2014-01-11 13:16 - 00196236 _____ C:\Users\Flash\Desktop\OVB004707571_20091204092808_037_00.tif
2014-01-11 13:14 - 2014-01-11 13:14 - 00994695 _____ C:\Users\Flash\Desktop\OVB004639760_20090908134614_027_00.tif
2014-01-11 13:14 - 2014-01-11 13:14 - 00524770 _____ C:\Users\Flash\Desktop\OVB004639760_20090908134607_026_00.tif
2014-01-11 13:14 - 2014-01-11 13:14 - 00059325 _____ C:\Users\Flash\Desktop\OVB004639760_20090908134604_025_00.tif
2014-01-11 13:12 - 2014-01-11 13:12 - 00938891 _____ C:\Users\Flash\Desktop\OVB004639559_20090908134504_016_00.tif
2014-01-11 13:12 - 2014-01-11 13:12 - 00288588 _____ C:\Users\Flash\Desktop\OVB004639559_20090908134455_014_00.tif
2014-01-11 13:11 - 2014-01-11 13:11 - 00416927 _____ C:\Users\Flash\Desktop\039006526913_20121109143301_003_00.tif
2014-01-11 13:10 - 2014-01-11 13:10 - 00240843 _____ C:\Users\Flash\Desktop\032022883981_20100505133239_194_00.tif
2014-01-11 13:09 - 2014-01-11 13:09 - 00093979 _____ C:\Users\Flash\Desktop\OVB12101325852_20121218084415_174_00.tif
2014-01-10 16:45 - 2014-01-10 16:45 - 00000000 ____D C:\Users\Flash\Desktop\prav
2014-01-10 16:27 - 2014-01-10 16:27 - 02874368 _____ C:\Users\Flash\Desktop\srovnání programů na spoření na důchod.ppt
2014-01-10 16:04 - 2014-01-06 17:31 - 00022528 _____ C:\Users\Flash\Desktop\Prezencka.xls
2014-01-10 15:12 - 2014-01-10 15:12 - 00000803 _____ C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPP - IQ2.lnk
2014-01-10 15:12 - 2014-01-10 15:12 - 00000773 _____ C:\Users\Flash\Desktop\CPP - IQ2.lnk
2014-01-10 15:12 - 2014-01-10 15:12 - 00000000 ____D C:\CPP
2014-01-08 14:50 - 2014-01-08 14:49 - 00000000 ____D C:\Users\Flash\Desktop\Horbova
2014-01-08 14:42 - 2010-03-12 11:03 - 00011451 _____ C:\Users\Flash\AppData\Roaming\SmarThruOptions.xml
2013-12-31 14:47 - 2010-06-25 08:15 - 00000080 _____ C:\Users\Flash\AppData\Local\Model_he.ini
2013-12-31 14:47 - 2010-06-24 11:16 - 00000000 ____D C:\Program Files\ModelH
2013-12-30 08:30 - 2013-12-24 10:33 - 00023930 _____ C:\Windows\IE11_main.log
2013-12-30 08:25 - 2013-12-30 08:25 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-30 08:25 - 2013-12-30 08:25 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-30 08:25 - 2013-12-30 08:25 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-30 08:25 - 2013-12-30 08:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-30 08:25 - 2013-12-30 08:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-30 08:25 - 2013-12-30 08:25 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-29 14:02 - 2009-10-05 17:40 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Generali pojišťovna
2013-12-28 17:31 - 2013-12-28 17:31 - 00001160 _____ C:\Windows\PFRO.log
2013-12-28 17:31 - 2012-06-18 12:01 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-26 20:33 - 2010-08-04 10:58 - 00020992 _____ C:\Users\Flash\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-26 16:16 - 2011-01-24 08:34 - 00000000 ____D C:\Users\Flash\AppData\Roaming\uTorrent
2013-12-26 15:47 - 2013-10-05 10:25 - 00000000 ____D C:\Users\Flash\Desktop\Práce
2013-12-26 14:37 - 2013-06-19 11:34 - 00000086 _____ C:\Users\Flash\.java.policy
2013-12-26 14:37 - 2009-10-01 15:21 - 00000000 ____D C:\Users\Flash
2013-12-25 10:13 - 2013-12-25 10:13 - 00000000 ____D C:\Users\Flash\AppData\Roaming\Wondershare
2013-12-25 10:13 - 2013-12-25 10:13 - 00000000 ____D C:\Program Files\Wondershare
2013-12-25 10:13 - 2011-11-22 01:02 - 00000000 ____D C:\Users\Flash\.android
2013-12-24 22:26 - 2011-11-22 00:22 - 00000000 ____D C:\Program Files\MOBILedit!
2013-12-24 22:11 - 2011-11-22 00:24 - 00000000 ____D C:\Users\Flash\AppData\Roaming\MOBILedit
2013-12-24 21:37 - 2011-11-22 00:30 - 00000000 ____D C:\Program Files\Compiled Driver Disc (Full)
2013-12-24 21:15 - 2010-03-17 12:39 - 00000000 ____D C:\Program Files\Nokia
2013-12-24 21:13 - 2013-12-24 21:13 - 00000000 ____D C:\Users\Flash\AppData\Local\Wondershare
2013-12-24 21:12 - 2013-12-24 21:12 - 00000000 ____D C:\Program Files\Common Files\Wondershare
2013-12-24 20:52 - 2010-05-22 21:37 - 00000000 ____D C:\ubuntu
2013-12-24 20:52 - 2009-07-14 03:04 - 00000010 __RSH C:\config.sys
2013-12-24 12:13 - 2013-12-24 12:13 - 00000000 _____ C:\Windows\setuperr.log
2013-12-24 10:55 - 2013-12-23 14:15 - 06807248 _____ C:\Users\Flash\Desktop\lekarska_zprava.psd
2013-12-23 14:22 - 2013-11-18 09:36 - 00000000 ____D C:\Program Files\Mozilla Firefox.bak
2013-12-23 14:19 - 2010-06-29 11:39 - 00000000 ____D C:\Windows\Minidump
2013-12-23 09:08 - 2013-12-23 09:08 - 16283041 _____ C:\Users\Flash\Desktop\lek_zprava.psd

Files to move or delete:
====================
C:\ProgramData\hpe88EC.dll


Some content of TEMP:
====================
C:\Users\Flash\AppData\Local\Temp\miCoach_micoachmanagersetup.exe
C:\Users\Flash\AppData\Local\Temp\pyl2781.tmp.exe
C:\Users\Flash\AppData\Local\Temp\ueqcjokk.dll
C:\Users\Flash\AppData\Local\Temp\z0imhzu5.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-110904173-369363387-719593607-1000Core.job => C:\Users\Flash\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-110904173-369363387-719593607-1000UA.job => C:\Users\Flash\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Flash\Desktop" je 407 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service
"C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files\Ask.com\Updater\Updater.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion
C:\Program Files\Cyberlink\Shared Files\brs.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Flash\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPCam_Menu
"C:\Program Files\Hewlett-Packard\HP Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\HP Webcam" UpdateWithCreateOnce "Software\CyberLink\HP Webcam\1.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMusic FastStart
"C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD9LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl9
"C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES
C:\Windows\System32\StikyNot.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite
"C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive
"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray
"C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog
C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~1\MCAFEE~1\202B13~1.181\SSSCHE~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk
C:\PROGRA~1\APACHE~1\Apache2.2\bin\APACHE~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO HD Edition.lnk
C:\PROGRA~1\PANASO~1\PHOTOF~1\PHAUTO~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk
C:\Windows\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico -user_logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Flash^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Flash^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE /tsr [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

ahoj,
najprv vycisti PC s ADWCleanerom - je tam svincik

Hotovo!

# AdwCleaner v3.017 - Report created 21/01/2014 at 08:33:31
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Flash - FLASH-HP
# Running from : C:\Users\Flash\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\iLivid
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Windows\system32\WNLT
Folder Deleted : C:\Users\Flash\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Flash\AppData\Local\PackageAware
Folder Deleted : C:\Users\Flash\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Flash\AppData\Roaming\Desktopicon
Folder Deleted : C:\Users\Flash\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\FoxTab
Folder Deleted : C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Folder Deleted : C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
File Deleted : C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi
File Deleted : C:\Users\Flash\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Deleted : C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\user.js
File Deleted : C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.sweetim.com_0.localstorage
File Deleted : C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.sweetim.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\ilivid
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISOS_is1
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [CPMODUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\ilivid
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Users\Flash\AppData\Roaming\Mozilla\Firefox\Profiles\55hwzx2c.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={B7C2094B-2AE4-11E2-904B-00247EAAFAC1}");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Line Deleted : user_pref("extentions.y2layers.installId", "2eb631d3-1f58-42ed-8851-96e624fdf5a4");
Line Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={B7C2094B-2AE4-11E2-904B-00247EAAFAC1}&src=2&crg=3.1010000.10011&q=");

-\\ Google Chrome v

[ File : C:\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17411 octets] - [21/01/2014 08:31:22]
AdwCleaner[S0].txt - [17626 octets] - [21/01/2014 08:33:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17687 octets] ##########

citat:
TFC http://oldtimer.geekstogo.com/TFC.exe
• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič
• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

+ prescanuj PC s MBAM - log sem

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.21.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
Flash :: FLASH-HP [administrátor]

Ochrana: Povolena

21.1.2014 9:37:37
MBAM-log-2014-01-21 (15-53-51).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 486766
Uplynulý čas: 1 hodin, 52 minut, 7 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 26
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgcommunication.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir (PUP.Optional.SweetPacks) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Program Files\Yontoo\OptChrome.exe.vir (PUP.Optional.OptChrome.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{68F250EA-9638-4DCF-96C4-D68CC340EC48}\A86207CA0123E3DC._bu.vir (PUP.Optional.OptChrome.A) -> Nebyla provedena žádná instrukce.
C:\AdwCleaner\Quarantine\C\Users\Flash\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll.vir (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Flash\AppData\Local\Chromium\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\mgHelperGCFB.dll (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Users\Flash\AppData\Roaming\QIP\Profiles\Space_jam\RcvdFiles\LuKyN_291240691\RemoveWAT.exe (HackTool.Wpakill) -> Nebyla provedena žádná instrukce.
C:\Users\Flash\AppData\Roaming\QIP\Profiles\Space_jam\RcvdFiles\Zitak_489935436\RemoveWAT.exe (HackTool.Wpakill) -> Nebyla provedena žádná instrukce.
C:\Users\Flash\Desktop\Programy\YTDSetup.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\6b38517.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\6b3851e.msi (PUP.Optional.SweetIM) -> Nebyla provedena žádná instrukce.

(konec)

vsetko najdene nechaj zmazat - restart a napis ako sa sprava PC

PC vypadá dobře Reklamy zmizely i celkově je rychlejší. Díky moc!

rado sa stalo