VIRY.CZ

Mam obavu, že bych mohl mít virus, tady přikladám svůj RSIT log

Logfile of random's system information tool 1.09 (written by random/random)
Run by User at 2014-02-12 12:14:44
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 311 GB (51%) free of 610 GB
Total RAM: 3326 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:14:54, on 12.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19489)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\User\Documents\Downloads\RSIT (1).exe
C:\Program Files\trend micro\User.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files\BetterSurf\ie\BetterSurf.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: BetterSrf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll
O2 - BHO: MediaPlayerV1alpha144 - {8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f} - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ie\MediaPlayerV1alpha144.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebexpEnhancedV1alpha1239 - {cfb992dc-0a99-466c-81ea-50e0932169cc} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ie\WebexpEnhancedV1alpha1239.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Cleaner - {CCF00E14-7C5E-4420-9BF3-AA4809CFAA13} - C:\Program Files\ClickClean\ClickClean.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O16 - DPF: {22272CAC-E859-4523-B505-7ECF74469A1B} (Mdview3d Control) - http://www.veka.de/__C1257308002B1CFE.n ... view3d.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
O23 - Service: VMware View Client (wsnm) - VMware, Inc. - C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe

--
End of file - 8797 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AmiUpdXp.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{A3E0E9C6-FED9-4F74-92C3-D6023C963BF3}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "battlefieldplay4free@ea.com:1.0.53.2, DTToolbar@toolbarnet.com:1.0.7.0088, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, vshare@toolbar:1.0.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"xz123@ya456.com"=C:\Program Files\BetterSurf\ff
"12x3q@3244516.com"=C:\Program Files\Better-Surf\ff
"ext@WebexpEnhancedV1alpha1239.net"=C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff
"ext@MediaPlayerV1alpha144.net"=C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/vbp;version=0.9.17]
"Description"=Veetle Broadcaster Plugin
"Path"=C:\Program Files\Veetle\VLCBroadcast\npvbp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
clickclean@hotcleaner.com
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\extensions\
battlefieldplay4free@ea.com
vshare@toolbar
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\
daemon-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}]
BetterSurf - C:\Program Files\BetterSurf\ie\BetterSurf.dll [2013-11-12 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-01 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}]
Better-Surf - C:\Program Files\Better-Surf\ie\BetterSrf.dll [2013-11-25 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f}]
Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ie\MediaPlayerV1alpha144.dll [2014-01-28 87040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-02-23 998560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfb992dc-0a99-466c-81ea-50e0932169cc}]
Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ie\WebexpEnhancedV1alpha1239.dll [2013-12-19 87552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-01 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-02-23 998560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-02-23 4031368]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-12-10 216520]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"cz.seznam.software.autoupdate"=C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Google Update"=C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-11 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7M\ICQ.exe [2012-08-29 127040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
C:\Program Files\QIP Infium\infium.exe [2008-12-09 5062144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2009-01-20 306088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2013-10-09 1813928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\win32]
C:\kernels\drivers.vbs [2013-03-21 756]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Alchemy Elixir.lnk]
C:\PROGRA~1\ALCHEM~1\traicon.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-01-30 19:38:40 ----D---- C:\data
2014-01-30 17:49:44 ----D---- C:\Program Files\MediaPlayerV1
2014-01-22 20:31:30 ----D---- C:\ProgramData\Origin

======List of files/folders modified in the last 1 month======

2014-02-12 12:14:54 ----D---- C:\Windows\Prefetch
2014-02-12 12:14:50 ----D---- C:\Windows\temp
2014-02-12 12:14:48 ----D---- C:\Program Files\trend micro
2014-02-12 11:53:12 ----D---- C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-02-12 11:52:46 ----D---- C:\Users\User\AppData\Roaming\uTorrent
2014-02-12 11:50:36 ----D---- C:\Windows\inf
2014-02-12 11:50:22 ----D---- C:\Windows\Logs
2014-02-12 11:50:22 ----D---- C:\Windows\Debug
2014-02-12 11:50:22 ----D---- C:\Windows
2014-02-12 10:17:10 ----D---- C:\Users\User\AppData\Roaming\Seznam.cz
2014-02-11 11:48:28 ----SHD---- C:\System Volume Information
2014-02-07 11:25:56 ----D---- C:\Program Files\EA SPORTS
2014-02-05 19:16:18 ----D---- C:\Windows\System32
2014-02-05 19:16:16 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-02 15:06:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-30 19:42:55 ----D---- C:\ProgramData
2014-01-30 19:33:22 ----D---- C:\Program Files\VideoPlayerV3
2014-01-30 19:32:14 ----D---- C:\Program Files\BetterSurf
2014-01-30 17:49:46 ----HD---- C:\Windows\system32\GroupPolicy
2014-01-30 17:49:44 ----RD---- C:\Program Files
2014-01-28 11:23:11 ----D---- C:\Windows\system32\catroot2
2014-01-25 15:22:52 ----RSD---- C:\Windows\assembly
2014-01-25 15:12:30 ----D---- C:\Hry
2014-01-22 20:45:10 ----HD---- C:\Program Files\Common Files\EAInstaller
2014-01-20 14:46:19 ----A---- C:\Windows\system32\PnkBstrB.exe
2014-01-15 16:47:59 ----SHD---- C:\Windows\Installer
2014-01-15 16:47:42 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 16:46:32 ----D---- C:\Windows\system32\MRT
2014-01-15 16:44:15 ----A---- C:\Windows\system32\mrt.exe
2014-01-15 10:43:34 ----D---- C:\Users\User\AppData\Roaming\VMware
2014-01-14 16:23:57 ----A---- C:\Windows\system32\PnkBstrA.exe
2014-01-14 16:23:51 ----A---- C:\Windows\system32\pbsvc.exe
2014-01-14 15:58:56 ----D---- C:\Program Files\Activision
2014-01-13 16:56:45 ----D---- C:\Windows\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-12-25 717296]
R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2012-02-23 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-02-23 610648]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-02-23 337112]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-02-23 53848]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-02-23 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-02-23 57688]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2012-11-20 41496]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-10-29 4017152]
R3 ElanFltr;Pro Gaming Keyboard; C:\Windows\System32\Drivers\ElanFltr.sys [2007-05-23 48128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2012-06-19 3240400]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-07-22 47616]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
S3 a32p84mi;a32p84mi; C:\Windows\system32\drivers\a32p84mi.sys []
S3 catchme;catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 gUSBSTOi;gUSBSTOi; \??\C:\Users\User\AppData\Local\Temp\gUSBSTOi.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-28 25280]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-01-21 4422560]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 vmusb;VMware USB Client Driver; C:\Windows\System32\Drivers\vmusb.sys [2012-11-20 31280]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-10-29 712704]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-02-23 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-01-14 66872]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2012-11-20 721048]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-28 136176]
S2 vmware-view-usbd;VMware View USB; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2012-12-03 2436096]
S2 wsnm;VMware View Client; C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe [2012-12-08 472216]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-12-28 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2013-10-09 565672]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by User on st 12.02.2014 at 12:33:12,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dttoolbar.toolbandobj.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D0E96E2A-7492-4C0D-BF45-4FB3A06CE755}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Program Files\bettersurf"
Successfully deleted: [Folder] "C:\Program Files\daemon tools toolbar"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\lemurleap"



~~~ FireFox

Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\05wfjn59.default\user.js
Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\05wfjn59.default\prefs.js

user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=sm&tb_ver=1.3.1&q=");
user_pref("extensions.vshare@toolbar.update.enabled", false);
user_pref("vshare.install.date", "1293321600000");
user_pref("vshare.install.dumpFileCount", 0);
user_pref("vshare.install.dumpFileDisabled", false);
user_pref("vshare.install.finished", "1.0.2");
user_pref("vshare.install.guid", "{c2d69fd8-cdbc-4e71-b09c-e3ccb9d807f9}");
user_pref("vshare.install.isHidden", true);
user_pref("vshare.install.istoolbarhp", true);
user_pref("vshare.install.istoolbarsearch", true);
user_pref("vshare.install.laststatreq", "1326585600000");
user_pref("vshare.install.newtab", true);
user_pref("vshare.install.overlayVersion", 1);
user_pref("vshare.install.userHPSettings", "hxxp://www.seznam.cz/");
user_pref("vshare.install.userSPSettings", "Google");
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\05wfjn59.default\minidumps [12 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 12.02.2014 at 12:35:42,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner:
# AdwCleaner v3.018 - Report created 12/02/2014 at 12:45:35
# Updated 28/01/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : User - ŠULÍ
# Running from : C:\Users\User\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\ICQToolbarData
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\Extensions\vshare@toolbar
File Deleted : C:\Program Files\Mozilla Firefox\Extensions\DTToolbar@toolbarnet.com
File Deleted : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\daemon-search.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\web-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
Key Deleted : HKCU\Software\AppDataLow\Software\DoubleD
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.19489

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Prev Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v4.0.1 (cs)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("extensions.enabledAddons", "vshare@toolbar:1.0.2,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,battlefieldplay4free@ea.com:1.0.66.2,{800b5000-a755-47e1-992b-48a1c1357f07}:1.4.3,{CAFEEFAC-00[...]
Line Deleted : user_pref("extensions.enabledItems", "battlefieldplay4free@ea.com:1.0.53.2,DTToolbar@toolbarnet.com:1.0.7.0088,{800b5000-a755-47e1-992b-48a1c1357f07}:1.1.6,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.1[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.defSearchChange", true);
Line Deleted : user_pref("icqtoolbar.engineVerified", true);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1326219529);
Line Deleted : user_pref("icqtoolbar.hiddenElements", "itb_options");
Line Deleted : user_pref("icqtoolbar.history", "chrome||lcd||fdd||FDD||vyrovn%C3%A1vac%C3%AD||dram%20pou%C5%BEit%C3%AD||dram||ram||registr||sb%C4%9Brnice%20%C5%A1%C3%AD%C5%99e||sb%C4%9Brnice%20%C4%9B%C3%AD%C5%99e||s[...]
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1325783107");
Line Deleted : user_pref("icqtoolbar.installsource", "1");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "4.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uniqueID", "125718044912571804491257193327234");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1326633918);
Line Deleted : user_pref("icqtoolbar.userEngineApproved", true);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.version", "1.4.3");
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");

-\\ Google Chrome v

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7674 octets] - [12/02/2014 12:37:13]
AdwCleaner[S0].txt - [7631 octets] - [12/02/2014 12:45:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7691 octets] ##########

Poprosim o log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-02-2014 01
Ran by User (administrator) on ŠULÍ on 12-02-2014 15:23:24
Running from C:\Users\User\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe
(VMware, Inc.) C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc.) C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4031368 2012-02-23] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [216520 2008-12-10] (DT Soft Ltd)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-11] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {2DAB7A73-68D1-4BE2-917D-4FC1466A3D4A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {2DAB7A73-68D1-4BE2-917D-4FC1466A3D4A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKCU - {2E1979DC-659A-4856-BC15-FB4E7B77F9E6} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKCU - {32D95F65-8D2B-42B5-853B-2D300A4A04D8} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {353B97DD-430C-40CB-B01D-63EB7C2785BC} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKCU - {64A4EB5D-3EA5-41D3-94A6-4875FD1529FE} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKCU - {6939C610-883A-4331-A2C5-D2057ACE2A55} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKCU - {843F5D2A-DD30-4973-A646-E43DDC2ABAA3} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKCU - {A15DD3F1-2289-4EC6-B78B-3C0B3A9FC82C} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKCU - {D09C6556-8032-432E-A203-CA6F3CDCDD07} URL = http://www.google.cz/search?q={searchTe ... {startPage}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
BHO: Media Player - {8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f} - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ie\MediaPlayerV1alpha144.dll ()
BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Webexp Enhanced - {cfb992dc-0a99-466c-81ea-50e0932169cc} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ie\WebexpEnhancedV1alpha1239.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: {22272CAC-E859-4523-B505-7ECF74469A1B} http://www.veka.de/__C1257308002B1CFE.n ... view3d.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.254

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.17 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF Extension: Battlefield Play4Free - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\Extensions\battlefieldplay4free@ea.com [2011-09-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-06-20]
FF Extension: Seznam lištička - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-10-20]
FF Extension: FireFox Extension Updates - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\05wfjn59.default\Extensions\extension@firefox.com.xpi [2012-01-09]
FF Extension: Click&Clean - C:\Program Files\Mozilla Firefox\extensions\clickclean@hotcleaner.com [2009-10-11]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2010-05-03]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [2012-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-27]
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-26]
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha1239.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff [2013-12-27]
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha144.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff
FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff [2014-01-30]

Chrome:
=======
CHR Extension: (avast! WebRep) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2014-02-12]
CHR Extension: (Media Player) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdifammfpaloiagdfckgapidcihjbmb [2014-02-12]
CHR Extension: (Webexp Enhanced) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jckjoljglhkjjgbimldfhmhepmdlbgik [2014-02-12]
CHR Extension: (Peněženka Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (BetterSrf) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco [2014-02-12]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2012-02-27]
CHR HKLM\...\Chrome\Extension: [jckjoljglhkjjgbimldfhmhepmdlbgik] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ch\WebexpEnhancedV1alpha1239.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]
CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144712 2009-07-09] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768 2012-02-23] (AVAST Software)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-01-14] ()
R2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721048 2012-11-20] (VMware, Inc.)
R2 vmware-view-usbd; C:\Program Files\VMware\VMware View\Client\bin\vmware-view-usbd.exe [2436096 2012-12-03] (VMware, Inc.)
R2 wsnm; C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe [472216 2012-12-08] (VMware, Inc.)

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [674048 2007-04-20] (Philips Semiconductors GmbH)
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [20696 2012-02-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [57688 2012-02-23] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [35672 2012-02-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [610648 2012-02-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [337112 2012-02-23] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [53848 2012-02-23] (AVAST Software)
R3 ElanFltr; C:\Windows\System32\Drivers\ElanFltr.sys [48128 2007-05-23] (Waytech Development, Inc.)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2009-09-28] (LogMeIn, Inc.)
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-11-20] (VMware, Inc.)
R3 L1E; C:\Windows\System32\DRIVERS\L1E60x86.sys [47616 2008-07-22] (Atheros Communications, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2008-12-25] ()
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-11-20] (VMware, Inc.)
U3 av0a4ef3; C:\Windows\system32\Drivers\av0a4ef3.sys [0 ] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys [X]
S3 gUSBSTOi; \??\C:\Users\User\AppData\Local\Temp\gUSBSTOi.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-12 15:23 - 2014-02-12 15:23 - 00019770 _____ () C:\Users\User\Desktop\FRST.txt
2014-02-12 15:23 - 2014-02-12 15:23 - 00000000 ____D () C:\FRST
2014-02-12 15:22 - 2014-02-12 15:22 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-02-12 15:20 - 2014-02-12 15:20 - 01139712 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-02-12 12:37 - 2014-02-12 12:45 - 00000000 ____D () C:\AdwCleaner
2014-02-12 12:35 - 2014-02-12 12:35 - 00006348 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-12 12:33 - 2014-02-12 12:33 - 00000000 ____D () C:\Windows\ERUNT
2014-02-12 12:30 - 2014-02-12 12:30 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner.exe
2014-02-12 12:30 - 2014-02-12 12:30 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-02-12 11:12 - 2014-02-12 11:12 - 00448512 _____ (OldTimer Tools) C:\Users\User\Desktop\TFC.exe
2014-02-04 20:59 - 2014-02-04 20:48 - 08881678 _____ () C:\Users\User\Desktop\MŠ.rar
2014-02-02 13:45 - 2014-02-02 14:56 - 493532610 _____ () C:\Users\User\Desktop\Unreal Tournament 1999 non-install verze + balik map.rar
2014-01-30 19:38 - 2014-01-30 19:38 - 00000000 ____D () C:\data
2014-01-30 17:49 - 2014-01-30 19:42 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-01-30 17:49 - 2014-01-30 17:49 - 00000000 ____D () C:\Program Files\MediaPlayerV1
2014-01-25 15:21 - 2014-01-25 15:21 - 00000742 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2014-01-25 15:21 - 2014-01-25 15:21 - 00000689 _____ () C:\Users\Public\Desktop\FIFA 14 Nastavení.lnk
2014-01-23 20:25 - 2014-01-23 20:28 - 00000000 ____D () C:\Users\User\Desktop\sved svatba
2014-01-22 20:31 - 2014-01-22 20:31 - 00000000 ____D () C:\ProgramData\Origin
2014-01-15 21:25 - 2014-01-15 21:25 - 00000627 _____ () C:\Users\User\Desktop\gta_sa – zástupce (2).lnk
2014-01-15 21:05 - 2014-01-15 21:08 - 00000000 ____D () C:\Users\User\Desktop\GTA San Andreas
2014-01-13 17:35 - 2014-01-13 17:37 - 00000000 ____D () C:\Users\User\Desktop\Nová složka
2014-01-13 16:58 - 2014-01-13 17:36 - 00000000 ___RD () C:\Users\User\Desktop\nezeř

==================== One Month Modified Files and Folders =======

2014-02-12 15:23 - 2014-02-12 15:23 - 00019770 _____ () C:\Users\User\Desktop\FRST.txt
2014-02-12 15:23 - 2014-02-12 15:23 - 00000000 ____D () C:\FRST
2014-02-12 15:22 - 2014-02-12 15:22 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-02-12 15:20 - 2014-02-12 15:20 - 01139712 _____ (Farbar) C:\Users\User\Desktop\FRST.exe
2014-02-12 15:20 - 2013-05-18 20:25 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{A3E0E9C6-FED9-4F74-92C3-D6023C963BF3}.job
2014-02-12 15:20 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-12 15:20 - 2006-11-02 13:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-12 15:16 - 2012-11-15 18:26 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-12 14:58 - 2012-01-11 19:20 - 00000958 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000UA.job
2014-02-12 14:25 - 2011-12-28 19:19 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-12 14:25 - 2011-12-28 19:19 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-12 13:55 - 2008-11-28 17:51 - 01556770 _____ () C:\Windows\WindowsUpdate.log
2014-02-12 12:56 - 2013-10-20 19:09 - 00000000 ____D () C:\Users\User\AppData\Roaming\Seznam.cz
2014-02-12 12:51 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-12 12:50 - 2006-11-02 14:01 - 00032550 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 12:45 - 2014-02-12 12:37 - 00000000 ____D () C:\AdwCleaner
2014-02-12 12:45 - 2009-11-02 21:21 - 00000000 ____D () C:\ProgramData\ICQ
2014-02-12 12:35 - 2014-02-12 12:35 - 00006348 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-12 12:33 - 2014-02-12 12:33 - 00000000 ____D () C:\Windows\ERUNT
2014-02-12 12:30 - 2014-02-12 12:30 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner.exe
2014-02-12 12:30 - 2014-02-12 12:30 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-02-12 12:14 - 2012-01-10 22:08 - 00000000 ____D () C:\Program Files\trend micro
2014-02-12 11:53 - 2008-12-25 21:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-02-12 11:52 - 2009-01-02 00:52 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2014-02-12 11:12 - 2014-02-12 11:12 - 00448512 _____ (OldTimer Tools) C:\Users\User\Desktop\TFC.exe
2014-02-09 11:09 - 2013-07-16 08:13 - 00000000 ____D () C:\Users\User\Desktop\výběr foto2
2014-02-09 10:52 - 2012-01-11 19:20 - 00000906 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000Core.job
2014-02-07 12:06 - 2009-01-09 17:35 - 00000000 ____D () C:\Users\User\Desktop\hry
2014-02-07 11:25 - 2012-01-09 13:18 - 00000000 ____D () C:\Program Files\EA SPORTS
2014-02-05 20:25 - 2011-10-06 16:01 - 00000000 ____D () C:\Users\User\Desktop\VŠ
2014-02-05 19:16 - 2012-11-15 18:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 19:16 - 2011-07-22 14:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-04 20:48 - 2014-02-04 20:59 - 08881678 _____ () C:\Users\User\Desktop\MŠ.rar
2014-02-04 19:55 - 2012-01-11 19:21 - 00002071 _____ () C:\Users\User\Desktop\Google Chrome.lnk
2014-02-02 15:06 - 2008-01-21 07:47 - 01418466 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 15:04 - 2008-12-25 20:31 - 00059904 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-02 14:56 - 2014-02-02 13:45 - 493532610 _____ () C:\Users\User\Desktop\Unreal Tournament 1999 non-install verze + balik map.rar
2014-01-30 19:42 - 2014-01-30 17:49 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-01-30 19:38 - 2014-01-30 19:38 - 00000000 ____D () C:\data
2014-01-30 19:33 - 2014-01-10 13:14 - 00000000 ____D () C:\Program Files\VideoPlayerV3
2014-01-30 17:49 - 2014-01-30 17:49 - 00000000 ____D () C:\Program Files\MediaPlayerV1
2014-01-30 17:49 - 2006-11-02 12:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-01-29 14:08 - 2013-11-05 10:40 - 00000000 ____D () C:\Users\User\AppData\Local\PokerStars
2014-01-25 15:21 - 2014-01-25 15:21 - 00000742 _____ () C:\Users\Public\Desktop\FIFA 14.lnk
2014-01-25 15:21 - 2014-01-25 15:21 - 00000689 _____ () C:\Users\Public\Desktop\FIFA 14 Nastavení.lnk
2014-01-25 15:12 - 2012-12-13 15:20 - 00000000 ____D () C:\Hry
2014-01-23 20:28 - 2014-01-23 20:25 - 00000000 ____D () C:\Users\User\Desktop\sved svatba
2014-01-22 20:31 - 2014-01-22 20:31 - 00000000 ____D () C:\ProgramData\Origin
2014-01-20 14:46 - 2008-12-26 20:16 - 00138464 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-01-20 14:46 - 2008-12-26 20:16 - 00111928 _____ () C:\Windows\system32\PnkBstrB.exe
2014-01-17 11:22 - 2011-11-01 21:45 - 00000600 _____ () C:\Users\User\AppData\Roaming\winscp.rnd
2014-01-15 21:25 - 2014-01-15 21:25 - 00000627 _____ () C:\Users\User\Desktop\gta_sa – zástupce (2).lnk
2014-01-15 21:08 - 2014-01-15 21:05 - 00000000 ____D () C:\Users\User\Desktop\GTA San Andreas
2014-01-15 16:47 - 2008-09-16 11:51 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 16:46 - 2013-07-20 09:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 16:44 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 11:28 - 2009-07-03 09:54 - 00000000 ____D () C:\Users\User\Desktop\Musik
2014-01-15 10:43 - 2013-11-29 09:21 - 00000000 ____D () C:\Users\User\AppData\Roaming\VMware
2014-01-14 16:28 - 2009-04-23 14:12 - 00000000 ____D () C:\Users\User\AppData\Local\PunkBuster
2014-01-14 16:27 - 2010-11-12 23:09 - 00000000 ____D () C:\Users\User\AppData\Local\Activision
2014-01-14 16:24 - 2008-12-26 20:16 - 00022328 _____ () C:\Users\User\AppData\Roaming\PnkBstrK.sys
2014-01-14 16:23 - 2008-12-26 20:16 - 00682280 _____ () C:\Windows\system32\pbsvc.exe
2014-01-14 16:23 - 2008-12-26 20:16 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-01-14 15:58 - 2009-03-14 15:00 - 00000000 ____D () C:\Program Files\Activision
2014-01-13 17:37 - 2014-01-13 17:35 - 00000000 ____D () C:\Users\User\Desktop\Nová složka
2014-01-13 17:36 - 2014-01-13 16:58 - 00000000 ___RD () C:\Users\User\Desktop\nezeř
2014-01-13 17:01 - 2013-07-16 16:19 - 00000000 ____D () C:\Users\User\Desktop\FOTO-2013

Files to move or delete:
====================
C:\Users\Public\HPPDU.exe
C:\Users\Public\lj1018-HB-pnp-win32-cs.exe


Some content of TEMP:
====================
C:\Users\User\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-12 12:57




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:596.17 GB) (Free:300.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Available physical RAM: 1763.75 MB
Total physical RAM: 3326.12 MB
Percentage of memory in use: 46%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 85B1FBE8)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A3E0E9C6-FED9-4F74-92C3-D6023C963BF3}.job => C:\Windows\system32\msfeedssync.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF

==================== Security Center ==================

AV: avast! Antivirus (Enabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\User\Desktop" je 21507 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
"C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium
"C:\Program Files\QIP Infium\infium.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
"C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"c:\program files\steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\win32
"C:\kernels\drivers.vbs"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Alchemy Elixir.lnk
C:\PROGRA~1\ALCHEM~1\traicon.exe [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
  HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
  HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [216520 2008-12-10] (DT Soft Ltd)
  HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
  HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
  HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-11] (Google Inc.)
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  BHO: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
  BHO: Media Player - {8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f} - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ie\MediaPlayerV1alpha144.dll ()
  ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
  BHO: Webexp Enhanced - {cfb992dc-0a99-466c-81ea-50e0932169cc} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ie\WebexpEnhancedV1alpha1239.dll ()
  
  FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
  FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
  FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-26]
  FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha1239.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff
  FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff [2013-12-27]
  FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha144.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff
  FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff [2014-01-30]
  
  CHR Extension: (Media Player) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdifammfpaloiagdfckgapidcihjbmb [2014-02-12]
  CHR Extension: (BetterSrf) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco [2014-02-12]
  CHR HKLM\...\Chrome\Extension: [jckjoljglhkjjgbimldfhmhepmdlbgik] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ch\WebexpEnhancedV1alpha1239.crx [2013-12-19]
  CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]
  
  2014-02-12 15:22 - 2014-02-12 15:22 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
  2014-02-12 12:35 - 2014-02-12 12:35 - 00006348 _____ () C:\Users\User\Desktop\JRT.txt
  2014-02-12 12:30 - 2014-02-12 12:30 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner.exe
  2014-02-12 12:30 - 2014-02-12 12:30 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
  2014-02-12 11:12 - 2014-02-12 11:12 - 00448512 _____ (OldTimer Tools) C:\Users\User\Desktop\TFC.exe
  C:\Users\Public\HPPDU.exe
  C:\Users\Public\lj1018-HB-pnp-win32-cs.exe
  C:\Program Files\WebexpEnhancedV1
  C:\Program Files\Better-Surf
  C:\Program Files\MediaPlayerV1
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\User_Feed_Synchronization-{A3E0E9C6-FED9-4F74-92C3-D6023C963BF3}.job => C:\Windows\system32\msfeedssync.exe
  
  AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\win32" /f
  
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-02-2014 01
Ran by User at 2014-02-15 12:21:42 Run:1
Running from C:\Users\User\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\daemon.exe [216520 2008-12-10] (DT Soft Ltd)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [cz.seznam.software.autoupdate] - C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [cz.seznam.software.szndesktop] - C:\Users\User\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-576796546-3762636823-207083340-1000\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-11] (Google Inc.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files\Better-Surf\ie\BetterSrf.dll ()
BHO: Media Player - {8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f} - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ie\MediaPlayerV1alpha144.dll ()
ShellExecuteHooks: - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ]
BHO: Webexp Enhanced - {cfb992dc-0a99-466c-81ea-50e0932169cc} - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ie\WebexpEnhancedV1alpha1239.dll ()

FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-26]
FF HKLM\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha1239.net] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff
FF Extension: Webexp Enhanced - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff [2013-12-27]
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha144.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff
FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff [2014-01-30]

CHR Extension: (Media Player) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdifammfpaloiagdfckgapidcihjbmb [2014-02-12]
CHR Extension: (BetterSrf) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco [2014-02-12]
CHR HKLM\...\Chrome\Extension: [jckjoljglhkjjgbimldfhmhepmdlbgik] - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ch\WebexpEnhancedV1alpha1239.crx [2013-12-19]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]

2014-02-12 15:22 - 2014-02-12 15:22 - 00112640 _____ (forum.viry.cz) C:\Users\User\Desktop\FRSTLauncher.exe
2014-02-12 12:35 - 2014-02-12 12:35 - 00006348 _____ () C:\Users\User\Desktop\JRT.txt
2014-02-12 12:30 - 2014-02-12 12:30 - 01166132 _____ () C:\Users\User\Desktop\adwcleaner.exe
2014-02-12 12:30 - 2014-02-12 12:30 - 01037530 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-02-12 11:12 - 2014-02-12 11:12 - 00448512 _____ (OldTimer Tools) C:\Users\User\Desktop\TFC.exe
C:\Users\Public\HPPDU.exe
C:\Users\Public\lj1018-HB-pnp-win32-cs.exe
C:\Program Files\WebexpEnhancedV1
C:\Program Files\Better-Surf
C:\Program Files\MediaPlayerV1

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A3E0E9C6-FED9-4F74-92C3-D6023C963BF3}.job => C:\Windows\system32\msfeedssync.exe

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\win32" /f

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RTHDVCPL => Value deleted successfully.
HKU\S-1-5-21-576796546-3762636823-207083340-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-576796546-3762636823-207083340-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ehTray.exe => Value deleted successfully.
HKU\S-1-5-21-576796546-3762636823-207083340-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKU\S-1-5-21-576796546-3762636823-207083340-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKU\S-1-5-21-576796546-3762636823-207083340-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG => Value deleted successfully.
HKU\S-1-5-21-576796546-3762636823-207083340-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} => Key deleted successfully.
HKCR\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f} => Key deleted successfully.
HKCR\CLSID\{8370aa1c-21e3-42b8-a7e3-1b2c70fa8e9f} => Key deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} => Value deleted successfully.
HKCR\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfb992dc-0a99-466c-81ea-50e0932169cc} => Key deleted successfully.
HKCR\CLSID\{cfb992dc-0a99-466c-81ea-50e0932169cc} => Key deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\xz123@ya456.com => Value deleted successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\12x3q@3244516.com => Value deleted successfully.
C:\Program Files\Better-Surf\ff => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha1239.net => Value deleted successfully.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ff => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\ext@MediaPlayerV1alpha144.net => Value deleted successfully.
C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha144\ff => Moved successfully.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijdifammfpaloiagdfckgapidcihjbmb => Moved successfully.
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\jckjoljglhkjjgbimldfhmhepmdlbgik => Key deleted successfully.
C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha1239\ch\WebexpEnhancedV1alpha1239.crx => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco => Key deleted successfully.
C:\Program Files\Better-Surf\ch\Chrome.crx => Moved successfully.
"C:\Users\User\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Users\User\Desktop\JRT.txt => Moved successfully.
C:\Users\User\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\User\Desktop\JRT.exe => Moved successfully.
C:\Users\User\Desktop\TFC.exe => Moved successfully.
C:\Users\Public\HPPDU.exe => Moved successfully.
C:\Users\Public\lj1018-HB-pnp-win32-cs.exe => Moved successfully.
C:\Program Files\WebexpEnhancedV1 => Moved successfully.
C:\Program Files\Better-Surf => Moved successfully.
C:\Program Files\MediaPlayerV1 => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-576796546-3762636823-207083340-1000UA.job => Moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{A3E0E9C6-FED9-4F74-92C3-D6023C963BF3}.job => Moved successfully.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\win32" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse