VIRY.CZ

Moc děkuji:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2014 01
Ran by Zdeněk (administrator) on ZDPOK on 08-03-2014 16:45:55
Running from C:\Users\Zdeněk\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
() C:\Windows\System32\AsusService.exe
() C:\Program Files\asus\AsusUac\AsusUacSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
() C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\windows\system32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Bandoo Media Inc.) C:\Program Files\Movies Toolbar\Datamngr\DatamngrUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
() C:\Program Files\ASUS\Eee Docking Touch\Eee Docking Touch.exe
(ASUS) C:\Windows\AsScrPro.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(GBM Software) C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Barracuda Networks, Inc.) C:\Users\Zdeněk\AppData\Roaming\Copy\CopyAgent.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Zdeněk\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(LS) C:\Program Files\MultiClipBoard\MultiClipBoard.exe
() C:\Program Files\My Sync Center\bin\sync_server.exe
(Dropbox, Inc.) C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\GmoteServer\GmoteServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\javaw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\windows\system32\wuauclt.exe
(forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyMon] - C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] - C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1166256 2010-03-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] - C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [UfSeAgnt.exe] - C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [1024368 2010-02-23] (Trend Micro Inc.)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [LiveUpdate] - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [SynAsusAcpi] - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [Eee Docking Touch] - C:\Program Files\ASUS\Eee Docking Touch\Eee Docking Touch.exe [414896 2010-02-09] ()
HKLM\...\Run: [Tutorial] - C:\Program Files\ASUS\Demo Tutorial Video\Demo Tutorial Video.exe [241328 2009-12-10] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2010-03-07] (ASUS)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor)
HKLM\...\Run: [PenWrite] - C:\Program Files\ASUS\PenWrite\PenWrite.exe [543920 2010-02-08] ()
HKLM\...\Run: [ASUSPRP] - C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-03-07] (ASUSTek Computer Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [DATAMNGR] - C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~2.EXE
HKU\.DEFAULT\...\Run: [Copy] - C:\Users\Zdeněk\AppData\Roaming\Copy\CopyAgent.exe [13473936 2014-02-07] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [GRemoteServer Pro] - C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe [2310368 2010-05-04] (GBM Software)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [ShowBatteryBar] - C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [Copy] - C:\Users\Zdeněk\AppData\Roaming\Copy\CopyAgent.exe [13473936 2014-02-07] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [Google Update] - C:\Users\Zdeněk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-05] (Google Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [MusicManager] - C:\Users\Zdeněk\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7342592 2013-09-23] (Google Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {3dec8514-648a-11e1-ae36-20cf300a2ebe} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {415e84c0-edd3-11df-90a6-806e6f6e6963} - E:\start.exe ar
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {e90aad40-1bc4-11e1-91d7-1c4bd617b5af} - F:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-04-09] ()
AppInit_DLLs: C:\PROGRA~1\MOVIES~1\Datamngr\mgrldr.dll => C:\Program Files\Movies Toolbar\Datamngr\mgrldr.dll [18432 2013-09-17] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
Startup: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk
ShortcutTarget: GmoteServer.lnk -> C:\Program Files\GmoteServer\GmoteServer.exe ()
Startup: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll [485376 2013-09-17] () <===== ATTENTION
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A& ... 01-111&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
URLSearchHook: HKLM - free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
URLSearchHook: HKCU - free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM - {1645A33F-0A96-4315-904E-29E188E7720E} URL = http://startsear.ch/?q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1098640
SearchScopes: HKCU - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gc ... earchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1098640
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = http://slirsredirect.search.aol.com/sli ... 0winampie7
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
BHO: CIEDownload Object - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
Toolbar: HKLM - free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
Toolbar: HKLM - Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - free-downloads.net Toolbar - {ECDEE021-0D17-467F-A1FF-C7A115230949} - C:\Program Files\free-downloads.net\tbfree.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 46.252.224.18 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 01-111&t=4
FF Keyword.URL: hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=484&systemid=406&v=a9301-111&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=8729420243354329&o=APN10645&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=1.1.11 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Zdeněk\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Zdeněk\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\abz-slovnik-ceskych-synonym.xml
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\korpuscz.xml
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Zotero - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\zotero@chnm.gmu.edu [2012-12-23]
FF Extension: Winamp Toolbar - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2010-10-16]
FF Extension: Ask New Tabs - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348} [2014-03-08]
FF Extension: Search-Results Toolbar - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} [2013-04-07]
FF Extension: Sugestron Speed Dial - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\sugestron@example.net.xpi [2011-04-24]
FF Extension: Vlc Kontextmenü - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\vlcplaylist@helgatauscher.de.xpi [2012-01-19]
FF Extension: Yoono - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}.xpi [2011-04-30]
FF Extension: SMART Notebook Extension - C:\Program Files\Mozilla Firefox\extensions\{D6D05E6F-D5C1-4e03-8E33-73F92B05E262} [2014-02-27]
FF Extension: vShare Add-On - C:\Program Files\Mozilla Firefox\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2014-02-27]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-21]

Chrome:
=======
CHR HomePage:
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-11]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-09]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-09-08]
CHR Extension: (Torch Share) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof [2013-09-01]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-09-08]
CHR Extension: (Peněženka Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR HKLM\...\Chrome\Extension: [edcbaedcbaedcbaedcbaedcbaedcbajk] - C:\Program Files\vShare.tv plugin\vshareplg.crx [2011-03-20]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-10-21]
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Zdeněk\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-04-07]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-05]

========================== Services (Whitelisted) =================

R2 AsusService; C:\Windows\System32\AsusService.exe [224680 2010-03-04] ()
R2 AsusUacSvc; C:\Program Files\asus\AsusUac\AsusUacSvc.exe [114864 2009-11-16] ()
R2 DatamngrCoordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3418624 2013-09-17] (Bandoo Media Inc.)
R2 OberonGameConsoleService; C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [75064 2010-10-22] ()
R2 SfCtlCom; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [736040 2010-10-09] (Trend Micro Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S3 TMBMServer; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [345352 2010-01-06] (Trend Micro Inc.)
S3 TmPfw; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [497008 2010-01-06] (Trend Micro Inc.)
S3 TmProxy; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [689416 2010-01-06] (Trend Micro Inc.)

==================== Drivers (Whitelisted) ====================

R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] ()
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 GRemoteBus; C:\windows\System32\DRIVERS\GRemoteBus.sys [23368 2009-08-05] (GBM Software)
R3 GRemoteJoy; C:\windows\System32\DRIVERS\GRemoteJoy.sys [39112 2009-08-05] (GBM Software)
S3 JL2005C; C:\windows\System32\Drivers\jl2005c.sys [69180 2011-01-17] (Windows (R) 2000 DDK provider)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R0 nhcDriverDevice; C:\windows\System32\drivers\nhcDriver.sys [71680 2011-01-07] (Notebook Hardware Control)
S3 Rockusb; C:\windows\System32\DRIVERS\rockusb.sys [45040 2012-08-20] (Fuzhou Rockchip Electronics Co,Ltd.)
R3 SMARTMouseFilterx86; C:\windows\System32\DRIVERS\SMARTMouseFilterx86.sys [11048 2009-12-15] (SMART Technologies ULC)
R3 SMARTVHidMini2000x86; C:\windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [14120 2009-12-15] (SMART Technologies ULC)
R3 SMARTVTabletPCx86; C:\windows\System32\DRIVERS\SMARTVTabletPCx86.sys [13440 2009-12-15] (SMART Technologies ULC)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2010-10-15] ()
S3 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [59472 2010-07-19] (Trend Micro Inc.)
R2 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [163408 2010-07-19] (Trend Micro Inc.)
S3 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [51792 2010-07-19] (Trend Micro Inc.)
S3 tmlwf; C:\windows\System32\DRIVERS\tmlwf.sys [146448 2010-01-06] (Trend Micro Inc.)
R2 tmpreflt; C:\windows\System32\DRIVERS\tmpreflt.sys [36432 2010-07-30] (Trend Micro Inc.)
R1 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [89872 2010-01-06] (Trend Micro Inc.)
S3 tmwfp; C:\windows\System32\DRIVERS\tmwfp.sys [283152 2010-01-06] (Trend Micro Inc.)
R2 tmxpflt; C:\windows\System32\DRIVERS\tmxpflt.sys [249424 2010-07-30] (Trend Micro Inc.)
R3 usbsmi; C:\windows\System32\DRIVERS\SMIksdrv.sys [181760 2009-12-25] (SMI)
R2 vsapint; C:\windows\System32\DRIVERS\vsapint.sys [1331512 2010-07-30] (Trend Micro Inc.)
S3 wdf_usb; C:\windows\System32\drivers\usb2ser.sys [56832 2011-05-18] (MediaTek Inc.)
U3 ary4kr4i; C:\windows\system32\Drivers\ary4kr4i.sys [0 ] (Elaborate Bytes AG)
S3 cpuz132; \??\C:\Users\ZDENK~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-08 16:45 - 2014-03-08 16:49 - 00028173 _____ () C:\Users\Zdeněk\Desktop\FRST.txt
2014-03-08 16:45 - 2014-03-08 16:45 - 00000000 ____D () C:\FRST
2014-03-08 16:43 - 2014-03-08 16:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2014-03-08 16:34 - 2014-03-08 16:34 - 1582512036 _____ () C:\Users\Zdeněk\Downloads\pinavý trik (American Hustle, 2013) CZ tit.avi
2014-03-08 14:19 - 2014-03-08 14:19 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Speclean
2014-03-08 14:16 - 2014-03-08 14:17 - 01145344 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2014-03-08 13:59 - 2014-03-08 15:12 - 782848000 _____ () C:\Users\Zdeněk\Downloads\Lovelace - Pravdivá spoveď kráľovnej porna (Lovelace) (2013) CZ.avi
2014-03-08 13:43 - 2014-03-08 13:46 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe
2014-03-08 13:42 - 2014-03-08 13:45 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe
2014-03-08 13:40 - 2014-03-08 13:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-01 15:57 - 2014-03-01 18:28 - 1863655424 _____ () C:\Users\Zdeněk\Downloads\Rush - Rivalové(2013)CZ.avi
2014-02-27 22:20 - 2014-02-27 22:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 17:57 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-14 16:20 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-14 16:20 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-14 16:20 - 2014-02-01 08:58 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-14 16:20 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-14 16:20 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-14 16:20 - 2014-02-01 07:38 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-13 17:57 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-13 17:57 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-13 17:57 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-13 17:56 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-13 17:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-13 17:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-13 17:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-13 17:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-13 17:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-13 17:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-08 08:45 - 2014-02-08 08:45 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Gravitace-2013-cz-dab.AVI
2014-02-06 17:30 - 2012-05-02 19:28 - 02933248 _____ () C:\Users\Zdeněk\Downloads\Kulturni_instituce.ppt

==================== One Month Modified Files and Folders =======

2014-03-08 16:49 - 2014-03-08 16:45 - 00028173 _____ () C:\Users\Zdeněk\Desktop\FRST.txt
2014-03-08 16:49 - 2013-09-20 13:41 - 00000000 ____D () C:\ProgramData\Datamngr
2014-03-08 16:47 - 2009-07-14 05:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-08 16:47 - 2009-07-14 05:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-08 16:46 - 2010-10-13 05:31 - 01217895 _____ () C:\windows\WindowsUpdate.log
2014-03-08 16:45 - 2014-03-08 16:45 - 00000000 ____D () C:\FRST
2014-03-08 16:43 - 2014-03-08 16:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2014-03-08 16:42 - 2011-09-25 12:45 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Dropbox
2014-03-08 16:41 - 2012-06-01 11:24 - 00000000 ___RD () C:\Users\Zdeněk\Google Drive
2014-03-08 16:41 - 2011-12-31 09:09 - 00064693 _____ () C:\Users\Zdeněk\.mysync.log
2014-03-08 16:41 - 2011-10-19 18:44 - 01406464 ___SH () C:\Users\Zdeněk\Downloads\Thumbs.db
2014-03-08 16:41 - 2011-09-25 12:50 - 00000000 ___RD () C:\Users\Zdeněk\Dropbox
2014-03-08 16:40 - 2013-08-04 07:29 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Copy
2014-03-08 16:38 - 2014-01-08 19:36 - 00006965 _____ () C:\windows\setupact.log
2014-03-08 16:38 - 2011-08-08 12:00 - 00000374 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-03-08 16:38 - 2010-10-21 12:43 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 16:38 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-08 16:37 - 2014-01-08 19:36 - 00069704 _____ () C:\windows\PFRO.log
2014-03-08 16:37 - 2012-05-31 10:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-08 16:35 - 2012-07-10 19:04 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 16:34 - 2014-03-08 16:34 - 1582512036 _____ () C:\Users\Zdeněk\Downloads\pinavý trik (American Hustle, 2013) CZ tit.avi
2014-03-08 16:10 - 2010-10-21 12:43 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-08 15:58 - 2013-10-05 10:20 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job
2014-03-08 15:12 - 2014-03-08 13:59 - 782848000 _____ () C:\Users\Zdeněk\Downloads\Lovelace - Pravdivá spoveď kráľovnej porna (Lovelace) (2013) CZ.avi
2014-03-08 14:37 - 2013-10-05 10:20 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job
2014-03-08 14:19 - 2014-03-08 14:19 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Speclean
2014-03-08 14:17 - 2014-03-08 14:16 - 01145344 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2014-03-08 13:46 - 2014-03-08 13:43 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe
2014-03-08 13:45 - 2014-03-08 13:42 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe
2014-03-08 13:42 - 2010-03-07 02:29 - 00000000 ____D () C:\ProgramData\Skype
2014-03-08 13:40 - 2014-03-08 13:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-08 13:40 - 2010-03-07 02:30 - 00000000 ___RD () C:\Program Files\Skype
2014-03-08 13:37 - 2014-01-04 20:15 - 00107978 _____ () C:\windows\IE11_main.log
2014-03-06 18:54 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-03-06 18:20 - 2010-03-07 02:01 - 01568800 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-04 17:40 - 2013-09-01 13:01 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-01 18:39 - 2012-01-19 18:44 - 00000000 ____D () C:\Users\Zdeněk\.smplayer
2014-03-01 18:28 - 2014-03-01 15:57 - 1863655424 _____ () C:\Users\Zdeněk\Downloads\Rush - Rivalové(2013)CZ.avi
2014-02-27 22:21 - 2014-02-27 22:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-22 18:45 - 2013-01-17 18:43 - 00002004 ____H () C:\Users\Zdeněk\Documents\Default.rdp
2014-02-22 16:38 - 2010-10-28 08:50 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\dvdcss
2014-02-21 15:35 - 2012-07-10 19:04 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-02-21 15:35 - 2011-06-29 16:28 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-16 14:45 - 2012-12-25 10:57 - 00092672 ___SH () C:\Users\Zdeněk\Thumbs.db
2014-02-14 18:35 - 2009-07-26 22:40 - 00000000 ____D () C:\windows\panther
2014-02-14 18:13 - 2010-03-07 02:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-14 17:33 - 2013-09-13 18:16 - 00000000 ____D () C:\windows\system32\MRT
2014-02-14 17:15 - 2010-10-25 16:42 - 85946576 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-14 16:56 - 2009-07-14 03:04 - 00000507 _____ () C:\windows\win.ini
2014-02-09 17:08 - 2010-10-12 14:06 - 00000000 ____D () C:\Users\Zdeněk\AppData\Local\Mozilla
2014-02-08 08:45 - 2014-02-08 08:45 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Gravitace-2013-cz-dab.AVI
2014-02-08 08:33 - 2010-10-14 17:11 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Winamp

Files to move or delete:
====================
C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll
C:\Users\Zdeněk\ChromeSetup.exe


Some content of TEMP:
====================
C:\Users\Zdeněk\AppData\Local\Temp\atl80.dll
C:\Users\Zdeněk\AppData\Local\Temp\mfc80.dll
C:\Users\Zdeněk\AppData\Local\Temp\mfc80u.dll
C:\Users\Zdeněk\AppData\Local\Temp\mfcm80.dll
C:\Users\Zdeněk\AppData\Local\Temp\mfcm80u.dll
C:\Users\Zdeněk\AppData\Local\Temp\msvcm80.dll
C:\Users\Zdeněk\AppData\Local\Temp\msvcp80.dll
C:\Users\Zdeněk\AppData\Local\Temp\msvcr80.dll
C:\Users\Zdeněk\AppData\Local\Temp\TmDbg32.dll


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Trend Micro Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: Trend Micro Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall (Disabled) {70A91CD9-303D-A217-A80E-6DEE136EDB2B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zden�k\Desktop" je 718 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LivCam
"C:\Program Files\ASUS\LivCam\LivCam.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART Board Service
C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART SNMP Agent
C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files\Winamp\winampa.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
%windir%\WindowsMobile\wmdc.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSync
"C:\Program Files\Windows Live\Mesh\WLSync.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SMART Board Tools.lnk
C:\PROGRA~1\SMARTT~1\SMARTP~1\SMARTB~2.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zden�k^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE /tsr [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\River Past\\Audio Converter\\AudioConverter.exe"="C:\\Program Files\\River Past\\Audio Converter\\AudioConverter.exe:*:Enabled:River Past Audio Converter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x86
Ran by ZdenŘk on so 08.03.2014 at 18:08:13,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{377e5d4d-77e5-476a-8716-7e70a9272da0}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\torch
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\torch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\searchquiehelper.dnsguard.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividmediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividmediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\torchsetupfull_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\search results toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1098640
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{1645A33F-0A96-4315-904E-29E188E7720E}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377e5d4d-77e5-476a-8716-7e70a9272da0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{377e5d4d-77e5-476a-8716-7e70a9272da0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377e5d4d-77e5-476a-8716-7e70a9272da0}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\ZdenŘk\appdata\local\free-downloads.net"
Failed to delete: [Folder] "C:\Users\ZdenŘk\appdata\local\ilivid"
Successfully deleted: [Folder] "C:\Users\ZdenŘk\appdata\local\opencandy"
Successfully deleted: [Folder] "C:\Users\ZdenŘk\appdata\local\torch"
Successfully deleted: [Folder] "C:\Users\ZdenŘk\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\ZdenŘk\appdata\locallow\free-downloads.net"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\free-downloads.net"
Successfully deleted: [Folder] "C:\Program Files\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files\search results toolbar"
Successfully deleted: [Folder] "C:\Program Files\vshare.tv plugin"
Successfully deleted: [Folder] "C:\windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{04FEFC6D-F77D-4194-BFFB-D5F57110B3CE}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{05AC4DE1-2416-4014-BB1B-C34599804577}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{0838904A-8370-456F-8EA8-3CB337F4A518}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{097A022B-333B-4C2B-ADDD-F070747B650D}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{0B2BDC80-9F16-4364-A277-BD760FE5A78C}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{0E50E03D-3388-4359-8AF6-27B1FC8B7B22}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{1186EB61-D600-4B5C-A5AB-789A8623719A}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{11C60655-C1DF-4A7F-BF81-B2EC4B03C0F4}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{12393653-73DD-4A52-8985-0126CA8E956F}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{139FE721-8960-4E01-9B9A-F093FC2BFDE8}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{1C3E6832-DC47-4D79-BABF-35D52C087D0C}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{1CDF42E6-8D72-4CC9-A6C9-EE6F806349CA}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{22E73010-530F-4455-B6FE-27366958F23E}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{25D8C130-89C7-4CDB-BA57-6E8824A7391C}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{2A2D17DF-4799-44BE-A151-6504F03B033C}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{2B63DB74-2A10-4745-B4C6-B516D28F5D6A}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{30EA4032-1117-43B0-98F0-AA1F4A126B20}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{31FF8346-7581-45B0-AAB9-73A6CF43602B}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{329B82DE-62B7-4FF9-BA2C-6201D6194C6E}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{3587A7CB-95C8-4556-B100-CC16E71D9202}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{37116CAE-FD3F-4E62-BD5B-504283FCD82A}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{378D14DA-0CCC-47A4-A85B-63FB2B24ACC9}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{3D0088C2-F4DA-4BF1-B4BB-5294F9702069}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{3F524DC1-659B-4E3C-8E2E-11EE9FEA4534}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{4C05829C-9785-4B0F-A8C8-7E7C42AE6D82}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{52C08C07-95B6-4D5F-B25B-C52A3EF947DB}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{538C7AE6-110C-4231-9CA2-FBD215786BB2}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{61FD4CC2-8F94-4F71-848F-4CB79C2E79EC}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{61FE56EA-F13A-4A35-AE09-7590320A6B12}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{626E4F82-C118-4A85-B2A9-91DC9D293601}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{63759CAA-5BC8-4780-AA34-F8E7318D9B8A}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{71487704-DC4E-4D31-9B39-3AA3503C514B}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{75F8A950-D9B8-477E-8C9E-2073E3E9A167}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{79E331F5-7358-4CF2-BCA6-75FA87A695EE}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{7E79401A-EC9F-4133-B15D-A4C4A55A0143}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{7F71ED89-BEA5-4A37-94B3-D745DCE4A73B}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{87BCCE79-31E1-4BCC-9C0B-D72E92196A8D}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{89FC3ED1-CAED-4A48-8F61-E51D397EEB61}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{8F6866F5-FED2-4937-9EEE-4375E67EEAAA}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{9012510A-37F4-4140-A567-FA43627D8BEB}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{907BAF36-9F4E-4E96-A954-FFC8007049F2}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{961E24AE-9CFB-41B4-8F68-A13B5534A58B}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{A0C12380-317E-4354-BB80-A9C139F38470}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{A47E01EC-89F5-42E0-8ABA-E05F54316D25}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{A591AF70-C42E-440D-8F47-B920B7208C81}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{AEAE54A2-2993-4CF7-B242-DE04C4E3F378}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{B4D99C2A-55E0-41B7-8B01-6994B4C04A73}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{B85DF4F5-A26D-4959-8903-D70F3DE203B6}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{B959C054-5D3F-4887-9685-F1A970E7E5AF}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{B9F53C94-4DC5-41A1-8D8A-7E68A5E4FA6D}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{BEEAE243-BB51-4D61-9638-3A8E091460A7}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{C0631B23-F76E-4648-BA86-A9BD72590220}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{C0DE1968-D623-4D88-B3C3-DB69FD5F0F1B}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{C33F3540-6450-454B-A945-84127890CA7C}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{CDD988C1-7FAE-44A2-ABF2-FA759AA20BCA}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{CFBA0F77-A6B9-4082-86A6-2BA367B975EE}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{D6D6A78D-B129-4747-9C8C-66EF0A40539E}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{DB1D47A0-2E41-4F86-9808-ABD2DC04DB0C}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{DE4CFEC5-DD4D-44F1-9FA5-DD7ADCFB8FD9}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{DFD123BD-BA23-4E0F-AD47-957EB9A551AC}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{DFD9125F-FD36-439F-88BC-C0749FE12BE2}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{E5BA5C47-6E31-4909-8320-7C18A5131F3B}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{E982C390-92D4-49F9-A06A-7A5D72F95659}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{EA65C548-0BFE-4065-A6EA-B117466A42D9}
Successfully deleted: [Empty Folder] C:\Users\ZdenŘk\appdata\local\{EE1D493E-31D8-440B-B596-810346866B45}



~~~ FireFox

Successfully deleted: [File] C:\Users\ZdenŘk\AppData\Roaming\mozilla\firefox\profiles\axn0sq43.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Users\ZdenŘk\AppData\Roaming\mozilla\firefox\profiles\axn0sq43.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\ZdenŘk\AppData\Roaming\mozilla\firefox\profiles\axn0sq43.default\searchplugins\search_results.xml
Successfully deleted: [File] C:\Users\ZdenŘk\AppData\Roaming\mozilla\firefox\profiles\axn0sq43.default\searchplugins\startsear.xml
Failed to delete: [Folder] "C:\Program Files\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Successfully deleted the following from C:\Users\ZdenŘk\AppData\Roaming\mozilla\firefox\profiles\axn0sq43.default\prefs.js

user_pref("CT1098640.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT1098640.CTID", "CT1098640");
user_pref("CT1098640.CommunitiesChangesLastCheckTime", "Fri Oct 15 2010 19:12:11 GMT+0200");
user_pref("CT1098640.CommunityChanged", true);
user_pref("CT1098640.CurrentServerDate", "15-10-2010");
user_pref("CT1098640.DialogsAlignMode", "LTR");
user_pref("CT1098640.DownloadDomainsCheckInterval", "168");
user_pref("CT1098640.DownloadDomainsListLastCheckTime", "Fri Oct 15 2010 19:12:11 GMT+0200");
user_pref("CT1098640.DownloadDomainsListLastServerUpdateTime", "1201073583");
user_pref("CT1098640.FeedLastCount128295885701037994", 0);
user_pref("CT1098640.FeedPollDate128295885701037994", "Fri Oct 15 2010 19:12:19 GMT+0200");
user_pref("CT1098640.FirstServerDate", "15-10-2010");
user_pref("CT1098640.FirstTime", true);
user_pref("CT1098640.FirstTimeFF3", true);
user_pref("CT1098640.FixPageNotFoundErrors", true);
user_pref("CT1098640.GroupingServerCheckInterval", 1440);
user_pref("CT1098640.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT1098640.Initialize", true);
user_pref("CT1098640.InitializeCommonPrefs", true);
user_pref("CT1098640.InstalledDate", "Fri Oct 15 2010 19:12:11 GMT+0200");
user_pref("CT1098640.InvalidateCache", false);
user_pref("CT1098640.IsGrouping", false);
user_pref("CT1098640.IsMulticommunity", true);
user_pref("CT1098640.IsOpenThankYouPage", false);
user_pref("CT1098640.IsOpenUninstallPage", true);
user_pref("CT1098640.LanguagePackLastCheckTime", "Fri Oct 15 2010 19:12:19 GMT+0200");
user_pref("CT1098640.LanguagePackReloadIntervalMM", 1440);
user_pref("CT1098640.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT1098640.LastLogin_2.5.6.0", "Fri Oct 15 2010 19:12:13 GMT+0200");
user_pref("CT1098640.LatestVersion", "2.7.2.0");
user_pref("CT1098640.Locale", "en-us");
user_pref("CT1098640.LoginCache", 4);
user_pref("CT1098640.MCDetectTooltipHeight", "83");
user_pref("CT1098640.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT1098640.MCDetectTooltipWidth", "295");
user_pref("CT1098640.RadioIsPodcast", false);
user_pref("CT1098640.RadioLastCheckTime", "Fri Oct 15 2010 19:12:21 GMT+0200");
user_pref("CT1098640.RadioLastUpdateIPServer", "0");
user_pref("CT1098640.RadioLastUpdateServer", "128929877726170000");
user_pref("CT1098640.RadioMediaID", "4817804");
user_pref("CT1098640.RadioMediaType", "Media Player");
user_pref("CT1098640.RadioMenuSelectedID", "EBRadioMenu_CT10986404817804");
user_pref("CT1098640.RadioStationName", "Adult%20Alternative");
user_pref("CT1098640.RadioStationURL", "hxxp://syndication.choiceradio.com/asxplay/asx-music/406.asx");
user_pref("CT1098640.SHRINK_TOOLBAR", 1);
user_pref("CT1098640.SavedHomepage", "hxxp://www.seznam.cz/");
user_pref("CT1098640.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1098640&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT1098640.SearchFromAddressBarIsInit", true);
user_pref("CT1098640.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&q=");
user_pref("CT1098640.SearchInNewTabEnabled", true);
user_pref("CT1098640.SearchInNewTabIntervalMM", 1440);
user_pref("CT1098640.SearchInNewTabLastCheckTime", "Fri Oct 15 2010 19:12:18 GMT+0200");
user_pref("CT1098640.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT1098640.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT1098640.SettingsCheckIntervalMin", 120);
user_pref("CT1098640.SettingsLastCheckTime", "Fri Oct 15 2010 19:12:07 GMT+0200");
user_pref("CT1098640.SettingsLastUpdate", "1285580322");
user_pref("CT1098640.ThirdPartyComponentsInterval", 504);
user_pref("CT1098640.ThirdPartyComponentsLastCheck", "Fri Oct 15 2010 19:12:06 GMT+0200");
user_pref("CT1098640.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT1098640.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&so ... sealid=112");
user_pref("CT1098640.UserID", "UN11271115066737179");
user_pref("CT1098640.WeatherNetwork", "");
user_pref("CT1098640.WeatherPollDate", "Fri Oct 15 2010 19:12:21 GMT+0200");
user_pref("CT1098640.WeatherUnit", "C");
user_pref("CT1098640.clientLogIsEnabled", true);
user_pref("CT1098640.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT1098640.myStuffEnabled", true);
user_pref("CT1098640.myStuffPublihserMinWidth", 400);
user_pref("CT1098640.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT1098640.myStuffServiceIntervalMM", 1440);
user_pref("CT1098640.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT1098640.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
user_pref("CommunityToolbar.ToolbarsList", "CT1098640");
user_pref("CommunityToolbar.ToolbarsList2", "CT1098640");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Oct 15 2010 19:12:22 GMT+0200");
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1098640");
user_pref("browser.search.defaultengine", "hxxp://startsear.ch/?q=");
user_pref("browser.search.defaultthis.engineName", "free-downloads.net Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1098640&SearchSource=3&q={searchTerms}");
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 01-111&t=4");
user_pref("extensions.sugestron.homepage", "hxxp://www.searchnu.com/406");
user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=484&systemid=406&v=a9301-111&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=8729420243354329&o=APN10645&q=")
Emptied folder: C:\Users\ZdenŘk\AppData\Roaming\mozilla\firefox\profiles\axn0sq43.default\minidumps [34 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\ZdenŘk\appdata\local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 08.03.2014 at 18:46:06,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.020 - Report created 08/03/2014 at 18:55:57
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Zdeněk - ZDPOK
# Running from : C:\Users\Zdeněk\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : DatamngrCoordinator

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\Users\Zdeněk\AppData\Local\iLivid
Folder Deleted : C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Conduit
Folder Deleted : C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
Folder Deleted : C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}
File Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.EasyHideBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.Localizer.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighter.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.NameHighlighterStatistics.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SkypeIEHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.SNameProxy.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{937936AF-28CA-4973-B8AE-F250406149A2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39DB9FB7-0D2F-4BD6-972A-30F6C99C7090}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{937936AF-28CA-4973-B8AE-F250406149A2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ECDEE021-0D17-467F-A1FF-C7A115230949}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{39DB9FB7-0D2F-4BD6-972A-30F6C99C7090}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{ECDEE021-0D17-467F-A1FF-C7A115230949}]
Key Deleted : HKCU\Software\caphyon
Key Deleted : HKCU\Software\Speedchecker Limited
Key Deleted : HKCU\Software\free-downloads.net
Key Deleted : HKCU\Software\AppDataLow\Software\free-downloads.net
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\free-downloads.net
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\free-downloads.net Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

-\\ Google Chrome v33.0.1750.146

[ File : C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7403 octets] - [08/03/2014 18:51:58]
AdwCleaner[S0].txt - [7332 octets] - [08/03/2014 18:55:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7392 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by ZdenŘk on so 08.03.2014 at 20:20:53,56.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ZDENK~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.3.2014 20:24:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default\prefs.js:

Added to C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.03.2014_2113_.backup

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.03.2014_2113_.backup

==== Deleting Files \ Folders ======================

C:\Users\ZDENK~1\Desktop\Nová složka (2)\flashování\iLividSetup.exe not found
C:\Program Files\FoxTabVideoConverter deleted
C:\Users\ZDENK~1\AppData\LocalLow\ilividtoolbargaw deleted
C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\ilividtoolbargaw deleted
C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\CT1098640 deleted
C:\Users\ZDENK~1\Desktop\Youtube.lnk deleted
C:\Users\ZDENK~1\ChromeSetup.exe deleted
"C:\Users\ZDENK~1\AppData\Local\{A3B967F4-A72B-499D-9F5B-6679EC1FA752}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [21.10.2010 15:45]

==== Firefox Extensions ======================

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default
- Undetermined - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\extensions\zotero@chnm.gmu.edu
- Undetermined - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348}
- Zotero - %ProfilePath%\extensions\zotero@chnm.gmu.edu
- Ask New Tabs - %ProfilePath%\extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348}
- Sugestron Speed Dial - %ProfilePath%\extensions\sugestron@example.net.xpi
- Vlc context menu - %ProfilePath%\extensions\vlcplaylist@helgatauscher.de.xpi
- Yoono - %ProfilePath%\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}.xpi

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default
- Zotero LibreOffice Integration - C:\Program Files\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org
- Zotero Word for Windows Integration - C:\Program Files\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org

AppDir: C:\Program Files\Mozilla Firefox
- vShare Add-On - %AppDir%\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
edcbaedcbaedcbaedcbaedcbaedcbajk - C:\Program Files\vShare.tv plugin\vshareplg.crx[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[21.10.2010 15:45]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[05.09.2013 19:31]

RealPlayer HTML5Video Downloader Extension - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

==== Chrome Fix ======================

C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\edcbaedcbaedcbaedcbaedcbaedcbajk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8FF90DB8-6DED-44A3-B182-244FEC09012F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8BD09FF8DED63A441B2842F4CE9010F2 deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\ZDENK~1\AppData\Local\Mozilla\Firefox\Profiles\axn0sq43.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=13 9291022 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ZDENK~1\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\TEMP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 08.03.2014 at 21:30:39,20 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by ZdenŘk on so 08.03.2014 at 20:20:53,56.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ZDENK~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.3.2014 20:24:00 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default\prefs.js:

Added to C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.03.2014_2113_.backup

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_08.03.2014_2113_.backup

==== Deleting Files \ Folders ======================

C:\Users\ZDENK~1\Desktop\Nová složka (2)\flashování\iLividSetup.exe not found
C:\Program Files\FoxTabVideoConverter deleted
C:\Users\ZDENK~1\AppData\LocalLow\ilividtoolbargaw deleted
C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\ilividtoolbargaw deleted
C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\CT1098640 deleted
C:\Users\ZDENK~1\Desktop\Youtube.lnk deleted
C:\Users\ZDENK~1\ChromeSetup.exe deleted
"C:\Users\ZDENK~1\AppData\Local\{A3B967F4-A72B-499D-9F5B-6679EC1FA752}" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [21.10.2010 15:45]

==== Firefox Extensions ======================

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default
- Undetermined - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\extensions\zotero@chnm.gmu.edu
- Undetermined - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348}
- Zotero - %ProfilePath%\extensions\zotero@chnm.gmu.edu
- Ask New Tabs - %ProfilePath%\extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348}
- Sugestron Speed Dial - %ProfilePath%\extensions\sugestron@example.net.xpi
- Vlc context menu - %ProfilePath%\extensions\vlcplaylist@helgatauscher.de.xpi
- Yoono - %ProfilePath%\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}.xpi

ProfilePath: C:\Users\ZDENK~1\AppData\Roaming\Zotero\Zotero\Profiles\g9how70h.default
- Zotero LibreOffice Integration - C:\Program Files\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org
- Zotero Word for Windows Integration - C:\Program Files\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org

AppDir: C:\Program Files\Mozilla Firefox
- vShare Add-On - %AppDir%\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
edcbaedcbaedcbaedcbaedcbaedcbajk - C:\Program Files\vShare.tv plugin\vshareplg.crx[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[21.10.2010 15:45]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[05.09.2013 19:31]

RealPlayer HTML5Video Downloader Extension - ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk

==== Chrome Fix ======================

C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\edcbaedcbaedcbaedcbaedcbaedcbajk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8FF90DB8-6DED-44A3-B182-244FEC09012F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8BD09FF8DED63A441B2842F4CE9010F2 deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ZDENK~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\ZDENK~1\AppData\Local\Mozilla\Firefox\Profiles\axn0sq43.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\ZDENK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=13 9291022 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ZDENK~1\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\TEMP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 08.03.2014 at 21:30:39,20 ======================

To jste dal znovu log ze Zoek, nikoli FRST

Omlouvám se.


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2014 01
Ran by Zdeněk (administrator) on ZDPOK on 09-03-2014 09:49:46
Running from C:\Users\Zdeněk\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
() C:\Windows\System32\AsusService.exe
() C:\Program Files\asus\AsusUac\AsusUacSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\windows\system32\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc.) C:\Program Files\EeePC\SHE\SuperHybridEngine.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
() C:\Program Files\ASUS\Eee Docking Touch\Eee Docking Touch.exe
(ASUS) C:\Windows\AsScrPro.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(GBM Software) C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Barracuda Networks, Inc.) C:\Users\Zdeněk\AppData\Roaming\Copy\CopyAgent.exe
(Google Inc.) C:\Users\Zdeněk\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(LS) C:\Program Files\MultiClipBoard\MultiClipBoard.exe
() C:\Program Files\My Sync Center\bin\sync_server.exe
(Dropbox, Inc.) C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\GmoteServer\GmoteServer.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\javaw.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\windows\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1545512 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [HotkeyMon] - C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe [100328 2009-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] - C:\Program Files\EeePC\HotkeyService\HotkeyService.exe [1166256 2010-03-04] (ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] - C:\Program Files\EeePC\SHE\SuperHybridEngine.exe [413688 2009-10-26] (ASUSTeK Computer Inc.)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM\...\Run: [LiveUpdate] - C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-07-13] (AsusTek Computer Inc.)
HKLM\...\Run: [SynAsusAcpi] - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [83240 2009-07-20] (Synaptics Incorporated)
HKLM\...\Run: [Eee Docking Touch] - C:\Program Files\ASUS\Eee Docking Touch\Eee Docking Touch.exe [414896 2010-02-09] ()
HKLM\...\Run: [Tutorial] - C:\Program Files\ASUS\Demo Tutorial Video\Demo Tutorial Video.exe [241328 2009-12-10] (ASUSTek Computer Inc.)
HKLM\...\Run: [ASUS Screen Saver Protector] - C:\Windows\AsScrPro.exe [3058304 2010-03-07] (ASUS)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7744032 2009-09-29] (Realtek Semiconductor)
HKLM\...\Run: [PenWrite] - C:\Program Files\ASUS\PenWrite\PenWrite.exe [543920 2010-02-08] ()
HKLM\...\Run: [ASUSPRP] - C:\Program Files\ASUS\APRP\APRP.EXE [2018032 2010-03-07] (ASUSTek Computer Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKU\.DEFAULT\...\Run: [Copy] - C:\Users\Zdeněk\AppData\Roaming\Copy\CopyAgent.exe [13473936 2014-02-07] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [GRemoteServer Pro] - C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe [2310368 2010-05-04] (GBM Software)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [ShowBatteryBar] - C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2009-05-28] ()
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [Copy] - C:\Users\Zdeněk\AppData\Roaming\Copy\CopyAgent.exe [13473936 2014-02-07] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [Google Update] - C:\Users\Zdeněk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-05] (Google Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [MusicManager] - C:\Users\Zdeněk\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7342592 2013-09-23] (Google Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {3dec8514-648a-11e1-ae36-20cf300a2ebe} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {415e84c0-edd3-11df-90a6-806e6f6e6963} - E:\start.exe ar
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {e90aad40-1bc4-11e1-91d7-1c4bd617b5af} - F:\LaunchU3.exe -a
Startup: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GmoteServer.lnk
ShortcutTarget: GmoteServer.lnk -> C:\Program Files\GmoteServer\GmoteServer.exe ()
Startup: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://eeepc.asus.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skyline - {3a4f9195-65a8-11d5-85c1-0001023952c1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll (Skyline software systems Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 46.252.224.18 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=1.0.0.0 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.775 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin: @videolan.org/vlc,version=1.1.11 - C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Zdeněk\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Zdeněk\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\abz-slovnik-ceskych-synonym.xml
FF SearchPlugin: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\searchplugins\korpuscz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Zotero - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\zotero@chnm.gmu.edu [2012-12-23]
FF Extension: Ask New Tabs - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{2FD73609-F02D-3849-D765-5F8F93ECC348} [2014-03-08]
FF Extension: Sugestron Speed Dial - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\sugestron@example.net.xpi [2011-04-24]
FF Extension: Vlc Kontextmenü - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\vlcplaylist@helgatauscher.de.xpi [2012-01-19]
FF Extension: Yoono - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\axn0sq43.default\Extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}.xpi [2011-04-30]
FF Extension: vShare Add-On - C:\Program Files\Mozilla Firefox\extensions\{dd05fd3d-18df-4ce4-ae53-e795339c5f01} [2014-02-27]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-10-21]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-03-08]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-09]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-11]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-09]
CHR Extension: (Peněženka Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-09]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-05]

========================== Services (Whitelisted) =================

R2 AsusService; C:\Windows\System32\AsusService.exe [224680 2010-03-04] ()
R2 AsusUacSvc; C:\Program Files\asus\AsusUac\AsusUacSvc.exe [114864 2009-11-16] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 OberonGameConsoleService; C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] ()
R2 PnkBstrA; C:\windows\system32\PnkBstrA.exe [75064 2010-10-22] ()
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)

==================== Drivers (Whitelisted) ====================

R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2011-02-09] ()
R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R2 epfw; C:\windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
R3 GRemoteBus; C:\windows\System32\DRIVERS\GRemoteBus.sys [23368 2009-08-05] (GBM Software)
R3 GRemoteJoy; C:\windows\System32\DRIVERS\GRemoteJoy.sys [39112 2009-08-05] (GBM Software)
S3 JL2005C; C:\windows\System32\Drivers\jl2005c.sys [69180 2011-01-17] (Windows (R) 2000 DDK provider)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
R0 nhcDriverDevice; C:\windows\System32\drivers\nhcDriver.sys [71680 2011-01-07] (Notebook Hardware Control)
S3 Rockusb; C:\windows\System32\DRIVERS\rockusb.sys [45040 2012-08-20] (Fuzhou Rockchip Electronics Co,Ltd.)
R3 SMARTMouseFilterx86; C:\windows\System32\DRIVERS\SMARTMouseFilterx86.sys [11048 2009-12-15] (SMART Technologies ULC)
R3 SMARTVHidMini2000x86; C:\windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [14120 2009-12-15] (SMART Technologies ULC)
R3 SMARTVTabletPCx86; C:\windows\System32\DRIVERS\SMARTVTabletPCx86.sys [13440 2009-12-15] (SMART Technologies ULC)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [436792 2010-10-15] ()
R3 usbsmi; C:\windows\System32\DRIVERS\SMIksdrv.sys [181760 2009-12-25] (SMI)
S3 wdf_usb; C:\windows\System32\drivers\usb2ser.sys [56832 2011-05-18] (MediaTek Inc.)
U3 aea71xk4; C:\windows\system32\Drivers\aea71xk4.sys [0 ] (Elaborate Bytes AG)
S3 cpuz132; \??\C:\Users\ZDENK~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 08:37 - 2014-03-09 09:50 - 00022834 _____ () C:\Users\Zdeněk\Desktop\FRST.txt
2014-03-08 21:24 - 2014-03-08 20:18 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-08 20:22 - 2014-03-08 21:30 - 00011332 _____ () C:\zoek-results.log
2014-03-08 20:18 - 2014-03-08 21:17 - 00000000 ____D () C:\zoek_backup
2014-03-08 20:17 - 2014-03-08 20:17 - 01285120 _____ () C:\Users\Zdeněk\Desktop\zoek.exe
2014-03-08 18:51 - 2014-03-08 18:56 - 00000000 ____D () C:\AdwCleaner
2014-03-08 18:50 - 2014-03-08 18:50 - 00021064 _____ () C:\Users\Zdeněk\Downloads\JRT.txt
2014-03-08 18:49 - 2014-03-08 18:50 - 01244192 _____ () C:\Users\Zdeněk\Desktop\adwcleaner.exe
2014-03-08 18:46 - 2014-03-08 18:46 - 00021064 _____ () C:\Users\Zdeněk\Desktop\JRT.txt
2014-03-08 17:17 - 2014-03-08 17:17 - 00000000 ____D () C:\windows\ERUNT
2014-03-08 17:15 - 2014-03-08 17:15 - 01037734 _____ (Thisisu) C:\Users\Zdeněk\Desktop\JRT.exe
2014-03-08 17:12 - 2014-03-08 17:12 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\ESET
2014-03-08 17:12 - 2014-03-08 17:12 - 00000000 ____D () C:\Users\Zdeněk\AppData\Local\ESET
2014-03-08 17:07 - 2014-03-08 17:07 - 00000000 ____D () C:\ProgramData\ESET
2014-03-08 17:07 - 2014-03-08 17:07 - 00000000 ____D () C:\Program Files\ESET
2014-03-08 16:54 - 2014-03-08 16:54 - 00010852 _____ () C:\Users\Zdeněk\Desktop\Addition.rar
2014-03-08 16:45 - 2014-03-08 16:45 - 00000000 ____D () C:\FRST
2014-03-08 16:43 - 2014-03-08 16:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2014-03-08 16:34 - 2014-03-08 16:34 - 1582512036 _____ () C:\Users\Zdeněk\Downloads\pinavý trik (American Hustle, 2013) CZ tit.avi
2014-03-08 14:19 - 2014-03-08 14:19 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Speclean
2014-03-08 14:16 - 2014-03-08 14:17 - 01145344 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2014-03-08 13:59 - 2014-03-08 15:12 - 782848000 _____ () C:\Users\Zdeněk\Downloads\Lovelace - Pravdivá spoveď kráľovnej porna (Lovelace) (2013) CZ.avi
2014-03-08 13:43 - 2014-03-08 13:46 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe
2014-03-08 13:42 - 2014-03-08 13:45 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe
2014-03-08 13:40 - 2014-03-08 13:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-01 15:57 - 2014-03-01 18:28 - 1863655424 _____ () C:\Users\Zdeněk\Downloads\Rush - Rivalové(2013)CZ.avi
2014-02-27 22:20 - 2014-02-27 22:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-14 17:57 - 2013-12-21 08:56 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-14 16:20 - 2014-02-01 08:58 - 01767936 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-14 16:20 - 2014-02-01 08:58 - 01140736 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-14 16:20 - 2014-02-01 08:58 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-14 16:20 - 2014-02-01 08:57 - 14359040 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 13760512 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 02877952 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 02049024 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00493056 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-14 16:20 - 2014-02-01 08:57 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-14 16:20 - 2014-02-01 08:34 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-14 16:20 - 2014-02-01 07:38 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-02-13 17:57 - 2014-01-01 00:05 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-13 17:57 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-13 17:57 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-13 17:56 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-13 17:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-13 17:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-13 17:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-13 17:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-13 17:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-13 17:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-13 17:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-08 08:45 - 2014-02-08 08:45 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Gravitace-2013-cz-dab.AVI

==================== One Month Modified Files and Folders =======

2014-03-09 09:52 - 2013-08-04 07:29 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Copy
2014-03-09 09:50 - 2014-03-09 08:37 - 00022834 _____ () C:\Users\Zdeněk\Desktop\FRST.txt
2014-03-09 09:48 - 2010-10-13 05:31 - 01338300 _____ () C:\windows\WindowsUpdate.log
2014-03-09 09:35 - 2012-07-10 19:04 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 09:10 - 2010-10-21 12:43 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 09:06 - 2011-09-25 12:45 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Dropbox
2014-03-09 08:58 - 2013-10-05 10:20 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job
2014-03-09 08:36 - 2011-01-22 14:11 - 00000000 ____D () C:\Program Files\Zrychleni Pocitace
2014-03-09 08:34 - 2014-01-04 20:15 - 00112131 _____ () C:\windows\IE11_main.log
2014-03-09 08:31 - 2011-12-31 09:09 - 00067295 _____ () C:\Users\Zdeněk\.mysync.log
2014-03-08 21:53 - 2009-07-14 05:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-08 21:53 - 2009-07-14 05:34 - 00009920 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-08 21:46 - 2011-09-25 12:50 - 00000000 ___RD () C:\Users\Zdeněk\Dropbox
2014-03-08 21:45 - 2012-06-01 11:24 - 00000000 ___RD () C:\Users\Zdeněk\Google Drive
2014-03-08 21:43 - 2011-08-08 12:00 - 00000374 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-03-08 21:43 - 2010-10-21 12:43 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-08 21:43 - 2010-10-12 13:47 - 00112080 _____ () C:\Users\Zdeněk\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-08 21:42 - 2014-01-08 19:36 - 00007245 _____ () C:\windows\setupact.log
2014-03-08 21:42 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-03-08 21:30 - 2014-03-08 20:22 - 00011332 _____ () C:\zoek-results.log
2014-03-08 21:29 - 2009-07-14 05:33 - 00429400 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-08 21:28 - 2014-01-08 19:36 - 00101824 _____ () C:\windows\PFRO.log
2014-03-08 21:17 - 2014-03-08 20:18 - 00000000 ____D () C:\zoek_backup
2014-03-08 21:14 - 2010-10-12 13:47 - 00000000 ____D () C:\Users\Zdeněk
2014-03-08 20:18 - 2014-03-08 21:24 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-08 20:17 - 2014-03-08 20:17 - 01285120 _____ () C:\Users\Zdeněk\Desktop\zoek.exe
2014-03-08 19:29 - 2011-04-21 11:54 - 00000000 ____D () C:\Program Files\SMART Technologies
2014-03-08 19:25 - 2011-04-21 11:58 - 00000000 ____D () C:\ProgramData\SMART Technologies
2014-03-08 19:25 - 2011-04-21 11:54 - 00000000 ____D () C:\Program Files\Common Files\SMART Technologies
2014-03-08 19:18 - 2012-03-12 20:07 - 00000000 ____D () C:\Program Files\Unlockroot
2014-03-08 18:56 - 2014-03-08 18:51 - 00000000 ____D () C:\AdwCleaner
2014-03-08 18:50 - 2014-03-08 18:50 - 00021064 _____ () C:\Users\Zdeněk\Downloads\JRT.txt
2014-03-08 18:50 - 2014-03-08 18:49 - 01244192 _____ () C:\Users\Zdeněk\Desktop\adwcleaner.exe
2014-03-08 18:50 - 2011-10-19 18:44 - 01406976 ___SH () C:\Users\Zdeněk\Downloads\Thumbs.db
2014-03-08 18:46 - 2014-03-08 18:46 - 00021064 _____ () C:\Users\Zdeněk\Desktop\JRT.txt
2014-03-08 17:58 - 2013-10-05 10:20 - 00000914 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job
2014-03-08 17:17 - 2014-03-08 17:17 - 00000000 ____D () C:\windows\ERUNT
2014-03-08 17:15 - 2014-03-08 17:15 - 01037734 _____ (Thisisu) C:\Users\Zdeněk\Desktop\JRT.exe
2014-03-08 17:12 - 2014-03-08 17:12 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\ESET
2014-03-08 17:12 - 2014-03-08 17:12 - 00000000 ____D () C:\Users\Zdeněk\AppData\Local\ESET
2014-03-08 17:07 - 2014-03-08 17:07 - 00000000 ____D () C:\ProgramData\ESET
2014-03-08 17:07 - 2014-03-08 17:07 - 00000000 ____D () C:\Program Files\ESET
2014-03-08 16:54 - 2014-03-08 16:54 - 00010852 _____ () C:\Users\Zdeněk\Desktop\Addition.rar
2014-03-08 16:45 - 2014-03-08 16:45 - 00000000 ____D () C:\FRST
2014-03-08 16:43 - 2014-03-08 16:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2014-03-08 16:37 - 2012-05-31 10:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-08 16:34 - 2014-03-08 16:34 - 1582512036 _____ () C:\Users\Zdeněk\Downloads\pinavý trik (American Hustle, 2013) CZ tit.avi
2014-03-08 15:12 - 2014-03-08 13:59 - 782848000 _____ () C:\Users\Zdeněk\Downloads\Lovelace - Pravdivá spoveď kráľovnej porna (Lovelace) (2013) CZ.avi
2014-03-08 14:19 - 2014-03-08 14:19 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Speclean
2014-03-08 14:17 - 2014-03-08 14:16 - 01145344 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2014-03-08 13:46 - 2014-03-08 13:43 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe
2014-03-08 13:45 - 2014-03-08 13:42 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe
2014-03-08 13:42 - 2010-03-07 02:29 - 00000000 ____D () C:\ProgramData\Skype
2014-03-08 13:40 - 2014-03-08 13:40 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-08 13:40 - 2010-03-07 02:30 - 00000000 ___RD () C:\Program Files\Skype
2014-03-06 18:54 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-03-06 18:20 - 2010-03-07 02:01 - 01568800 _____ () C:\windows\system32\PerfStringBackup.INI
2014-03-04 17:40 - 2013-09-01 13:01 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-01 18:39 - 2012-01-19 18:44 - 00000000 ____D () C:\Users\Zdeněk\.smplayer
2014-03-01 18:28 - 2014-03-01 15:57 - 1863655424 _____ () C:\Users\Zdeněk\Downloads\Rush - Rivalové(2013)CZ.avi
2014-02-27 22:21 - 2014-02-27 22:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-22 18:45 - 2013-01-17 18:43 - 00002004 ____H () C:\Users\Zdeněk\Documents\Default.rdp
2014-02-22 16:38 - 2010-10-28 08:50 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\dvdcss
2014-02-21 15:35 - 2012-07-10 19:04 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-02-21 15:35 - 2011-06-29 16:28 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-16 14:45 - 2012-12-25 10:57 - 00092672 ___SH () C:\Users\Zdeněk\Thumbs.db
2014-02-14 18:35 - 2009-07-26 22:40 - 00000000 ____D () C:\windows\panther
2014-02-14 18:13 - 2010-03-07 02:13 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-14 17:33 - 2013-09-13 18:16 - 00000000 ____D () C:\windows\system32\MRT
2014-02-14 17:15 - 2010-10-25 16:42 - 85946576 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-14 16:56 - 2009-07-14 03:04 - 00000507 _____ () C:\windows\win.ini
2014-02-09 17:08 - 2010-10-12 14:06 - 00000000 ____D () C:\Users\Zdeněk\AppData\Local\Mozilla
2014-02-08 08:45 - 2014-02-08 08:45 - 00000000 ____D () C:\Users\Zdeněk\Downloads\Gravitace-2013-cz-dab.AVI
2014-02-08 08:33 - 2010-10-14 17:11 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Winamp

==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
FontResizer (Version: 1.01.0011 - ASUSTek) Hidden

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zden�k\Desktop" je 721 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
"C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LivCam
"C:\Program Files\ASUS\LivCam\LivCam.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART Board Service
C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART SNMP Agent
C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
"C:\Program Files\Winamp\winampa.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center
%windir%\WindowsMobile\wmdc.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSync
"C:\Program Files\Windows Live\Mesh\WLSync.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SMART Board Tools.lnk
C:\PROGRA~1\SMARTT~1\SMARTP~1\SMARTB~2.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Zden�k^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2010.lnk
C:\PROGRA~1\MICROS~2\Office14\ONENOTEM.EXE /tsr [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\River Past\\Audio Converter\\AudioConverter.exe"="C:\\Program Files\\River Past\\Audio Converter\\AudioConverter.exe:*:Enabled:River Past Audio Converter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
  HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
  HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
  HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [GRemoteServer Pro] - C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe [2310368 2010-05-04] (GBM Software)
  HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
  HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [Google Update] - C:\Users\Zdeněk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-05] (Google Inc.)
  HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {3dec8514-648a-11e1-ae36-20cf300a2ebe} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
  HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {415e84c0-edd3-11df-90a6-806e6f6e6963} - E:\start.exe ar
  HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {e90aad40-1bc4-11e1-91d7-1c4bd617b5af} - F:\LaunchU3.exe -a
  
  CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-05]
  
  2014-03-08 21:24 - 2014-03-08 20:18 - 00024064 _____ () C:\windows\zoek-delete.exe
  2014-03-08 20:22 - 2014-03-08 21:30 - 00011332 _____ () C:\zoek-results.log
  2014-03-08 20:18 - 2014-03-08 21:17 - 00000000 ____D () C:\zoek_backup
  2014-03-08 20:17 - 2014-03-08 20:17 - 01285120 _____ () C:\Users\Zdeněk\Desktop\zoek.exe
  2014-03-08 18:50 - 2014-03-08 18:50 - 00021064 _____ () C:\Users\Zdeněk\Downloads\JRT.txt
  2014-03-08 18:49 - 2014-03-08 18:50 - 01244192 _____ () C:\Users\Zdeněk\Desktop\adwcleaner.exe
  2014-03-08 18:46 - 2014-03-08 18:46 - 00021064 _____ () C:\Users\Zdeněk\Desktop\JRT.txt
  2014-03-08 17:15 - 2014-03-08 17:15 - 01037734 _____ (Thisisu) C:\Users\Zdeněk\Desktop\JRT.exe
  2014-03-08 16:43 - 2014-03-08 16:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
  2014-03-08 13:43 - 2014-03-08 13:46 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe
  2014-03-08 13:42 - 2014-03-08 13:45 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART SNMP Agent" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014
Ran by Zdeněk at 2014-03-13 09:25:18 Run:1
Running from C:\Users\Zdeněk\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [GRemoteServer Pro] - C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe [2310368 2010-05-04] (GBM Software)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [OfficeSyncProcess] - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\Run: [Google Update] - C:\Users\Zdeněk\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-05] (Google Inc.)
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {3dec8514-648a-11e1-ae36-20cf300a2ebe} - C:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Start.hta
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {415e84c0-edd3-11df-90a6-806e6f6e6963} - E:\start.exe ar
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\...\MountPoints2: {e90aad40-1bc4-11e1-91d7-1c4bd617b5af} - F:\LaunchU3.exe -a

CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-09-05]

2014-03-08 21:24 - 2014-03-08 20:18 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-03-08 20:22 - 2014-03-08 21:30 - 00011332 _____ () C:\zoek-results.log
2014-03-08 20:18 - 2014-03-08 21:17 - 00000000 ____D () C:\zoek_backup
2014-03-08 20:17 - 2014-03-08 20:17 - 01285120 _____ () C:\Users\Zdeněk\Desktop\zoek.exe
2014-03-08 18:50 - 2014-03-08 18:50 - 00021064 _____ () C:\Users\Zdeněk\Downloads\JRT.txt
2014-03-08 18:49 - 2014-03-08 18:50 - 01244192 _____ () C:\Users\Zdeněk\Desktop\adwcleaner.exe
2014-03-08 18:46 - 2014-03-08 18:46 - 00021064 _____ () C:\Users\Zdeněk\Desktop\JRT.txt
2014-03-08 17:15 - 2014-03-08 17:15 - 01037734 _____ (Thisisu) C:\Users\Zdeněk\Desktop\JRT.exe
2014-03-08 16:43 - 2014-03-08 16:43 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2014-03-08 13:43 - 2014-03-08 13:46 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe
2014-03-08 13:42 - 2014-03-08 13:45 - 01581384 _____ (ESET) C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job => C:\Users\Zdenk\AppData\Local\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART SNMP Agent" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\VirtualCloneDrive => Value deleted successfully.
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GRemoteServer Pro => Value deleted successfully.
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => Value deleted successfully.
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3dec8514-648a-11e1-ae36-20cf300a2ebe} => Key deleted successfully.
HKCR\CLSID\{3dec8514-648a-11e1-ae36-20cf300a2ebe} => Key not found.
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{415e84c0-edd3-11df-90a6-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{415e84c0-edd3-11df-90a6-806e6f6e6963} => Key not found.
HKU\S-1-5-21-3287936036-1640913841-3883395169-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e90aad40-1bc4-11e1-91d7-1c4bd617b5af} => Key deleted successfully.
HKCR\CLSID\{e90aad40-1bc4-11e1-91d7-1c4bd617b5af} => Key not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => Key deleted successfully.
C:\Users\ZDENK~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Zdeněk\Desktop\zoek.exe => Moved successfully.
C:\Users\Zdeněk\Downloads\JRT.txt => Moved successfully.
C:\Users\Zdeněk\Desktop\adwcleaner.exe => Moved successfully.
"C:\Users\Zdeněk\Desktop\JRT.txt" => File/Directory not found.
C:\Users\Zdeněk\Desktop\JRT.exe => Moved successfully.
"C:\Users\Zdeněk\Desktop\FRSTLauncher.exe" => File/Directory not found.
C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (2).exe => Moved successfully.
C:\Users\Zdeněk\Downloads\eset_smart_security_live_installer_ (1).exe => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001Core.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3287936036-1640913841-3883395169-1001UA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMART SNMP Agent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent" /f =========

Operace byla dokonźena ŁspŘçnŘ.



========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Mockrát děkuji, jste nejlepší!

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat