VIRY.CZ

Dobrý den přeji, mohli byste mi zkontrolovat log, prosím? Počítač je zpomalený, či reaguje opožděně. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-04-2014
Ran by akys (administrator) on AKYS-PC on 12-04-2014 16:42:42
Running from C:\Users\akys\Desktop
Microsoft Windows 7 Home Premium (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
() C:\Program Files\LemurLeap\updateLemurLeap.exe
() C:\Program Files\LemurLeap\bin\utilLemurLeap.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Messenger\SweetIM.exe
(SweetIM Technologies Ltd.) C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SkypEmoticons) C:\Users\akys\AppData\Roaming\SkypEmoticons\SE.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
() C:\Program Files\LemurLeap\bin\FilterApp_C.exe
() C:\Program Files\LemurLeap\bin\LemurLeap.BrowserAdapter.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\akys\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13830760 2009-11-05] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SweetIM] - C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM\...\Run: [Sweetpacks Communicator] - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [vProt] - C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2544664 2014-03-23] ()
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-12] (Google Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-13] ()
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Facebook Update] - C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [se] - C:\Users\akys\AppData\Roaming\SkypEmoticons\SE.exe [5679008 2014-04-03] (SkypEmoticons)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [AGupdate] - C:\Program Files\AppGraffiti\AGupdate.exe [894048 2013-03-19] (Omega Partners Ltd)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [NextLive] - C:\windows\system32\rundll32.exe "C:\Users\akys\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [uTorrent] - C:\Users\akys\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {0a02c127-4a5b-11e2-9523-0024542b2b3e} - G:\Startme.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {c8488308-eac5-11e2-bebe-0024542b2b3e} - F:\autorun.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1003\...\MountPoints2: {c8488308-eac5-11e2-bebe-0024542b2b3e} - F:\autorun.exe
AppInit_DLLs: c:\progra~1\websea~1\sprote~1.dll => c:\progra~1\websea~1\sprote~1.dll File Not Found
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchere.info/?pid=16 ... Z&unqvl=37
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=smsn
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchere.info/?pid=16 ... Z&unqvl=37
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchere.info/?l=1&q= ... Z&unqvl=37
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... CZ488CZ489
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... CZ488CZ489
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={F24 ... 2014-01-31 09:48:45&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchere.info/?l=1&q= ... Z&unqvl=37
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Media View - {5366fcf7-8043-47cb-b613-952df8cdf6f3} - C:\Program Files\MediaViewV1\MediaViewV1alpha5409\ie\MediaViewV1alpha5409.dll ()
BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\Program Files\AppGraffiti\AppGraffiti.dll (Omega Partners Ltd)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Media Player - {884b08e9-52de-4453-b238-1f73b8d07496} - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha730\ie\MediaPlayerV1alpha730.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO: Media Watch - {973436f2-f461-4368-b189-385825a31555} - C:\Program Files\MediaWatchV1\MediaWatchV1home1785\ie\MediaWatchV1home1785.dll ()
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - C:\Users\akys\AppData\Local\Rich Media Player\BrowserExtensions\IE\RichMediaDownloader.dll (Radiocom CJSC)
BHO: Zula Games - {A9337080-7CBF-4E3E-80C1-3867BEDD88E0} - C:\Program Files\Zula Games\ScriptHost.dll (ZulaGames.com)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Video Player - {e3704f0a-d2fe-40df-a66b-999b50393372} - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta829\ie\VideoPlayerV3beta829.dll ()
BHO: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.3.1.91\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\..\Interfaces\{0EC181E1-4C80-44E7-8D89-48E4203EC75D}: [NameServer]192.168.0.1,8.8.8.8
Tcpip\..\Interfaces\{168D007D-45CE-4038-8084-650232C2CA2D}: [NameServer]192.168.0.1,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "WebSearch");: user_pref("browser.search.order.1,S", "WebSearch");
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com?cid={F24DD217-F309-47FF-96C3-8350047DBEA2}&mid=084049bb62bd47d0adf8d16d12cfc2cd-23ab2e961257181070725fefe2baeea257e83b1b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-01-31 09:48:45&v=17.3.1.91&pid=safeguard&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\akys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npffividiplg.dll (iVIDI.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: AppGraffiti - C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\AppGraffiti@AppGraffiti.com [2014-04-12]
FF Extension: WebSite Recommendation - C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\WebSiteRecommendation@weliketheweb.com [2014-04-12]
FF Extension: HdTransform - C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\jid0-BN7BWJJe8J1FsJ00Q6loA43AvyQ@jetpack.xpi [2013-09-11]
FF Extension: Speed Analysis 2 - C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi [2013-10-06]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]
FF HKLM\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files\BetterSurf\ff
FF HKLM\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files\Better-Surf\ff [2013-11-30]
FF HKLM\...\Firefox\Extensions: [ext@VideoPlayerV3beta829.net] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta829\ff
FF Extension: Video Player - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta829\ff [2014-01-10]
FF HKLM\...\Firefox\Extensions: [ext@MediaPlayerV1alpha730.net] - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha730\ff
FF Extension: Media Player - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha730\ff [2014-01-29]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-01-31]
FF HKLM\...\Firefox\Extensions: [ext@MediaViewV1alpha5409.net] - C:\Program Files\MediaViewV1\MediaViewV1alpha5409\ff
FF Extension: Media View - C:\Program Files\MediaViewV1\MediaViewV1alpha5409\ff [2014-03-03]
FF HKLM\...\Firefox\Extensions: [ext@MediaWatchV1home1785.net] - C:\Program Files\MediaWatchV1\MediaWatchV1home1785\ff
FF Extension: Media Watch - C:\Program Files\MediaWatchV1\MediaWatchV1home1785\ff [2014-03-23]

Chrome:
=======
CHR HomePage: hxxp://mysearch.avg.com/?cid={028A989C-EEC8-45D1-98F9-4EB54C32D6A2}&mid=084049bb62bd47d0adf8d16d12cfc2cd-23ab2e961257181070725fefe2baeea257e83b1b&lang=cs&ds=AVG&pr=pr&d=2013-11-22 19:29:41&v=17.1.3.1&pid=safeguard&sg=0&sap=hp
CHR RestoreOnStartup: "sync": {
"app_settings": true,
"apps": true,
"autofill": true,
"autofill_profile": true,
"bookmarks": true,
"dictionary": true,
"encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA5nY/X+yyZU6J0y/9ICzpPAAAAAACAAAAAAAQZgAAAAEAACAAAACeLAiHJWGK2P2TrjEdTAwqWtIIvBk6iCxRvJvOw0GCoQAAAAAOgAAAAAIAACAAAAAjpZTPxQhPeSjJy2MubNfs1Q9p74T7qpfC5JSSiMWyn0AAAADGoUu1RKKkCmL+fK8Lk+FmDYonC6w/2IkdEIGe+MkA2GN0fY67MPumn5D7OL5PTkuQUAhn5STXR7Q04l2sXidwQAAAADaAlG8zhQdiTlaxQucZyChZL7aKQ+PErnRfklzjWgBWJAYEYajunmbNZPZcwwiIV85Kg8ZDIEyAuO/N0SQ5GvA=",
"extension_settings": true,
"extensions": true,
"favicon_images": true,
"favicon_tracking": true,
"has_setup_completed": true,
"history_delete_directives": true,
"keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA5nY/X+yyZU6J0y/9ICzpPAAAAAACAAAAAAAQZgAAAAEAACAAAACLf2BWyRaE0O66/S+SALm8G4qykjN9urnOUxJp2Ta3ywAAAAAOgAAAAAIAACAAAADOONxdrb1SSaCgL6nkU7J5OMonnpG5wh/o57brqRM/41AAAACWmS5+3qJQl4lCgP4jRDU63wAVlcKBIuYQl1zoWI4ehQKGgEfanLZeVcJ5LXquzW2tWtddkSZxbw4oR9tp60k7B0uzLe4xrGEUaPTntIv070AAAABaIOzwwmERLec1SIwsglCqiB1YXQVhovhnSnYQrW9jzk1dyKZGrFnn4ZDoPm8qwpYse9VH4jv8INaCYcQCEDQ2",
"last_synced_time": "13041020920025287",
"managed_users": true,
"passwords": true,
"preferences": true,
"priority_preferences": true,
"search_engines": true,
"session_sync_guid": "session_sync7bSifY7BMFM8fDAfRgWj2g==",
"sessions": true,
"suppress_start": false,
"synced_notifications": true,
"tabs": true,
"themes": true,
"typed_urls"
CHR Extension: (Media Watch) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphiicfcfolakjnhjjnampnbnjjmndgi [2014-03-24]
CHR Extension: (iVIDI.org plugin) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol [2013-10-10]
CHR Extension: (AdBlock) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-30]
CHR Extension: (Heroes of the Force) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\loelggeeafamcncnnloicjkipdoiogap [2013-12-13]
CHR Extension: (Master Yoda) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfhcemdmkonaenljlliaefpbmkocmahi [2013-12-13]
CHR Extension: (Peněženka Google) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (WebSite Recommendation) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj [2013-11-11]
CHR HKLM\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1 [2013-09-11]
CHR HKLM\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files\BetterSurf\ch\Chrome.crx [2013-09-11]
CHR HKLM\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\akys\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx [2013-06-11]
CHR HKLM\...\Chrome\Extension: [dphiicfcfolakjnhjjnampnbnjjmndgi] - C:\Program Files\MediaWatchV1\MediaWatchV1home1785\ch\MediaWatchV1home1785.crx [2014-03-20]
CHR HKLM\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\akys\AppData\Roaming\zulagames\zulagames.crx [2013-07-01]
CHR HKLM\...\Chrome\Extension: [giacfgjdclhnmkacnfbaljbmpnelflol] - C:\Program Files\iVIDI.org plugin\ividiplg.crx [2012-11-05]
CHR HKLM\...\Chrome\Extension: [gkanicbonjppjfmblighpalkkhpoaklb] - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta829\ch\VideoPlayerV3beta829.crx [2014-01-08]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-12-31]
CHR HKLM\...\Chrome\Extension: [jlnfdbbladgcmhhamgkioifhbobjaoof] - C:\Program Files\LemurLeap\jlnfdbbladgcmhhamgkioifhbobjaoof.crx [2012-12-31]
CHR HKLM\...\Chrome\Extension: [jmpeoofffopmflnpioenamiedlbkokpk] - C:\Program Files\MediaViewV1\MediaViewV1alpha5409\ch\MediaViewV1alpha5409.crx [2014-02-27]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files\Better-Surf\ch\Chrome.crx [2013-11-25]

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-11] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-26] (LogMeIn, Inc.)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1739064 2013-10-08] (AVG)
R2 Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [350496 2014-04-11] ()
R2 Util LemurLeap; C:\Program Files\LemurLeap\bin\utilLemurLeap.exe [350496 2014-04-11] ()
R2 vToolbarUpdater18.0.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-23] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [42272 2014-03-23] (AVG Technologies)
S3 BRDriver; C:\ProgramData\BitRaider\BRDriver.sys [64808 2014-01-11] (BitRaider)
S3 Dot4Scan; C:\windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-24] (Disc Soft Ltd)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
R1 wStLib; C:\windows\System32\drivers\wStLib.sys [52920 2014-03-24] (StdLib)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 16:42 - 2014-04-12 16:43 - 00031054 _____ () C:\Users\akys\Desktop\FRST.txt
2014-04-12 16:42 - 2014-04-12 16:42 - 00000000 ____D () C:\FRST
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\FRSTLauncher (1).exe
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Desktop\FRSTLauncher (1).exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Downloads\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Desktop\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload
2014-04-12 16:35 - 2014-04-12 16:35 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload
2014-04-12 16:34 - 2014-04-12 16:34 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload
2014-04-12 14:38 - 2014-04-12 14:49 - 00000000 ____D () C:\Users\akys\Desktop\derftg
2014-04-12 14:35 - 2014-04-12 14:50 - 00000000 ____D () C:\Users\akys\Downloads\zgvbthjg
2014-04-11 23:43 - 2014-04-11 23:44 - 00000375 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-04-09 18:45 - 2014-04-09 18:45 - 00000000 ____D () C:\windows\system32\SPReview
2014-03-30 20:01 - 2014-03-30 21:19 - 00000000 ____D () C:\Users\akys\Desktop\slatiny
2014-03-24 21:39 - 2014-03-24 21:39 - 00052920 _____ (StdLib) C:\windows\system32\Drivers\wStLib.sys
2014-03-24 00:27 - 2014-03-24 00:27 - 00002368 _____ () C:\Users\akys\Downloads\error.htm
2014-03-23 22:14 - 2014-03-23 22:14 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-23 21:17 - 2014-03-23 21:17 - 00000000 ____D () C:\Program Files\MediaWatchV1
2014-03-19 00:32 - 2014-03-19 00:32 - 00146200 _____ () C:\windows\Minidump\031814-51386-01.dmp
2014-03-17 22:16 - 2014-03-19 23:00 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Bitcoin
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Program Files\Bitcoin

==================== One Month Modified Files and Folders =======

2014-04-12 16:43 - 2014-04-12 16:42 - 00031054 _____ () C:\Users\akys\Desktop\FRST.txt
2014-04-12 16:42 - 2014-04-12 16:42 - 00000000 ____D () C:\FRST
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\FRSTLauncher (1).exe
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Desktop\FRSTLauncher (1).exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Downloads\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Desktop\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload
2014-04-12 16:35 - 2014-04-12 16:35 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload
2014-04-12 16:35 - 2012-06-19 19:43 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-12 16:34 - 2014-04-12 16:34 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload
2014-04-12 16:32 - 2012-06-25 06:53 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-12 15:59 - 2009-07-14 04:04 - 00000537 _____ () C:\windows\win.ini
2014-04-12 15:49 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-12 15:49 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-12 15:46 - 2012-11-12 10:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-12 15:45 - 2010-01-13 02:07 - 01266137 _____ () C:\windows\WindowsUpdate.log
2014-04-12 15:44 - 2013-06-10 19:55 - 00000000 ____D () C:\Users\akys\AppData\Roaming\uTorrent
2014-04-12 15:44 - 2013-05-13 12:52 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Skype
2014-04-12 15:43 - 2013-07-19 12:58 - 00000000 ____D () C:\Program Files\Steam
2014-04-12 15:42 - 2013-10-06 16:24 - 00000352 _____ () C:\windows\Tasks\AmiUpdXp.job
2014-04-12 15:41 - 2013-10-17 07:51 - 00000000 ____D () C:\Users\akys\AppData\Local\LogMeIn Hamachi
2014-04-12 15:41 - 2012-06-19 19:43 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-12 15:41 - 2012-06-16 20:51 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-04-12 15:40 - 2013-09-20 23:45 - 00000924 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000UA.job
2014-04-12 15:40 - 2013-01-01 14:44 - 00037260 _____ () C:\windows\setupact.log
2014-04-12 15:40 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-12 14:50 - 2014-04-12 14:35 - 00000000 ____D () C:\Users\akys\Downloads\zgvbthjg
2014-04-12 14:49 - 2014-04-12 14:38 - 00000000 ____D () C:\Users\akys\Desktop\derftg
2014-04-12 14:30 - 2013-11-13 19:18 - 00000000 ____D () C:\Users\akys\Desktop\uzgz
2014-04-12 09:47 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\NDF
2014-04-12 07:52 - 2013-09-20 23:45 - 00000902 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000Core.job
2014-04-11 23:44 - 2014-04-11 23:43 - 00000375 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-04-11 23:44 - 2009-07-26 22:06 - 01576554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-11 09:30 - 2012-06-16 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 09:29 - 2013-07-17 11:23 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 09:24 - 2012-06-20 07:31 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 18:45 - 2014-04-09 18:45 - 00000000 ____D () C:\windows\system32\SPReview
2014-04-07 15:09 - 2012-10-01 13:32 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Centrum Mail
2014-04-04 02:27 - 2012-11-09 10:34 - 00000438 ____H () C:\windows\Tasks\Norton Security Scan for akys.job
2014-04-03 19:48 - 2013-10-06 15:43 - 00000000 ____D () C:\Users\akys\AppData\Roaming\SkypEmoticons
2014-03-31 21:44 - 2013-01-13 13:40 - 00069274 _____ () C:\windows\PFRO.log
2014-03-30 21:19 - 2014-03-30 20:01 - 00000000 ____D () C:\Users\akys\Desktop\slatiny
2014-03-26 08:30 - 2013-05-13 12:53 - 00000000 ____D () C:\Users\akys\AppData\Local\PMB Files
2014-03-24 21:39 - 2014-03-24 21:39 - 00052920 _____ (StdLib) C:\windows\system32\Drivers\wStLib.sys
2014-03-24 21:39 - 2013-10-06 16:24 - 00000000 ____D () C:\Program Files\LemurLeap
2014-03-24 15:31 - 2014-01-31 10:48 - 00000000 ____D () C:\Users\akys\AppData\Local\AVG SafeGuard toolbar
2014-03-24 00:27 - 2014-03-24 00:27 - 00002368 _____ () C:\Users\akys\Downloads\error.htm
2014-03-23 22:14 - 2014-03-23 22:14 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-23 22:14 - 2014-02-21 19:25 - 00000000 ____D () C:\Program Files\AVG SafeGuard toolbar
2014-03-23 22:14 - 2014-01-31 10:48 - 00042272 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2014-03-23 21:17 - 2014-03-23 21:17 - 00000000 ____D () C:\Program Files\MediaWatchV1
2014-03-23 21:17 - 2014-01-29 16:17 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-03-23 19:01 - 2013-06-10 19:40 - 00000000 ____D () C:\Users\akys\AppData\Roaming\vlc
2014-03-22 16:53 - 2013-09-01 09:56 - 00000000 ____D () C:\Users\akys\Desktop\!!!
2014-03-22 00:14 - 2013-09-06 15:41 - 00000000 ____D () C:\Users\akys\Documents\Youcam
2014-03-19 23:00 - 2014-03-17 22:16 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Bitcoin
2014-03-19 15:27 - 2013-05-15 21:02 - 00000000 ____D () C:\Users\Kamča
2014-03-19 15:27 - 2013-05-13 12:52 - 00000000 ___RD () C:\Program Files\Skype
2014-03-19 00:32 - 2014-03-19 00:32 - 00146200 _____ () C:\windows\Minidump\031814-51386-01.dmp
2014-03-19 00:32 - 2012-07-31 21:35 - 00000000 ____D () C:\windows\Minidump
2014-03-19 00:31 - 2012-06-16 21:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Program Files\Bitcoin

Files to move or delete:
====================
C:\Users\akys\jagex_cl_runescape_LIVE.dat
C:\Users\akys\random.dat


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AmiUpdXp.job => C:\Users\akys\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000Core.job => C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000UA.job => C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Norton Security Scan for akys.job => C:\PROGRA~1\NORTON~2\Engine\403~1.24\Nss.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:4CF61E54

==================== Security Center ==================

AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\akys\Desktop" je 16049 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Vkládám log z JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by akys on so 12.04.2014 at 17:12:32,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\nextlive
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetim
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sweetpacks communicator
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sim-packages
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetie.ietoolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\sweetim_urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\toolbar3.sweetie.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\appgraffiti
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\performersoft llc
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\sprotector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3283628575-1838000162-593940776-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\appgraffiti
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\ctoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installiq
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appgraffiti.appgraffitijs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mediaplayer.graphicsutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\mgmediaplayer.gifanimator.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetpacksupdatemanager_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\optimizerpro
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\speed analysis 2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0c43fe6b-e881-4afc-b384-4aebc90047e8}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6f6a5334-78e9-4d9b-8182-8b41ea8c39ef}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{a0c9df2b-89b5-4483-8983-18a68200f1b4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c670dcae-e392-aa32-6f42-143c7fc4bdfd}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_massive_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_massive_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"



~~~ Files

Successfully deleted: [File] C:\windows\Tasks\amiupdxp.job



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\sweetim"
Successfully deleted: [Folder] "C:\Users\akys\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\akys\AppData\Roaming\newnext.me"
Successfully deleted: [Folder] "C:\Users\akys\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\akys\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\akys\AppData\Roaming\similarsites"
Successfully deleted: [Folder] "C:\Users\akys\AppData\Roaming\zulagames"
Successfully deleted: [Folder] "C:\Users\akys\appdata\locallow\appgraffiti"
Successfully deleted: [Folder] "C:\Users\akys\appdata\locallow\sweetim"
Failed to delete: [Folder] "C:\Program Files\appgraffiti"
Failed to delete: [Folder] "C:\Program Files\lemurleap"
Successfully deleted: [Folder] "C:\Program Files\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files\similarsites"
Successfully deleted: [Folder] "C:\Program Files\speed analysis 2"
Failed to delete: [Folder] "C:\Program Files\sweetim"
Successfully deleted: [Folder] "C:\Program Files\videoplayerv3"
Successfully deleted: [Folder] "C:\Program Files\webexpenhancedv1"
Successfully deleted: [Folder] "C:\Program Files\websearch"
Successfully deleted: [Folder] "C:\Program Files\zula games"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\appgraffiti"
Successfully deleted: [Folder] "C:\Users\akys\documents\optimizer pro"



~~~ FireFox

Successfully deleted: [File] C:\Users\akys\AppData\Roaming\mozilla\firefox\profiles\dsbj5nn4.default\searchplugins\websearch.xml
Successfully deleted: [Folder] C:\Users\akys\AppData\Roaming\mozilla\firefox\profiles\dsbj5nn4.default\extensions\appgraffiti@appgraffiti.com
Successfully deleted the following from C:\Users\akys\AppData\Roaming\mozilla\firefox\profiles\dsbj5nn4.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.defaulturl", "hxxp://websearch.searchere.info/?pid=1678&r=2013/10/06&hid=16796955599425610353&lg=EN&cc=CZ&unqvl=37&l=1&q=");
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com?cid={F24DD217-F309-47FF-96C3-8350047DBEA2}&mid=084049bb62bd47d0adf8d16d12cfc2cd-23ab2e961257181070725fefe2baeea2
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.h5F6af6tr2rR.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp000
user_pref("extensions.xuTcW.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\"
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "WebSearch");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "WebSearch");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://websearch.searchere.info/?pid=1678&r=2013/10/06&hid=16796955599425610353&lg=EN&cc=CZ&unqvl=37");
user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://websearch.searchere.info/?pid=1678&r=2013/10/06&hid=16796955599425610353&lg=EN&cc=CZ&unqvl=37&l=1&q=");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1");
user_pref("sweetim.toolbar.searchguard.enable", "false");
Emptied folder: C:\Users\akys\AppData\Roaming\mozilla\firefox\profiles\dsbj5nn4.default\minidumps [4 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 12.04.2014 at 17:16:06,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Vkládám log z AdwCleaner

# AdwCleaner v3.023 - Report created 12/04/2014 at 17:20:46
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium (32 bits)
# Username : akys - AKYS-PC
# Running from : C:\Users\akys\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Update LemurLeap
[#] Service Deleted : Util LemurLeap

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\DOwnload keeEpeR
Folder Deleted : C:\ProgramData\SearchNewTab
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
Folder Deleted : C:\Program Files\AppGraffiti
Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files\Better-Surf
Folder Deleted : C:\Program Files\BitLord 2
Folder Deleted : C:\Program Files\EZDownloader
[!] Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\MediaPlayerV1
Folder Deleted : C:\Program Files\MediaWatchV1
Folder Deleted : C:\Program Files\Ss-Helper
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
[!] Folder Deleted : C:\Users\akys\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\akys\AppData\Local\EZDownloader
Folder Deleted : C:\Users\akys\AppData\Local\genienext
Folder Deleted : C:\Users\akys\AppData\Local\Mobogenie
Folder Deleted : C:\Users\akys\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\akys\AppData\Local\Temp\Unitech LLC
Folder Deleted : C:\Users\akys\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\akys\AppData\Roaming\BitLord
Folder Deleted : C:\Users\akys\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\akys\AppData\Roaming\SeeSimilar02
Folder Deleted : C:\Users\akys\AppData\Roaming\SkypEmoticons
Folder Deleted : C:\Users\akys\AppData\Roaming\SpeedAnalysis2
Folder Deleted : C:\Users\akys\AppData\Roaming\Unitech LLC
Folder Deleted : C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\Users\akys\Documents\BitLord
Folder Deleted : C:\Users\akys\Documents\Mobogenie
Folder Deleted : C:\Users\Kamča\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Kamča\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\WebSiteRecommendation@weliketheweb.com
Folder Deleted : C:\Users\Kamča\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap
Folder Deleted : C:\Users\Kamča\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Folder Deleted : C:\Users\Kamča\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Deleted : C:\Users\Kamča\AppData\Local\Google\Chrome\User Data\Default\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
File Deleted : C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\speedanalysis02@SpeedAnalysis.com.xpi
File Deleted : C:\Users\akys\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gflandjopdloblmlcoiidmncpinmmacn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Speed Analysis 2.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.BackgroundHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Navbar
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Navbar.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.ScriptHostObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Tool
Key Deleted : HKLM\SOFTWARE\Classes\Zula Games.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\VideoPerformerSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_d6949b33
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EB93AADE-9884-47F0-AA9D-0920E1D1203F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{462862BE-9A5C-49A5-9CBD-A649EAC63645}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB30FEA7-5866-406A-B47D-FB69E1AF8FD7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E3C6B04-08FE-43BC-8E50-F90285024DEA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\BetterSurf
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6EF34C0188ECFA43B48A4BE9C00748E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Features\B6EF34C0188ECFA43B48A4BE9C00748E
Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Deleted : HKLM\Software\Classes\Installer\Products\B6EF34C0188ECFA43B48A4BE9C00748E
Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.h5F6af6tr2rR.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf([...]
Line Deleted : user_pref("extensions.xuTcW.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumor[...]

*************************

AdwCleaner[R0].txt - [24007 octets] - [12/04/2014 17:19:16]
AdwCleaner[S0].txt - [23992 octets] - [12/04/2014 17:20:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [24053 octets] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

log z zoek


Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by akys on so 12.04.2014 at 17:36:26,07.
Microsoft Windows 7 Home Premium 6.1.7600 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\akys\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.4.2014 17:38:03 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{443DCFDE-B9FF-F2C2-C076-426C62248142} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{443DCFDE-B9FF-F2C2-C076-426C62248142} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2E5031D-6C97-F0F3-8098-27DE4239FF46} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E2E5031D-6C97-F0F3-8098-27DE4239FF46} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{e3704f0a-d2fe-40df-a66b-999b50393372} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3704f0a-d2fe-40df-a66b-999b50393372} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{884b08e9-52de-4453-b238-1f73b8d07496} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{884b08e9-52de-4453-b238-1f73b8d07496} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{973436f2-f461-4368-b189-385825a31555} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{973436f2-f461-4368-b189-385825a31555} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{443DCFDE-B9FF-F2C2-C076-426C62248142} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E2E5031D-6C97-F0F3-8098-27DE4239FF46} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{e3704f0a-d2fe-40df-a66b-999b50393372} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{884b08e9-52de-4453-b238-1f73b8d07496} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{973436f2-f461-4368-b189-385825a31555} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{18DBB6CE-3148-4FEC-B481-103CB3290427} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{6E3C6B04-08FE-43BC-8E50-F90285024DEA} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{415419C3-DAD0-4DF1-AC37-22C72AD81878} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{443DCFDE-B9FF-F2C2-C076-426C62248142} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{E2E5031D-6C97-F0F3-8098-27DE4239FF46} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} deleted successfully
HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{c181f246-67be-4c51-9cd4-e465f412b0a4} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\12x3q4@3244516.com deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@VideoPlayerV3beta829.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha730.net deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaWatchV1home1785.net deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.0.5 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.0.5 deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\prefs.js:
user_pref("keyword.URL", "");

Added to C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default

user.js not found
---- Lines SpeedAnalysis removed from prefs.js ----
user_pref("extensions.speedanalysis02@SpeedAnalysis.com.id", "\"49f49eb7-dc3a-0615-6dda-5b3c707976a0\"");
user_pref("extensions.speedanalysis02@SpeedAnalysis.com.mzID", "75");
user_pref("extensions.speedanalysis02@SpeedAnalysis.com.uuid", "\"a0020b69-2e95-11e3-8099-0025901ef77c\"");
---- Lines SpeedAnalysis modified from prefs.js ----

user_pref("extensions.enabledAddons", "speedanalysis02%40SpeedAnalysis.com:3.0.0.0,WebSiteRecommendation%40weliketheweb.com:1.1.2,%7B972ce4c6-7e08-447
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"12x3q4@3244516.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Bet
---- Lines extensions.h5F6af6tr2rR removed from prefs.js ----
user_pref("extensions.h5F6af6tr2rR.epoch", "1396897038");
user_pref("extensions.h5F6af6tr2rR.url", "http://getjpijs.info/sync2/?q=hfZ9oemKA ... rjnEqda7rj
---- Lines extensions.xuTcW removed from prefs.js ----
user_pref("extensions.xuTcW.epoch", "1396897038");
user_pref("extensions.xuTcW.url", "http://json-jpi.info/sync2/?q=hfZ9ofDSB ... Fpdk7qjwMD
---- Lines 12x3q4@3244516.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"12x3q4@3244516.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Bet
---- Lines ext@VideoPlayerV3beta829.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files\\\\Better-Surf\\
---- Lines ext@MediaPlayerV1alpha730.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files\\\\Better-Surf\\
---- Lines ext@MediaWatchV1home1785.net modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"disabled\":{\"descriptor\":\"C:\\\\Program Files\\\\Better-Surf\\
---- FireFox user.js and prefs.js backups ----

prefs_12.04.2014_1748_.backup

==== Deleting Files \ Folders ======================

C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\extensions\speedanalysis02@SpeedAnalysis.com.xpi not found
C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~2\{13A9B825-42CB-4973-913D-2194B5A4CF94} deleted
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~2\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted
C:\Users\akys\daemonprocess.txt deleted
C:\Users\akys\.android deleted
C:\Program Files\MediaViewV1 deleted
C:\Program Files\iVIDI.org plugin deleted
C:\Program Files\VideoDownloadConverter_4z Chrome Extension deleted
C:\Program Files\LemurLeap deleted
C:\Users\akys\PP_MOTION.TMP deleted
C:\Users\akys\PP_ROTATE_SLIDE.TMP deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\SummerSoft deleted
C:\Users\akys\AppData\Local\Rich Media Player\BrowserExtensions deleted
C:\Users\akys\AppData\Local\AVG SafeGuard toolbar deleted
C:\Users\akys\AppData\Local\cache deleted
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"ext@MediaViewV1alpha5409.net"="C:\Program Files\MediaViewV1\MediaViewV1alpha5409\ff" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default
- HdTransform - %ProfilePath%\extensions\jid0-BN7BWJJe8J1FsJ00Q6loA43AvyQ@jetpack.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default
E83B541C71965CFA1DEFF846CD6E9ECD - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll - Google Update
95812430959AE88CDD0301AB3A71913B - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
A9191AE22A8F1287B5E2DF33E3A57253 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51
9B10927CFD0F7AD39E40C0E34005B1AD - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13
CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
FF0D6F82A0EC13952E83B9439100E45D - C:\Users\akys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
637839AC6ED995510A411327C5C2DA61 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - AdobeAAMDetect
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\windows\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
7302EAED2D115E09740BA661B507F5C7 - C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll - Shockwave Flash
8322DF0F670E2E45599728AA2D4896FA - C:\Program Files\Software602\602XML\Filler\npfiller.dll - Software602 Form Filler
CF46E0E1398B382CE0CE738C67A38DD1 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
D27CE4EAF23411589A33E0C99D176311 - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll - Adobe Acrobat
28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight
4E31DE484AD120894D0D3E7740979108 - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll - AdobeAAMDetect


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
adldappccjhelkmbkpiibilgnnjakieg - C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\VideoDownloadConvert@mindspark.com.gen1[]
dphiicfcfolakjnhjjnampnbnjjmndgi - C:\Program Files\MediaWatchV1\MediaWatchV1home1785\ch\MediaWatchV1home1785.crx[]
giacfgjdclhnmkacnfbaljbmpnelflol - C:\Program Files\iVIDI.org plugin\ividiplg.crx[]
gkanicbonjppjfmblighpalkkhpoaklb - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta829\ch\VideoPlayerV3beta829.crx[]
jmpeoofffopmflnpioenamiedlbkokpk - C:\Program Files\MediaViewV1\MediaViewV1alpha5409\ch\MediaViewV1alpha5409.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03.03.2014 10:53]

VideoDownloadConverter - akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg
iVIDI.org plugin - akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol
Media View - akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmpeoofffopmflnpioenamiedlbkokpk
Skype Click to Call - akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
VideoDownloadConverter - KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg
iVIDI.org plugin - KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol
DOwnload keeEpeR - KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igalihconjoihiohgploepaldgjgkkhn
SearchNewTab - KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kopohbanepkkbkeomnadnomcgaklogjj
Skype for Chromium - KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Webexp Enhanced - KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjbaaokdpeobfnaficekjhnlkooogee

==== Chrome Fix ======================

C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_massive.en.softonic.com_0.localstorage deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_massive.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmpeoofffopmflnpioenamiedlbkokpk deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kopohbanepkkbkeomnadnomcgaklogjj deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kopohbanepkkbkeomnadnomcgaklogjj_0.localstorage deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kopohbanepkkbkeomnadnomcgaklogjj_0.localstorage-journal deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kopohbanepkkbkeomnadnomcgaklogjj deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igalihconjoihiohgploepaldgjgkkhn deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igalihconjoihiohgploepaldgjgkkhn_0.localstorage deleted successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igalihconjoihiohgploepaldgjgkkhn_0.localstorage-journal deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igalihconjoihiohgploepaldgjgkkhn_0.localstorage deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igalihconjoihiohgploepaldgjgkkhn_0.localstorage-journal deleted successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\igalihconjoihiohgploepaldgjgkkhn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain ... &bmod=smsn"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=i ... CZ488CZ489"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{5366fcf7-8043-47cb-b613-952df8cdf6f3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5366fcf7-8043-47cb-b613-952df8cdf6f3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{5366fcf7-8043-47cb-b613-952df8cdf6f3} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@MediaViewV1alpha5409.net deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3FA7307F-C0F9-96F5-C859-053AB791EC10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\adldappccjhelkmbkpiibilgnnjakieg deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dphiicfcfolakjnhjjnampnbnjjmndgi deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gkanicbonjppjfmblighpalkkhpoaklb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jmpeoofffopmflnpioenamiedlbkokpk deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Video Player deleted successfully

==== Empty IE Cache ======================

C:\Users\akys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\akys\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\akys\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\akys\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\KAMA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\KAMA~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\akys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\akys\AppData\Local\Mozilla\Firefox\Profiles\dsbj5nn4.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\KAMA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=516 folders=219 17697303 bytes)

==== Empty Temp Folders ======================

C:\Users\akys\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\hedev\AppData\Local\Temp emptied successfully
C:\Users\KAMA~1\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\akys\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\akys\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on so 12.04.2014 at 17:57:51,10 ======================

Dejte novy log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Nový FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-04-2014
Ran by akys (administrator) on AKYS-PC on 12-04-2014 18:04:27
Running from C:\Users\akys\Desktop
Microsoft Windows 7 Home Premium (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AVG) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
() C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(BitTorrent Inc.) C:\Users\akys\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - C:\windows\system32\NvCpl.dll [13830760 2009-11-05] (NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280 2009-10-10] (Synaptics Incorporated)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-12] (Google Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-13] ()
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Facebook Update] - C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [AGupdate] - C:\Program Files\AppGraffiti\AGupdate.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [uTorrent] - C:\Users\akys\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {0a02c127-4a5b-11e2-9523-0024542b2b3e} - G:\Startme.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {c8488308-eac5-11e2-bebe-0024542b2b3e} - F:\autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7SMSN
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... CZ488CZ489
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... CZ488CZ489
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... CZ488CZ489
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{0EC181E1-4C80-44E7-8D89-48E4203EC75D}: [NameServer]192.168.0.1,8.8.8.8
Tcpip\..\Interfaces\{168D007D-45CE-4038-8084-650232C2CA2D}: [NameServer]192.168.0.1,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\windows\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @software602.cz/602XML Filler - C:\Program Files\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 - C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\akys\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npffividiplg.dll (iVIDI.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppluginrichmediaplayer.dll ()
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: HdTransform - C:\Users\akys\AppData\Roaming\Mozilla\Firefox\Profiles\dsbj5nn4.default\Extensions\jid0-BN7BWJJe8J1FsJ00Q6loA43AvyQ@jetpack.xpi [2013-09-11]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-03-03]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-12]
CHR Extension: (Disk Google) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-12]
CHR Extension: (YouTube) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-12]
CHR Extension: (Vyhledávání Google) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-12]
CHR Extension: (Skype Click to Call) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-12]
CHR Extension: (Peněženka Google) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Gmail) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-12]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]

========================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-11] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1678672 2014-02-26] (LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-26] (LogMeIn, Inc.)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1739064 2013-10-08] (AVG)

==================== Drivers (Whitelisted) ====================

R1 Avgdiskx; C:\windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\windows\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [42272 2014-03-23] (AVG Technologies)
S3 BRDriver; C:\ProgramData\BitRaider\BRDriver.sys [64808 2014-01-11] (BitRaider)
S3 Dot4Scan; C:\windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-01-24] (Disc Soft Ltd)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
R1 wStLib; C:\windows\System32\drivers\wStLib.sys [52920 2014-03-24] (StdLib)
R3 yukonw7; C:\windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 18:04 - 2014-04-12 18:05 - 00018964 _____ () C:\Users\akys\Desktop\FRST.txt
2014-04-12 17:51 - 2014-04-12 17:36 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-04-12 17:37 - 2014-04-12 17:57 - 00026657 _____ () C:\zoek-results.log
2014-04-12 17:36 - 2014-04-12 17:57 - 00000000 ____D () C:\zoek_backup
2014-04-12 17:35 - 2014-04-12 18:03 - 00000000 ____D () C:\Users\akys\Desktop\mohehe
2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Downloads\zoek.exe
2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Desktop\zoek.exe
2014-04-12 17:19 - 2014-04-12 17:21 - 00000000 ____D () C:\AdwCleaner
2014-04-12 17:12 - 2014-04-12 17:12 - 00000000 ____D () C:\windows\ERUNT
2014-04-12 17:10 - 2014-04-12 17:10 - 01426178 _____ () C:\Users\akys\Downloads\adwcleaner.exe
2014-04-12 17:08 - 2014-04-12 17:08 - 01016261 _____ (Thisisu) C:\Users\akys\Downloads\JRT.exe
2014-04-12 16:42 - 2014-04-12 16:42 - 00000000 ____D () C:\FRST
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\FRSTLauncher (1).exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Downloads\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Desktop\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload
2014-04-12 16:35 - 2014-04-12 16:35 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload
2014-04-12 16:34 - 2014-04-12 16:34 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload
2014-04-12 14:38 - 2014-04-12 14:49 - 00000000 ____D () C:\Users\akys\Desktop\derftg
2014-04-12 14:35 - 2014-04-12 14:50 - 00000000 ____D () C:\Users\akys\Downloads\zgvbthjg
2014-04-11 23:43 - 2014-04-11 23:44 - 00000375 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-04-09 18:45 - 2014-04-09 18:45 - 00000000 ____D () C:\windows\system32\SPReview
2014-03-30 20:01 - 2014-03-30 21:19 - 00000000 ____D () C:\Users\akys\Desktop\slatiny
2014-03-24 21:39 - 2014-03-24 21:39 - 00052920 _____ (StdLib) C:\windows\system32\Drivers\wStLib.sys
2014-03-24 00:27 - 2014-03-24 00:27 - 00002368 _____ () C:\Users\akys\Downloads\error.htm
2014-03-19 00:32 - 2014-03-19 00:32 - 00146200 _____ () C:\windows\Minidump\031814-51386-01.dmp
2014-03-17 22:16 - 2014-03-19 23:00 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Bitcoin
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Program Files\Bitcoin

==================== One Month Modified Files and Folders =======

2014-04-12 18:05 - 2014-04-12 18:04 - 00018964 _____ () C:\Users\akys\Desktop\FRST.txt
2014-04-12 18:05 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-12 18:05 - 2009-07-14 06:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-12 18:03 - 2014-04-12 17:35 - 00000000 ____D () C:\Users\akys\Desktop\mohehe
2014-04-12 18:03 - 2013-06-10 19:55 - 00000000 ____D () C:\Users\akys\AppData\Roaming\uTorrent
2014-04-12 18:01 - 2010-01-13 02:07 - 01289180 _____ () C:\windows\WindowsUpdate.log
2014-04-12 17:59 - 2013-07-19 12:58 - 00000000 ____D () C:\Program Files\Steam
2014-04-12 17:59 - 2013-05-13 12:52 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Skype
2014-04-12 17:58 - 2013-10-17 07:51 - 00000000 ____D () C:\Users\akys\AppData\Local\LogMeIn Hamachi
2014-04-12 17:58 - 2012-06-16 20:51 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-04-12 17:57 - 2014-04-12 17:37 - 00026657 _____ () C:\zoek-results.log
2014-04-12 17:57 - 2014-04-12 17:36 - 00000000 ____D () C:\zoek_backup
2014-04-12 17:57 - 2013-01-13 13:40 - 00071700 _____ () C:\windows\PFRO.log
2014-04-12 17:57 - 2013-01-01 14:44 - 00037372 _____ () C:\windows\setupact.log
2014-04-12 17:57 - 2012-06-19 19:43 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-12 17:57 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-12 17:50 - 2013-09-20 23:45 - 00000924 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000UA.job
2014-04-12 17:48 - 2013-06-06 19:09 - 00000000 ____D () C:\Users\akys\AppData\Local\Rich Media Player
2014-04-12 17:48 - 2012-06-16 20:51 - 00000000 ____D () C:\Users\akys
2014-04-12 17:36 - 2014-04-12 17:51 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Downloads\zoek.exe
2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Desktop\zoek.exe
2014-04-12 17:35 - 2012-06-19 19:43 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-12 17:32 - 2012-06-25 06:53 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-12 17:22 - 2009-07-14 04:04 - 00000537 _____ () C:\windows\win.ini
2014-04-12 17:21 - 2014-04-12 17:19 - 00000000 ____D () C:\AdwCleaner
2014-04-12 17:12 - 2014-04-12 17:12 - 00000000 ____D () C:\windows\ERUNT
2014-04-12 17:10 - 2014-04-12 17:10 - 01426178 _____ () C:\Users\akys\Downloads\adwcleaner.exe
2014-04-12 17:08 - 2014-04-12 17:08 - 01016261 _____ (Thisisu) C:\Users\akys\Downloads\JRT.exe
2014-04-12 16:46 - 2012-11-12 10:56 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-12 16:42 - 2014-04-12 16:42 - 00000000 ____D () C:\FRST
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\FRSTLauncher (1).exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Downloads\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Desktop\FRST.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload
2014-04-12 16:35 - 2014-04-12 16:35 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload
2014-04-12 16:34 - 2014-04-12 16:34 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload
2014-04-12 14:50 - 2014-04-12 14:35 - 00000000 ____D () C:\Users\akys\Downloads\zgvbthjg
2014-04-12 14:49 - 2014-04-12 14:38 - 00000000 ____D () C:\Users\akys\Desktop\derftg
2014-04-12 14:30 - 2013-11-13 19:18 - 00000000 ____D () C:\Users\akys\Desktop\uzgz
2014-04-12 09:47 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\NDF
2014-04-12 07:52 - 2013-09-20 23:45 - 00000902 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000Core.job
2014-04-11 23:44 - 2014-04-11 23:43 - 00000375 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2014-04-11 23:44 - 2009-07-26 22:06 - 01576554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-11 09:30 - 2012-06-16 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 09:29 - 2013-07-17 11:23 - 00000000 ____D () C:\windows\system32\MRT
2014-04-11 09:24 - 2012-06-20 07:31 - 88028728 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-09 18:45 - 2014-04-09 18:45 - 00000000 ____D () C:\windows\system32\SPReview
2014-04-07 15:09 - 2012-10-01 13:32 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Centrum Mail
2014-04-04 02:27 - 2012-11-09 10:34 - 00000438 ____H () C:\windows\Tasks\Norton Security Scan for akys.job
2014-03-30 21:19 - 2014-03-30 20:01 - 00000000 ____D () C:\Users\akys\Desktop\slatiny
2014-03-26 08:30 - 2013-05-13 12:53 - 00000000 ____D () C:\Users\akys\AppData\Local\PMB Files
2014-03-24 21:39 - 2014-03-24 21:39 - 00052920 _____ (StdLib) C:\windows\system32\Drivers\wStLib.sys
2014-03-24 00:27 - 2014-03-24 00:27 - 00002368 _____ () C:\Users\akys\Downloads\error.htm
2014-03-23 22:14 - 2014-01-31 10:48 - 00042272 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2014-03-23 21:17 - 2014-01-29 16:17 - 00000270 __RSH () C:\ProgramData\ntuser.pol
2014-03-23 19:01 - 2013-06-10 19:40 - 00000000 ____D () C:\Users\akys\AppData\Roaming\vlc
2014-03-22 16:53 - 2013-09-01 09:56 - 00000000 ____D () C:\Users\akys\Desktop\!!!
2014-03-22 00:14 - 2013-09-06 15:41 - 00000000 ____D () C:\Users\akys\Documents\Youcam
2014-03-19 23:00 - 2014-03-17 22:16 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Bitcoin
2014-03-19 15:27 - 2013-05-15 21:02 - 00000000 ____D () C:\Users\Kamča
2014-03-19 15:27 - 2013-05-13 12:52 - 00000000 ___RD () C:\Program Files\Skype
2014-03-19 00:32 - 2014-03-19 00:32 - 00146200 _____ () C:\windows\Minidump\031814-51386-01.dmp
2014-03-19 00:32 - 2012-07-31 21:35 - 00000000 ____D () C:\windows\Minidump
2014-03-19 00:31 - 2012-06-16 21:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Users\akys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin
2014-03-17 22:16 - 2014-03-17 22:16 - 00000000 ____D () C:\Program Files\Bitcoin

Files to move or delete:
====================
C:\Users\akys\jagex_cl_runescape_LIVE.dat
C:\Users\akys\random.dat


==================== Bamital & volsnap Check =================

C:\windows\explorer.exe => MD5 is legit
C:\windows\system32\winlogon.exe => MD5 is legit
C:\windows\system32\wininit.exe => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit
C:\windows\system32\User32.dll => MD5 is legit
C:\windows\system32\userinit.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-11 19:19

==================== End Of Log ============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
  HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
  HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
  HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
  HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
  HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
  HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
  HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
  HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-12] (Google Inc.)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-13] ()
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Facebook Update] - C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [AGupdate] - C:\Program Files\AppGraffiti\AGupdate.exe
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [uTorrent] - C:\Users\akys\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-21] (BitTorrent Inc.)
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: F - F:\autorun.exe
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {0a02c127-4a5b-11e2-9523-0024542b2b3e} - G:\Startme.exe
  HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {c8488308-eac5-11e2-bebe-0024542b2b3e} - F:\autorun.exe
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  SearchScopes: HKLM - DefaultScope value is missing.
  
  CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
  CHR Extension: (Skype Click to Call) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-12]
  
  DisableService: c2cautoupdatesvc
  DisableService: c2cpnrsvc
  DisableService: RichVideo
  R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1739064 2013-10-08] (AVG)
  R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
  
  C:\Program Files\AVG\AVG PC TuneUp
  2014-04-12 17:51 - 2014-04-12 17:36 - 00024064 _____ () C:\windows\zoek-delete.exe
  2014-04-12 17:37 - 2014-04-12 17:57 - 00026657 _____ () C:\zoek-results.log
  2014-04-12 17:36 - 2014-04-12 17:57 - 00000000 ____D () C:\zoek_backup
  2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Downloads\zoek.exe
  2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Desktop\zoek.exe
  014-04-12 17:10 - 2014-04-12 17:10 - 01426178 _____ () C:\Users\akys\Downloads\adwcleaner.exe
  2014-04-12 17:08 - 2014-04-12 17:08 - 01016261 _____ (Thisisu) C:\Users\akys\Downloads\JRT.exe
  2014-04-12 16:40 - 2014-04-12 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload
  2014-04-12 16:35 - 2014-04-12 16:35 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload
  2014-04-12 16:34 - 2014-04-12 16:34 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload
  2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\FRSTLauncher (1).exe
  2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Downloads\FRST.exe
  C:\Users\akys\jagex_cl_runescape_LIVE.dat
  C:\Users\akys\random.dat
  
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\windows\Tasks\AmiUpdXp.job => C:\Users\akys\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
  Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000Core.job => C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000UA.job => C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\Norton Security Scan for akys.job => C:\PROGRA~1\NORTON~2\Engine\403~1.24\Nss.exe
  
  Hosts:
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-04-2014
Ran by akys at 2014-04-12 20:25:40 Run:1
Running from C:\Users\akys\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDRShortCut] - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink Corp.)
HKLM\...\Run: [RemoteControl8] - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [PDVD8LanguageShortcut] - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM\...\Run: [APLangApp] - C:\Program Files\AnyPC Client\APLangApp.exe [13312 2009-11-20] (DoctorSoft)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-12] (Google Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [4284976 2013-05-13] ()
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Steam] - C:\Program Files\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [Facebook Update] - C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-20] (Facebook Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [AGupdate] - C:\Program Files\AppGraffiti\AGupdate.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\Run: [uTorrent] - C:\Users\akys\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-21] (BitTorrent Inc.)
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {0a02c127-4a5b-11e2-9523-0024542b2b3e} - G:\Startme.exe
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\...\MountPoints2: {c8488308-eac5-11e2-bebe-0024542b2b3e} - F:\autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

SearchScopes: HKLM - DefaultScope value is missing.

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR Extension: (Skype Click to Call) - C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-12]

DisableService: c2cautoupdatesvc
DisableService: c2cpnrsvc
DisableService: RichVideo
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1739064 2013-10-08] (AVG)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)

C:\Program Files\AVG\AVG PC TuneUp
2014-04-12 17:51 - 2014-04-12 17:36 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-04-12 17:37 - 2014-04-12 17:57 - 00026657 _____ () C:\zoek-results.log
2014-04-12 17:36 - 2014-04-12 17:57 - 00000000 ____D () C:\zoek_backup
2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Downloads\zoek.exe
2014-04-12 17:35 - 2014-04-12 17:35 - 01285120 _____ () C:\Users\akys\Desktop\zoek.exe
014-04-12 17:10 - 2014-04-12 17:10 - 01426178 _____ () C:\Users\akys\Downloads\adwcleaner.exe
2014-04-12 17:08 - 2014-04-12 17:08 - 01016261 _____ (Thisisu) C:\Users\akys\Downloads\JRT.exe
2014-04-12 16:40 - 2014-04-12 16:40 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload
2014-04-12 16:35 - 2014-04-12 16:35 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload
2014-04-12 16:34 - 2014-04-12 16:34 - 00112107 _____ (forum.viry.cz) C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload
2014-04-12 16:41 - 2014-04-12 16:41 - 00112640 _____ (forum.viry.cz) C:\Users\akys\Downloads\FRSTLauncher (1).exe
2014-04-12 16:40 - 2014-04-12 16:40 - 01145856 _____ (Farbar) C:\Users\akys\Downloads\FRST.exe
C:\Users\akys\jagex_cl_runescape_LIVE.dat
C:\Users\akys\random.dat

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AmiUpdXp.job => C:\Users\akys\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000Core.job => C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000UA.job => C:\Users\akys\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Norton Security Scan for akys.job => C:\PROGRA~1\NORTON~2\Engine\403~1.24\Nss.exe

Hosts:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePDRShortCut => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl8 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PDVD8LanguageShortcut => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UpdatePPShortCut => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\APLangApp => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\UCam_Menu => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AGupdate => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => Value deleted successfully.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3283628575-1838000162-593940776-1000 => Key not found.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a02c127-4a5b-11e2-9523-0024542b2b3e} => Key deleted successfully.
HKCR\CLSID\{0a02c127-4a5b-11e2-9523-0024542b2b3e} => Key not found.
HKU\S-1-5-21-3283628575-1838000162-593940776-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8488308-eac5-11e2-bebe-0024542b2b3e} => Key deleted successfully.
HKCR\CLSID\{c8488308-eac5-11e2-bebe-0024542b2b3e} => Key not found.
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
C:\Users\akys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
c2cautoupdatesvc service was disabled
c2cpnrsvc service was disabled
RichVideo service was disabled
TuneUp.UtilitiesSvc => Service stopped successfully.
TuneUp.UtilitiesSvc => Service deleted successfully.
TuneUpUtilitiesDrv => Service stopped successfully.
TuneUpUtilitiesDrv => Service deleted successfully.
C:\Program Files\AVG\AVG PC TuneUp => Moved successfully.
C:\windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\akys\Downloads\zoek.exe => Moved successfully.
C:\Users\akys\Desktop\zoek.exe => Moved successfully.
C:\Users\akys\Downloads\JRT.exe => Moved successfully.
C:\Users\akys\Downloads\Nepotvrzeno 247367.crdownload => Moved successfully.
C:\Users\akys\Downloads\Nepotvrzeno 151342.crdownload => Moved successfully.
C:\Users\akys\Downloads\Nepotvrzeno 280233.crdownload => Moved successfully.
C:\Users\akys\Downloads\FRSTLauncher (1).exe => Moved successfully.
C:\Users\akys\Downloads\FRST.exe => Moved successfully.
C:\Users\akys\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\akys\random.dat => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\AmiUpdXp.job not found.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3283628575-1838000162-593940776-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\Norton Security Scan for akys.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC??

uzasne rychly, pracuje jak ma) dekuji

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Dekuji

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat