Kontrola logu

Zpráva

smik · #1 Příspěvek od **smik** » 04 čer 2014 06:31

Ahoj mám pocit že se mi tam nainstalil nějakej bordelík. Můžete mi mrknout na log. Děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by fryblik at 2014-06-04 07:24:11
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (7%) free of 72 GB
Total RAM: 3892 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:24:20, on 4.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\vsnp2uvc.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe
C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\trend micro\fryblik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [FjWirSel] C:\Program Files\Fujitsu\WirelessSelector\FJWSLauncher.exe
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\fryblik\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SpeedUpMyComputer] C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
O4 - HKCU\..\Run: [FixMyRegistry] C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
O4 - HKUS\S-1-5-21-2447260756-3487271360-2347022082-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2447260756-3487271360-2347022082-1001\..\Run: [AVG-Secure-Search-Update_JUNE2013_TB] "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB (User 'postgres')
O4 - HKUS\S-1-5-21-2447260756-3487271360-2347022082-1001\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun (User 'postgres')
O4 - HKUS\S-1-5-21-2447260756-3487271360-2347022082-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - S-1-5-21-2447260756-3487271360-2347022082-1001 User Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (User 'postgres')
O4 - .DEFAULT User Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (User 'Default user')
O4 - Global Startup: Scanner File Utility.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\fryblik\Desktop\PartyPoker.lnk
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\fryblik\Desktop\PartyPoker.lnk
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://85.207.91.72/RtspVaPgDec.cab
O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (o2c Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = gemo.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = gemo.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = gemo.local,gemo.local,gemo.local,gemo.local,gemo.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = gemo.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = gemo.local,gemo.local,gemo.local,gemo.local,gemo.local
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = gemo.local,gemo.local,gemo.local,gemo.local,gemo.local
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O2Flash Memory Service (O2Flash) - O2Micro International - C:\Windows\SysWOW64\o2flash.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PostgreSQL Database Server 8.3 (pgsql-8.3) - PostgreSQL Global Development Group - C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
O23 - Service: PowerSavingUtilityService - FUJITSU LIMITED - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SFUSVC - KYOCERA MITA CORPORATION - C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WirelessSelectorService - Unknown owner - C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11480 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\o2flash.exe
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe" runservice -w -N "pgsql-8.3" -D "C:\Program Files (x86)\PostgreSQL\8.3\data\"
"C:\Program Files\Fujitsu\PSUtility\PSUService.exe"
"C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe"
"C:\Program Files (x86)\Kyocera\FileUtility\nsCatCom.exe" SFUSVC
"C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe"
"C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe"
C:\Windows\SysWOW64\svchost.exe -k MbnExt
"C:/Program Files (x86)/PostgreSQL/8.3/bin/postgres.exe" -D "C:/Program Files (x86)/PostgreSQL/8.3/data"
\??\C:\Windows\system32\conhost.exe "-4891827601817927143-683826237-1083514545-614499909-1341847844-7511402691494176587
"C:/Program Files (x86)/PostgreSQL/8.3/bin/postgres.exe" "--forklog" "840" "836"
"C:/Program Files (x86)/PostgreSQL/8.3/bin/postgres.exe" "--forkboot" "868" "-x3"
"C:/Program Files (x86)/PostgreSQL/8.3/bin/postgres.exe" "--forkboot" "872" "-x4"
"C:/Program Files (x86)/PostgreSQL/8.3/bin/postgres.exe" "--forkavlauncher" "868"
"C:/Program Files (x86)/PostgreSQL/8.3/bin/postgres.exe" "--forkcol" "872"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe"
"C:\Program Files\Fujitsu\PSUtility\TrayManager.exe"
"C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe"
"C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\vsnp2uvc.exe"
"C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe" /hide /waitservice
"C:\Program Files\Fujitsu\WirelessSelector\FJWSLauncher.exe"
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe" "C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe"
"C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe"
"C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe"
"C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
szndesktop.exe default start
"C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "719613664-13193948842090656929-15398814159719409511372882213-1197995991870073930
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2700.10cab7b0.570756348 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2700 "\\.\pipe\gecko-crash-server-pipe.2700" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --proxy-stub-channel=Flash4572.6E2D6010.30887 --host-broker-channel=Flash4572.6E2D6010.3605 --host-pid=4572 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe" --channel=4356.003AF338.22097101 --proxy-stub-channel=Flash4572.6E2D6010.30887 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll" --host-npapi-version=27 --type=renderer
"C:\Users\fryblik\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-06 537576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-06 193512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{25A3A431-30BB-47C8-AD6A-E1063801134F} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08 654384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-10-09 1861416]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-11-19 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-11-19 390168]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-11-19 409624]
"SSUtility"=C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [2009-07-23 282984]
"PSUTility"=C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2009-07-30 188264]
"FDM7"=C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [2009-10-27 164712]
"LoadFujitsuQuickTouch"=C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [2009-10-15 157544]
"LoadBtnHnd"=C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2009-10-15 35176]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-10-28 8312352]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"egui"=C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [2013-02-14 4144944]
"CSRFTP"=C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FjWirSel"=C:\Program Files\Fujitsu\WirelessSelector\FJWSLauncher.exe [2009-07-21 161640]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2013-10-31 2166552]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\fryblik\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"SpeedUpMyComputer"=C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss []
"FixMyRegistry"=C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe [2014-05-26 1886840]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LoadFUJ02E3"=C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [2009-06-16 36712]
"IndicatorUtility"=C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [2009-10-09 47976]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2009-08-12 662016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Scanner File Utility.lnk - C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-11-06 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-06-03 18:36:51 ----D---- C:\Users\fryblik\AppData\Roaming\DarkSoulsII
2014-06-03 18:36:51 ----D---- C:\ProgramData\Steam
2014-06-03 17:52:33 ----D---- C:\Program Files (x86)\SmartTweak
2014-06-03 17:52:30 ----D---- C:\Program Files (x86)\Seznam.cz
2014-06-03 17:51:46 ----D---- C:\Users\fryblik\AppData\Roaming\Seznam.cz
2014-06-03 17:49:16 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2014-06-03 17:49:12 ----D---- C:\Users\fryblik\AppData\Roaming\DAEMON Tools Lite
2014-06-03 17:49:09 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2014-06-03 17:47:06 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-05-29 21:21:39 ----D---- C:\Program Files (x86)\RVG Software
2014-05-29 17:16:54 ----D---- C:\Users\fryblik\AppData\Roaming\VitySoft
2014-05-15 03:06:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 03:06:44 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 03:06:44 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 03:06:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 06:58:29 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 06:58:29 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 06:58:28 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 06:58:27 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 06:58:13 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 06:58:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 06:58:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 06:58:11 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 06:58:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 06:58:10 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 06:58:10 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 06:58:10 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 06:58:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 06:58:09 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 06:58:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 06:58:09 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 06:58:09 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 06:58:09 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 06:58:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 06:58:09 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 06:58:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 06:58:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 06:58:08 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 06:58:08 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 06:58:07 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 06:58:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 06:58:07 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 06:58:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 06:58:07 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 06:58:07 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 06:58:07 ----A---- C:\Windows\system32\credssp.dll
2014-05-10 09:09:28 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2014-06-04 07:24:14 ----D---- C:\Windows\Temp
2014-06-04 07:24:13 ----D---- C:\Program Files\trend micro
2014-06-04 07:09:12 ----RD---- C:\Program Files (x86)
2014-06-04 07:07:13 ----D---- C:\Program Files (x86)\PokerTracker 3
2014-06-04 06:54:15 ----D---- C:\Windows\system32\config
2014-06-04 06:43:40 ----SHD---- C:\System Volume Information
2014-06-04 06:37:24 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-03 19:20:55 ----D---- C:\Windows\Prefetch
2014-06-03 18:39:37 ----D---- C:\Windows\System32
2014-06-03 18:39:37 ----D---- C:\Windows\inf
2014-06-03 18:39:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-03 18:36:51 ----D---- C:\ProgramData
2014-06-03 17:50:30 ----D---- C:\Windows\system32\drivers
2014-06-03 17:50:29 ----D---- C:\Windows\system32\catroot
2014-06-03 17:50:18 ----D---- C:\Windows\system32\DriverStore
2014-06-02 17:27:31 ----D---- C:\Users\fryblik\AppData\Roaming\foobar2000
2014-05-29 21:34:43 ----D---- C:\Users\fryblik\AppData\Roaming\HoldemManager
2014-05-29 21:34:14 ----D---- C:\Program Files (x86)\PSQLINSTALL
2014-05-29 21:33:42 ----SHD---- C:\Windows\Installer
2014-05-29 21:33:42 ----HD---- C:\Config.Msi
2014-05-25 21:38:31 ----RSD---- C:\Windows\assembly
2014-05-25 21:38:29 ----A---- C:\blitzerr.txt
2014-05-23 06:39:13 ----D---- C:\Windows\Minidump
2014-05-23 06:39:07 ----D---- C:\Windows
2014-05-21 07:12:35 ----D---- C:\Windows\system32\catroot2
2014-05-18 11:17:35 ----D---- C:\Windows\SysWOW64
2014-05-18 11:17:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-18 10:05:24 ----D---- C:\Windows\system32\wdi
2014-05-15 04:06:17 ----D---- C:\Windows\rescache
2014-05-15 03:37:01 ----D---- C:\Windows\Microsoft.NET
2014-05-15 03:28:04 ----D---- C:\Windows\winsxs
2014-05-15 03:26:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-15 03:25:11 ----SD---- C:\Windows\system32\CompatTel
2014-05-15 03:25:06 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 03:25:06 ----D---- C:\Windows\PolicyDefinitions
2014-05-15 03:05:37 ----D---- C:\Windows\system32\MRT
2014-05-15 03:03:09 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 FJGSDisk;G-Sensor Application Filter Driver; C:\Windows\system32\DRIVERS\FJGSDisk.sys [2010-08-31 14696]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-11-20 537112]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-03 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-02-04 217000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-02-04 153200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-02-04 141304]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2009-11-01 283824]
R3 FUJ02B1;Fujitsu FUJ02B1 Device Driver; C:\Windows\system32\DRIVERS\FUJ02B1.sys [2006-11-01 7808]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver; C:\Windows\system32\DRIVERS\FUJ02E3.sys [2006-11-01 7296]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-11-01 56344]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2011-01-30 86016]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-11-06 7773856]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-10-28 2018080]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 244736]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-11-01 6952960]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2mdx64.sys [2009-05-13 58400]
R3 O2SCBUS;O2Micro SmartCardBus Reader; C:\Windows\system32\DRIVERS\ozscrx64.sys [2009-05-15 107808]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sdx64.sys [2009-07-03 56096]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-09-04 3531776]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-10-09 293936]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-26 6144]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 54272]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 52224]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2011-02-25 98816]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-08-31 82816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2013-02-14 1020304]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-01 262144]
R2 MbnExt;Mobile Broadband Extension Service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 O2Flash;O2Flash Memory Service; C:\Windows\SysWOW64\o2flash.exe [2007-02-13 65536]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 pgsql-8.3;PostgreSQL Database Server 8.3; C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [2009-12-10 65536]
R2 PowerSavingUtilityService;PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2009-07-30 63336]
R2 SFUSVC;SFUSVC; C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe [2003-09-16 61440]
R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-09-14 1956136]
R2 TestHandler;Fujitsu Diagnostic Testhandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2009-02-19 341264]
R2 WirelessSelectorService;WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [2009-07-21 62312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-18 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [2013-02-14 40888]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [2013-02-14 190208]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-31 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 04 čer 2014 07:17

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

smik · #3 Příspěvek od **smik** » 04 čer 2014 08:06

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by fryblik on st 04.06.2014 at 8:42:23,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\speedupmycomputer
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\browserconnection.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilividtoolbarguid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividmediabar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividmediabar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\search results toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\ilividsrtb
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\wincert"
Successfully deleted: [Folder] "C:\Users\fryblik\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\fryblik\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\fryblik\appdata\locallow\ilividtoolbarguid"
Successfully deleted: [Folder] "C:\Program Files (x86)\smarttweak"
Successfully deleted: [Folder] "C:\Users\fryblik\AppData\Roaming\microsoft\windows\start menu\programs\smarttweak software"
Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ FireFox

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 04.06.2014 at 8:48:52,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

smik · #4 Příspěvek od **smik** » 04 čer 2014 08:07

# AdwCleaner v3.211 - Report created 04/06/2014 at 08:52:15
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : fryblik - GE100558
# Running from : C:\Users\fryblik\Desktop\adwcleaner_3.211.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Found : C:\Users\fryblik\Desktop\FixMyRegistry.lnk
Folder Found : C:\ProgramData\Browser Manager

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry
Key Found : HKLM\Software\Software
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

*************************

AdwCleaner[R0].txt - [2084 octets] - [04/06/2014 08:52:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2144 octets] ##########

#5 Příspěvek od **vyosek** » 05 čer 2014 06:36

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

smik · #6 Příspěvek od **smik** » 05 čer 2014 13:10

# AdwCleaner v3.211 - Report created 05/06/2014 at 14:05:03
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : fryblik - GE100558
# Running from : C:\Users\fryblik\Desktop\adwcleaner_3.211.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\Browser Manager
File Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Users\fryblik\Desktop\FixMyRegistry.lnk

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [FixMyRegistry]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKLM\Software\Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FixMyRegistry

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

*************************

AdwCleaner[R0].txt - [2244 octets] - [04/06/2014 08:52:15]
AdwCleaner[R1].txt - [2304 octets] - [05/06/2014 14:03:54]
AdwCleaner[S0].txt - [2247 octets] - [05/06/2014 14:05:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2307 octets] ##########

#7 Příspěvek od **vyosek** » 06 čer 2014 06:57

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

smik · #8 Příspěvek od **smik** » 08 čer 2014 11:43

Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by fryblik on ne 08.06.2014 at 12:16:11,76.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\fryblik\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

8.6.2014 12:17:23 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://search.mywebsearch.com/mywebsear ... searchfor=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik

user.js not found
---- Lines WebSearch removed from prefs.js ----
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "http://search.mywebsearch.com/mywebsear ... AAC35D5BD1
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "http://home.mywebsearch.com/index.jhtml ... 5BD1&n=77f
---- Lines mindspark removed from prefs.js ----
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.lastGuardTime", -1036701952);
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.numGuards", 1);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013052015");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm007^YY^cz");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "CL3b1aHopLcCFcNQ3godpH0A8A");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "6BDF6AEE-648F-45F1-A734-D7AAC35D5BD1");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1369111412146");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
---- Lines FFPDFArchitectConverter@pdfarchitect.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"FFPDFArchitectConverter@pdfarchitect.com\":{\"descriptor\":\"C:\\
---- FireFox user.js and prefs.js backups ----

prefs_08.06.2014_1227_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Users\fryblik\AppData\Roaming\IposSet.ini deleted
C:\PROGRA~3\InstallMate deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.ini deleted
C:\Windows\Syswow64\~.tmp deleted
C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\searchplugins\my-web-search.xml deleted
"C:\Users\fryblik\AppData\Roaming\Vso" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []

==== Firefox Extensions ======================

ProfilePath: C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- FxIF - %ProfilePath%\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{036D36BA-DAE4-4DB6-B3FD-BE663F520B28} Unknown Url="Not_Found"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{7E5F9E60-A0CA-4FC9-92EB-A2BB43F74F4B} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2603975011-3607630382-3993980529-1489\Software\Microsoft\Internet Explorer\SearchScopes\{036D36BA-DAE4-4DB6-B3FD-BE663F520B28} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fryblik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fryblik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=59 folders=6 3722300 bytes)

==== Empty Temp Folders ======================

C:\Users\administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\fryblik\AppData\Local\Temp will be emptied at reboot
C:\Users\Journal\AppData\Local\temp emptied successfully
C:\Users\postgres\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\RegBack\AppData\Local\temp emptied successfully
C:\Users\sugar.GEMO\AppData\Local\temp emptied successfully
C:\Users\systemprofile\AppData\Local\temp emptied successfully
C:\Users\TxR\AppData\Local\temp emptied successfully
C:\Users\SUGAR~2.GEM\AppData\Local\temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\fryblik\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 08.06.2014 at 12:33:29,67 ======================

#9 Příspěvek od **vyosek** » 08 čer 2014 21:51

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

smik · #10 Příspěvek od **smik** » 09 čer 2014 10:15

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014
Ran by fryblik (administrator) on GE100558 on 09-06-2014 10:36:01
Running from C:\Users\fryblik\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\WirelessSelector\FJWSLauncher.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(KYOCERA MITA Corporation) C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\fryblik\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [SSUtility] => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [282984 2009-07-23] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-10-27] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4144944 2013-02-14] (ESET)
HKLM\...\Run: [CSRFTP] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe
HKLM-x32\...\Run: [LoadFUJ02E3] => C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2447260756-3487271360-2347022082-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-2447260756-3487271360-2347022082-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [FjWirSel] => C:\Program Files\Fujitsu\WirelessSelector\FJWSLauncher.exe [161640 2009-07-21] (FUJITSU LIMITED)
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2166552 2013-10-31] (Gemfor s.r.o.)
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [cz.seznam.software.autoupdate] => C:\Users\fryblik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [cz.seznam.software.szndesktop] => C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner File Utility.lnk
ShortcutTarget: Scanner File Utility.lnk -> C:\Program Files (x86)\Kyocera\FileUtility\NsCatCom.exe (KYOCERA MITA Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)

==================== Internet (Whitelisted) ====================

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} http://85.207.91.72/RtspVaPgDec.cab
DPF: HKLM-x32 {B1953AD6-C50E-11D3-B020-00A0C9251384} http://www.o2c.de/download/o2cplayer.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100

FireFox:
========
FF ProfilePath: C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: DownloadHelper - C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-29]
FF Extension: Seznam lištička - C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: FxIF - C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2013-09-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2013-11-12]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2013-11-12]

==================== Services (Whitelisted) =================

S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [40888 2013-02-14] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1020304 2013-02-14] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [190208 2013-02-14] (ESET)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [File not signed]
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-13] (O2Micro International) [File not signed]
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 pgsql-8.3; C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [65536 2009-12-10] (PostgreSQL Global Development Group) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
S2 SFUSVC; C:\Program Files (x86)\Kyocera\FileUtility\SFUSVC.exe [61440 2003-09-16] (KYOCERA MITA CORPORATION) [File not signed]
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()

==================== Drivers (Whitelisted) ====================

S3 Axtmvflt; C:\Windows\System32\DRIVERS\Axtmvflt.sys [6144 2007-03-26] (Axesstel)
S3 Axtmvmdm; C:\Windows\System32\DRIVERS\Axtmvmdm.sys [54272 2007-03-26] (Axesstel)
S3 Axtmvprt; C:\Windows\System32\Drivers\Axtmvprt.sys [52224 2007-03-26] (Axesstel)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-03] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [217000 2013-02-04] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [183016 2013-04-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [153200 2013-02-04] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [141304 2013-02-04] (ESET)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [14696 2010-08-31] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3531776 2009-09-04] ()
S3 BthAvrcp; system32\DRIVERS\BthAvrcp.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-09 10:36 - 2014-06-09 10:37 - 00017974 _____ () C:\Users\fryblik\Desktop\FRST.txt
2014-06-09 10:35 - 2014-06-09 10:36 - 00000000 ____D () C:\FRST
2014-06-09 10:34 - 2014-06-09 10:34 - 02080768 _____ (Farbar) C:\Users\fryblik\Desktop\FRST64.exe
2014-06-09 10:34 - 2014-06-09 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\fryblik\Desktop\FRSTLauncher.exe
2014-06-08 12:42 - 2014-06-08 16:35 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-06-08 12:42 - 2014-06-08 12:42 - 00018778 _____ () C:\Users\fryblik\Desktop\install.log
2014-06-08 12:42 - 2014-06-08 12:42 - 00001098 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-06-08 12:42 - 2014-06-08 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-06-08 12:30 - 2014-06-09 10:37 - 00000000 ____D () C:\Users\fryblik\AppData\Local\Temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\TxR\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\systemprofile\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\sugar.GEMO\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\RegBack\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\postgres\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Journal\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\administrator\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-08 12:26 - 2014-06-08 12:33 - 00000000 ____D () C:\zoek
2014-06-08 12:17 - 2014-06-08 12:33 - 00011427 _____ () C:\zoek-results.log
2014-06-08 12:16 - 2014-06-08 12:27 - 00000000 ____D () C:\zoek_backup
2014-06-06 11:04 - 2014-06-06 11:04 - 01285120 _____ () C:\Users\fryblik\Desktop\zoek.exe
2014-06-05 22:52 - 2014-06-05 22:52 - 00001054 _____ () C:\Users\fryblik\Desktop\DSIIMouse1.2.ahk
2014-06-04 08:55 - 2014-06-04 08:55 - 00002244 _____ () C:\Users\fryblik\Desktop\AdwCleaner[R0].txt
2014-06-04 08:52 - 2014-06-05 14:05 - 00000000 ____D () C:\AdwCleaner
2014-06-04 08:48 - 2014-06-04 08:48 - 00004385 _____ () C:\Users\fryblik\Desktop\JRT.txt
2014-06-04 08:42 - 2014-06-04 08:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 08:38 - 2014-06-04 08:38 - 01327971 _____ () C:\Users\fryblik\Desktop\adwcleaner_3.211.exe
2014-06-04 08:38 - 2014-06-04 08:38 - 01016261 _____ (Thisisu) C:\Users\fryblik\Desktop\JRT.exe
2014-06-03 18:36 - 2014-06-03 18:37 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\DarkSoulsII
2014-06-03 18:36 - 2014-06-03 18:36 - 00000000 ____D () C:\ProgramData\Steam
2014-06-03 18:19 - 2014-06-03 18:19 - 00000970 _____ () C:\Users\fryblik\Desktop\Dark Souls II.lnk
2014-06-03 17:52 - 2014-06-03 17:52 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-06-03 17:51 - 2014-06-09 10:22 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\Seznam.cz
2014-06-03 17:50 - 2014-06-03 17:50 - 00001960 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-03 17:50 - 2014-06-03 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-03 17:49 - 2014-06-03 17:52 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\DAEMON Tools Lite
2014-06-03 17:49 - 2014-06-03 17:49 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-06-03 17:49 - 2014-06-03 17:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-06-03 17:47 - 2014-06-03 17:52 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-05-29 21:21 - 2014-05-29 21:23 - 00000000 ____D () C:\Program Files (x86)\RVG Software
2014-05-29 17:16 - 2014-05-29 17:16 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\VitySoft
2014-05-29 17:16 - 2014-05-29 17:16 - 00000000 ____D () C:\Users\fryblik\.objectdb
2014-05-23 06:39 - 2014-05-23 06:39 - 00282416 _____ () C:\Windows\Minidump\052314-29889-01.dmp
2014-05-15 03:06 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:06 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:06 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:06 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:06 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:06 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 06:58 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 06:58 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 06:58 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 06:58 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 06:58 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 06:58 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 06:58 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 06:58 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 06:58 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 06:58 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 06:58 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 06:58 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 06:58 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 06:58 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 06:58 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 06:58 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 06:58 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 06:58 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 06:58 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 06:58 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 06:58 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 06:58 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 06:58 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 06:58 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 06:58 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 06:58 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 06:58 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 06:58 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 11:49 - 2014-05-13 11:49 - 00000000 __SHD () C:\Users\fryblik\AppData\Local\EmieUserList
2014-05-13 11:49 - 2014-05-13 11:49 - 00000000 __SHD () C:\Users\fryblik\AppData\Local\EmieSiteList
2014-05-10 09:09 - 2014-05-10 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-06-09 10:37 - 2014-06-09 10:36 - 00017974 _____ () C:\Users\fryblik\Desktop\FRST.txt
2014-06-09 10:37 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\fryblik\AppData\Local\Temp
2014-06-09 10:36 - 2014-06-09 10:35 - 00000000 ____D () C:\FRST
2014-06-09 10:34 - 2014-06-09 10:34 - 02080768 _____ (Farbar) C:\Users\fryblik\Desktop\FRST64.exe
2014-06-09 10:34 - 2014-06-09 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\fryblik\Desktop\FRSTLauncher.exe
2014-06-09 10:24 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 10:24 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 10:22 - 2014-06-03 17:51 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\Seznam.cz
2014-06-09 10:17 - 2012-07-25 11:52 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-09 10:16 - 2013-12-22 17:29 - 00005276 _____ () C:\Windows\setupact.log
2014-06-09 10:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-08 22:22 - 2013-08-31 13:01 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\HoldemManager
2014-06-08 22:22 - 2010-08-31 16:46 - 01344713 _____ () C:\Windows\WindowsUpdate.log
2014-06-08 18:29 - 2013-08-31 14:03 - 00547847 _____ () C:\blitzerr.txt
2014-06-08 18:29 - 2013-07-10 13:15 - 00000000 ____D () C:\Users\fryblik\AppData\Local\PokerStars
2014-06-08 16:35 - 2014-06-08 12:42 - 00000000 ____D () C:\Program Files (x86)\Holdem Manager 2
2014-06-08 16:33 - 2011-11-16 14:43 - 00000000 ____D () C:\Program Files (x86)\TableScan Turbo
2014-06-08 16:32 - 2013-07-09 11:18 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-06-08 12:43 - 2013-08-31 13:00 - 00000000 ____D () C:\Program Files (x86)\PSQLINSTALL
2014-06-08 12:42 - 2014-06-08 12:42 - 00018778 _____ () C:\Users\fryblik\Desktop\install.log
2014-06-08 12:42 - 2014-06-08 12:42 - 00001098 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-06-08 12:42 - 2014-06-08 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2
2014-06-08 12:33 - 2014-06-08 12:26 - 00000000 ____D () C:\zoek
2014-06-08 12:33 - 2014-06-08 12:17 - 00011427 _____ () C:\zoek-results.log
2014-06-08 12:31 - 2014-03-03 10:53 - 00147998 _____ () C:\Windows\PFRO.log
2014-06-08 12:31 - 2011-10-31 23:38 - 00000000 ____D () C:\Users\postgres
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\TxR\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\systemprofile\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\sugar.GEMO\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\RegBack\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\postgres\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Journal\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-08 12:30 - 2014-06-08 12:30 - 00000000 ____D () C:\Users\administrator\AppData\Local\temp
2014-06-08 12:27 - 2014-06-08 12:16 - 00000000 ____D () C:\zoek_backup
2014-06-08 12:16 - 2014-06-08 12:30 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-06 11:04 - 2014-06-06 11:04 - 01285120 _____ () C:\Users\fryblik\Desktop\zoek.exe
2014-06-06 11:03 - 2010-08-31 08:23 - 00000112 _____ () C:\Windows\system32\config\netlogon.ftl
2014-06-06 07:01 - 2013-04-21 08:02 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\foobar2000
2014-06-06 06:50 - 2009-08-10 18:18 - 00672424 _____ () C:\Windows\system32\perfh005.dat
2014-06-06 06:50 - 2009-08-10 18:18 - 00142988 _____ () C:\Windows\system32\perfc005.dat
2014-06-06 06:50 - 2009-07-14 07:13 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-05 22:52 - 2014-06-05 22:52 - 00001054 _____ () C:\Users\fryblik\Desktop\DSIIMouse1.2.ahk
2014-06-05 14:05 - 2014-06-04 08:52 - 00000000 ____D () C:\AdwCleaner
2014-06-04 08:55 - 2014-06-04 08:55 - 00002244 _____ () C:\Users\fryblik\Desktop\AdwCleaner[R0].txt
2014-06-04 08:48 - 2014-06-04 08:48 - 00004385 _____ () C:\Users\fryblik\Desktop\JRT.txt
2014-06-04 08:42 - 2014-06-04 08:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 08:38 - 2014-06-04 08:38 - 01327971 _____ () C:\Users\fryblik\Desktop\adwcleaner_3.211.exe
2014-06-04 08:38 - 2014-06-04 08:38 - 01016261 _____ (Thisisu) C:\Users\fryblik\Desktop\JRT.exe
2014-06-04 07:24 - 2013-12-20 12:38 - 00000000 ____D () C:\Program Files\trend micro
2014-06-04 07:07 - 2011-10-31 23:35 - 00000000 ____D () C:\Program Files (x86)\PokerTracker 3
2014-06-04 07:06 - 2011-11-23 17:21 - 00000000 ____D () C:\Users\fryblik\AppData\Local\Apps\2.0
2014-06-03 18:37 - 2014-06-03 18:36 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\DarkSoulsII
2014-06-03 18:36 - 2014-06-03 18:36 - 00000000 ____D () C:\ProgramData\Steam
2014-06-03 18:19 - 2014-06-03 18:19 - 00000970 _____ () C:\Users\fryblik\Desktop\Dark Souls II.lnk
2014-06-03 17:52 - 2014-06-03 17:52 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-06-03 17:52 - 2014-06-03 17:49 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\DAEMON Tools Lite
2014-06-03 17:52 - 2014-06-03 17:47 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-06-03 17:50 - 2014-06-03 17:50 - 00001960 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-06-03 17:50 - 2014-06-03 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-06-03 17:49 - 2014-06-03 17:49 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-06-03 17:49 - 2014-06-03 17:49 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-05-29 21:23 - 2014-05-29 21:21 - 00000000 ____D () C:\Program Files (x86)\RVG Software
2014-05-29 17:16 - 2014-05-29 17:16 - 00000000 ____D () C:\Users\fryblik\AppData\Roaming\VitySoft
2014-05-29 17:16 - 2014-05-29 17:16 - 00000000 ____D () C:\Users\fryblik\.objectdb
2014-05-29 17:16 - 2011-10-03 14:48 - 00000000 ____D () C:\Users\fryblik
2014-05-23 06:39 - 2014-05-23 06:39 - 00282416 _____ () C:\Windows\Minidump\052314-29889-01.dmp
2014-05-23 06:39 - 2014-03-24 18:03 - 690238975 _____ () C:\Windows\MEMORY.DMP
2014-05-23 06:39 - 2011-02-10 17:18 - 00000000 ____D () C:\Windows\Minidump
2014-05-22 14:32 - 2011-10-26 12:48 - 00001463 _____ () C:\Users\fryblik\Desktop\IPOSWin 1.0 ADO.lnk
2014-05-18 13:17 - 2012-07-25 11:52 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-18 11:17 - 2012-07-25 11:52 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-18 11:17 - 2011-09-26 10:57 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-18 10:07 - 2012-01-24 18:23 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-15 07:23 - 2011-10-03 14:48 - 00000000 ___RD () C:\Users\fryblik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup
2014-05-15 07:23 - 2011-10-03 14:48 - 00000000 ___RD () C:\Users\fryblik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 04:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-15 03:26 - 2013-05-06 11:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-15 03:25 - 2014-05-01 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 03:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 03:05 - 2013-08-03 20:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 03:03 - 2010-08-31 14:04 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-13 11:49 - 2014-05-13 11:49 - 00000000 __SHD () C:\Users\fryblik\AppData\Local\EmieUserList
2014-05-13 11:49 - 2014-05-13 11:49 - 00000000 __SHD () C:\Users\fryblik\AppData\Local\EmieSiteList
2014-05-10 09:09 - 2014-05-10 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-05-29 07:27

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (System) (Fixed) (Total:70 GB) (Free:7.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:226.08 GB) (Free:107.15 GB) NTFS
Drive e: (Dark Souls II) (CDROM) (Total:5.11 GB) (Free:0 GB) CDFS

Available physical RAM: 2207.54 MB
Total physical RAM: 3891.5 MB
Percentage of memory in use: 43%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 27987793)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=226 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\fryblik\Desktop" je 6 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#11 Příspěvek od **vyosek** » 09 čer 2014 21:50

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2447260756-3487271360-2347022082-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
C:\Program Files (x86)\AVG Secure Search
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [cz.seznam.software.autoupdate] => C:\Users\fryblik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [cz.seznam.software.szndesktop] => C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

FF Extension: FxIF - C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2013-09-18]

2014-06-09 10:34 - 2014-06-09 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\fryblik\Desktop\FRSTLauncher.exe
2014-06-08 12:30 - 2014-06-08 12:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-08 12:26 - 2014-06-08 12:33 - 00000000 ____D () C:\zoek
2014-06-08 12:17 - 2014-06-08 12:33 - 00011427 _____ () C:\zoek-results.log
2014-06-08 12:16 - 2014-06-08 12:27 - 00000000 ____D () C:\zoek_backup
2014-06-06 11:04 - 2014-06-06 11:04 - 01285120 _____ () C:\Users\fryblik\Desktop\zoek.exe
2014-06-04 08:55 - 2014-06-04 08:55 - 00002244 _____ () C:\Users\fryblik\Desktop\AdwCleaner[R0].txt
2014-06-04 08:52 - 2014-06-05 14:05 - 00000000 ____D () C:\AdwCleaner
2014-06-04 08:48 - 2014-06-04 08:48 - 00004385 _____ () C:\Users\fryblik\Desktop\JRT.txt
2014-06-04 08:42 - 2014-06-04 08:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 08:38 - 2014-06-04 08:38 - 01327971 _____ () C:\Users\fryblik\Desktop\adwcleaner_3.211.exe
2014-06-04 08:38 - 2014-06-04 08:38 - 01016261 _____ (Thisisu) C:\Users\fryblik\Desktop\JRT.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

smik · #12 Příspěvek od **smik** » 10 čer 2014 11:33

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-06-2014
Ran by fryblik at 2014-06-10 12:11:02 Run:1
Running from C:\Users\fryblik\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2447260756-3487271360-2347022082-1001\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
C:\Program Files (x86)\AVG Secure Search
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [cz.seznam.software.autoupdate] => C:\Users\fryblik\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\...\Run: [cz.seznam.software.szndesktop] => C:\Users\fryblik\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

ProxyServer: :0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}

FF Extension: FxIF - C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2013-09-18]

2014-06-09 10:34 - 2014-06-09 10:34 - 00112640 _____ (forum.viry.cz) C:\Users\fryblik\Desktop\FRSTLauncher.exe
2014-06-08 12:30 - 2014-06-08 12:16 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-08 12:26 - 2014-06-08 12:33 - 00000000 ____D () C:\zoek
2014-06-08 12:17 - 2014-06-08 12:33 - 00011427 _____ () C:\zoek-results.log
2014-06-08 12:16 - 2014-06-08 12:27 - 00000000 ____D () C:\zoek_backup
2014-06-06 11:04 - 2014-06-06 11:04 - 01285120 _____ () C:\Users\fryblik\Desktop\zoek.exe
2014-06-04 08:55 - 2014-06-04 08:55 - 00002244 _____ () C:\Users\fryblik\Desktop\AdwCleaner[R0].txt
2014-06-04 08:52 - 2014-06-05 14:05 - 00000000 ____D () C:\AdwCleaner
2014-06-04 08:48 - 2014-06-04 08:48 - 00004385 _____ () C:\Users\fryblik\Desktop\JRT.txt
2014-06-04 08:42 - 2014-06-04 08:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 08:38 - 2014-06-04 08:38 - 01327971 _____ () C:\Users\fryblik\Desktop\adwcleaner_3.211.exe
2014-06-04 08:38 - 2014-06-04 08:38 - 01016261 _____ (Thisisu) C:\Users\fryblik\Desktop\JRT.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKU\S-1-5-21-2447260756-3487271360-2347022082-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => value deleted successfully.
"C:\Program Files (x86)\AVG Secure Search" => File/Directory not found.
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-2603975011-3607630382-3993980529-1489\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully.
'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}' => Key deleted successfully.
'HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}'=> Key not found.
C:\Users\fryblik\AppData\Roaming\Mozilla\Profiles\c5xxi7sc.Smik\Extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi => Moved successfully.
C:\Users\fryblik\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\fryblik\Desktop\zoek.exe => Moved successfully.
C:\Users\fryblik\Desktop\AdwCleaner[R0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\fryblik\Desktop\JRT.txt => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\fryblik\Desktop\adwcleaner_3.211.exe => Moved successfully.
C:\Users\fryblik\Desktop\JRT.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

#13 Příspěvek od **vyosek** » 10 čer 2014 11:34

Fajn, jak se chova PC??

smik · #14 Příspěvek od **smik** » 10 čer 2014 13:08

Přijde mi to OK. Nic neobvyklého nepozoruji. Jenom po té poslední operaci se mi asi vytvořil nějaký dávkový soubor LM na ploše kde mám i FRST, ale nevím jestli tam nebyl už dřív. Každopádně jsem si ho všimnul až teď.

Vše se mi zdá ale OK

#15 Příspěvek od **vyosek** » 10 čer 2014 13:09

LM.bat smazte

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu