VIRY.CZ

dobrý den.
prosím o pomoc s vyřešením problému. ve firefoxu mi vyskakují ve stránce reklamy na hry gameforge a při spuštěné hře ikariam se začnou otevírat další okna s reklamou. počítač výrazně zpomalí a prohlížeč po čase zatuhne. firefox jsem několikrát odinstaloval/nainstaloval beze změny. instalace google chrome se zdála být výhrou. bohužel, po určité době jsem byl navrácen do reality a reklamy vyskakují i zde
díky předem za pomoc

log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by oldbob (administrator) on OLDBOB-PC on 28-07-2014 20:03:51
Running from C:\Users\oldbob\Desktop
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
() C:\Windows\System32\PnkBstrA.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\oldbob\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-10-17] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1766143570-740836603-3036058849-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1766143570-740836603-3036058849-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1766143570-740836603-3036058849-1004\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logo Calibration Loader.lnk
ShortcutTarget: Logo Calibration Loader.lnk -> C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ProfileReminder.lnk
ShortcutTarget: ProfileReminder.lnk -> C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
HKLM\...\AppCertDlls: [x86] -> c:\program files\settings manager\systemk\sysapcrt.dll
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.doko-search.com/?babsrc=HP_s ... l&tsp=5256
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
URLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... earchTerms}
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... l&tsp=5256
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... earchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511951170} -> No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {828DC97A-2277-4E10-92A9-4907FA0922A9} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: https://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\default-search.xml
FF Extension: Plus-HD-V1.9 - C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\Extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com [2014-07-13]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-14]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-21]

Chrome:
=======
CHR HomePage: https://www.seznam.cz/?clid=22668
CHR StartupUrls: "https://www.seznam.cz/?clid=22668"
CHR Extension: (Dokumenty Google) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-26]
CHR Extension: (Disk Google) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-26]
CHR Extension: (YouTube) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-26]
CHR Extension: (Vyhledávání Google) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-26]
CHR Extension: (avast! Online Security) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-26]
CHR Extension: (HDPlus-V1.9) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeldhknnfopoiloahhpmbblbhemankjj [2014-07-28]
CHR Extension: (Peněženka Google) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-26]
CHR Extension: (Gmail) - C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-26]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-03] (AVAST Software)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-04-21] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [531224 2013-10-04] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-07-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-07-03] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-03] ()
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [31120 2014-05-18] (Aztec Media Inc)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc. )
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [12088 2013-09-19] (Windows (R) Win 7 DDK provider)
S3 i1; C:\Windows\System32\Drivers\i1.sys [26045 2003-11-27] (GretagMacbeth)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
R2 PDIHWCTL; C:\Windows\system32\drivers\pdihwctl.sys [14416 2007-01-25] (Portrait Displays, Inc.) [File not signed]
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [76600 2013-09-19] (Wacom Technology)
R3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13112 2013-09-19] (Wacom Technology)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 20:03 - 2014-07-28 20:04 - 00018026 _____ () C:\Users\oldbob\Desktop\FRST.txt
2014-07-28 20:03 - 2014-07-28 20:03 - 00000000 ____D () C:\FRST
2014-07-28 20:02 - 2014-07-28 20:02 - 00112640 _____ (forum.viry.cz) C:\Users\oldbob\Desktop\FRSTLauncher.exe
2014-07-28 19:23 - 2014-07-28 19:24 - 01084416 _____ (Farbar) C:\Users\oldbob\Desktop\FRST.exe
2014-07-26 20:44 - 2014-07-28 19:35 - 00001008 _____ () C:\Windows\setupact.log
2014-07-26 20:44 - 2014-07-26 20:44 - 00003184 _____ () C:\Windows\PFRO.log
2014-07-26 20:44 - 2014-07-26 20:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 17:51 - 2014-07-26 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-26 17:50 - 2014-07-28 19:55 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 17:50 - 2014-07-28 19:36 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 17:50 - 2014-07-26 17:51 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Google
2014-07-26 17:50 - 2014-07-26 17:50 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Deployment
2014-07-26 17:50 - 2014-07-26 17:50 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Apps\2.0
2014-07-26 16:26 - 2014-07-26 16:26 - 00244344 _____ () C:\Users\oldbob\Desktop\Firefox Setup Stub 31.0.exe
2014-07-26 16:15 - 2014-07-26 16:15 - 00000000 __SHD () C:\Users\oldbob\AppData\Local\EmieUserList
2014-07-26 16:15 - 2014-07-26 16:15 - 00000000 __SHD () C:\Users\oldbob\AppData\Local\EmieSiteList
2014-07-19 21:11 - 2014-07-19 21:11 - 00000023 _____ () C:\Users\oldbob\Desktop\wot_retards.txt
2014-07-17 21:14 - 2014-07-17 21:29 - 2371675306 _____ () C:\Users\oldbob\Desktop\GR_140621_2220_prima_Vymahači_-W_-HD.sc1.avi
2014-07-16 21:35 - 2014-07-19 16:10 - 00000000 ____D () C:\Users\oldbob\Documents\ManiaPlanet
2014-07-16 21:35 - 2014-07-19 15:53 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ___RD () C:\Program Files\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-07-10 18:46 - 2014-07-28 19:36 - 00003438 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job
2014-07-10 18:46 - 2014-07-28 19:36 - 00002412 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job
2014-07-10 18:46 - 2014-07-28 19:36 - 00002174 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job
2014-07-10 18:46 - 2014-07-28 19:36 - 00001512 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job
2014-07-10 18:46 - 2014-07-28 19:36 - 00001430 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job
2014-07-10 18:46 - 2014-07-28 19:36 - 00001412 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job
2014-07-10 18:46 - 2014-07-28 19:36 - 00001320 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job
2014-07-10 18:46 - 2014-07-10 18:46 - 00000000 ____D () C:\Program Files\HDPlus-V1.9
2014-07-09 19:59 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 19:59 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 19:59 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 19:59 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 19:59 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 19:59 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 19:59 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 19:59 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 19:59 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 19:59 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 19:59 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 19:59 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 19:59 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 19:59 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 19:59 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 19:59 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 19:59 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 19:59 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 19:59 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 19:59 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 19:59 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 19:59 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 19:59 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 19:59 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 19:59 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 19:59 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 19:59 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 19:59 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 19:59 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 19:59 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 19:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 19:59 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 19:59 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 19:58 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 19:58 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 19:57 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-07 17:56 - 2014-07-07 19:32 - 00000000 ____D () C:\Users\oldbob\AppData\Roaming\GretagMacbeth
2014-07-07 17:50 - 2014-07-07 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GretagMacbeth
2014-07-07 17:50 - 2014-07-07 17:50 - 00000000 ____D () C:\Program Files\X-Rite
2014-07-07 17:50 - 2007-03-06 11:29 - 00029184 _____ (Thesycon GmbH, Germany) C:\Windows\system32\Drivers\i1iO2.sys
2014-07-07 17:50 - 2007-01-25 16:41 - 00126976 _____ (Portrait Displays, Inc.) C:\Windows\system32\Drivers\direci2c.dll
2014-07-07 17:50 - 2007-01-25 16:41 - 00014416 _____ (Portrait Displays, Inc.) C:\Windows\system32\Drivers\pdihwctl.sys
2014-07-07 17:50 - 2004-10-15 07:54 - 00044344 _____ () C:\Windows\system32\Drivers\i1display.sys
2014-07-07 17:50 - 2003-11-27 07:49 - 00026045 _____ (GretagMacbeth) C:\Windows\system32\Drivers\i1.sys
2014-07-07 17:49 - 2014-07-07 17:49 - 00000000 ____D () C:\Program Files\GretagMacbeth
2014-07-03 10:11 - 2014-07-03 10:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 20:04 - 2014-07-28 20:03 - 00018026 _____ () C:\Users\oldbob\Desktop\FRST.txt
2014-07-28 20:03 - 2014-07-28 20:03 - 00000000 ____D () C:\FRST
2014-07-28 20:02 - 2014-07-28 20:02 - 00112640 _____ (forum.viry.cz) C:\Users\oldbob\Desktop\FRSTLauncher.exe
2014-07-28 19:55 - 2014-07-26 17:50 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 19:43 - 2009-07-14 06:34 - 00018384 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 19:43 - 2009-07-14 06:34 - 00018384 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 19:41 - 2013-10-14 17:37 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-28 19:39 - 2013-10-14 16:51 - 02017506 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 19:36 - 2014-07-26 17:50 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00003438 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00002412 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00002174 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00001512 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00001430 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00001412 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job
2014-07-28 19:36 - 2014-07-10 18:46 - 00001320 _____ () C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job
2014-07-28 19:35 - 2014-07-26 20:44 - 00001008 _____ () C:\Windows\setupact.log
2014-07-28 19:35 - 2013-10-14 17:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-28 19:35 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 19:34 - 2013-10-14 20:52 - 00000000 ____D () C:\Program Files\Steam
2014-07-28 19:24 - 2014-07-28 19:23 - 01084416 _____ (Farbar) C:\Users\oldbob\Desktop\FRST.exe
2014-07-27 21:54 - 2013-10-15 21:55 - 00000000 ____D () C:\Users\oldbob\AppData\Roaming\TS3Client
2014-07-26 20:44 - 2014-07-26 20:44 - 00003184 _____ () C:\Windows\PFRO.log
2014-07-26 20:44 - 2014-07-26 20:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-26 17:51 - 2014-07-26 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-26 17:51 - 2014-07-26 17:50 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Google
2014-07-26 17:51 - 2013-11-04 08:10 - 00000000 ____D () C:\Program Files\Google
2014-07-26 17:50 - 2014-07-26 17:50 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Deployment
2014-07-26 17:50 - 2014-07-26 17:50 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Apps\2.0
2014-07-26 16:26 - 2014-07-26 16:26 - 00244344 _____ () C:\Users\oldbob\Desktop\Firefox Setup Stub 31.0.exe
2014-07-26 16:15 - 2014-07-26 16:15 - 00000000 __SHD () C:\Users\oldbob\AppData\Local\EmieUserList
2014-07-26 16:15 - 2014-07-26 16:15 - 00000000 __SHD () C:\Users\oldbob\AppData\Local\EmieSiteList
2014-07-26 15:31 - 2013-10-14 21:35 - 00000000 ____D () C:\Users\oldbob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-22 17:44 - 2009-07-14 04:04 - 00450709 ____R () C:\Windows\system32\Drivers\etc\hosts.20140726-160644.backup
2014-07-19 21:11 - 2014-07-19 21:11 - 00000023 _____ () C:\Users\oldbob\Desktop\wot_retards.txt
2014-07-19 16:10 - 2014-07-16 21:35 - 00000000 ____D () C:\Users\oldbob\Documents\ManiaPlanet
2014-07-19 15:53 - 2014-07-16 21:35 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2014-07-19 01:07 - 2013-10-14 20:52 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-17 21:29 - 2014-07-17 21:14 - 2371675306 _____ () C:\Users\oldbob\Desktop\GR_140621_2220_prima_Vymahači_-W_-HD.sc1.avi
2014-07-17 17:25 - 2013-10-15 17:38 - 00000000 ___RD () C:\Users\oldbob\Desktop\Games
2014-07-16 21:41 - 2013-10-28 16:45 - 00010037 _____ () C:\Users\oldbob\Desktop\SEZNAM.txt
2014-07-15 10:23 - 2009-07-14 04:04 - 00450709 ____R () C:\Windows\system32\Drivers\etc\hosts.20140722-174448.backup
2014-07-15 10:22 - 2009-07-14 04:04 - 00450709 ____R () C:\Windows\system32\Drivers\etc\hosts.20140715-102336.backup
2014-07-13 20:06 - 2013-10-14 18:30 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-13 20:06 - 2013-10-14 18:30 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-13 19:07 - 2014-01-04 19:12 - 00000000 ____D () C:\Users\oldbob\AppData\Roaming\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ___RD () C:\Program Files\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ____D () C:\Users\oldbob\AppData\Local\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-13 16:03 - 2014-07-13 16:03 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-07-13 16:03 - 2014-01-04 19:11 - 00000000 ____D () C:\ProgramData\Skype
2014-07-12 03:27 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-10 18:46 - 2014-07-10 18:46 - 00000000 ____D () C:\Program Files\HDPlus-V1.9
2014-07-10 18:42 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-07-09 20:09 - 2009-07-14 06:33 - 03758104 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 20:07 - 2009-07-14 11:21 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 20:02 - 2013-10-15 23:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 20:00 - 2013-10-15 23:23 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-07 19:32 - 2014-07-07 17:56 - 00000000 ____D () C:\Users\oldbob\AppData\Roaming\GretagMacbeth
2014-07-07 17:50 - 2014-07-07 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GretagMacbeth
2014-07-07 17:50 - 2014-07-07 17:50 - 00000000 ____D () C:\Program Files\X-Rite
2014-07-07 17:49 - 2014-07-07 17:49 - 00000000 ____D () C:\Program Files\GretagMacbeth
2014-07-05 20:02 - 2009-07-14 06:53 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-04 16:42 - 2013-10-14 17:43 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 10:11 - 2014-07-03 10:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-03 10:11 - 2014-04-20 23:54 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-03 10:11 - 2013-12-17 20:38 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-03 10:11 - 2013-10-14 17:43 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-03 10:11 - 2013-10-14 17:43 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-03 10:11 - 2013-10-14 17:43 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-03 10:11 - 2013-10-14 17:43 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-03 10:11 - 2013-10-14 17:43 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-03 10:11 - 2013-10-14 17:43 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job => C:\Program Files\HDPlus-V1.9\HDPlus-V1.9-codedownloader.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-11.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-2.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-3.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-4.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe
Task: C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job => C:\Program Files\HDPlus-V1.9\c9d77c59-0ff5-4036-8806-71115fd01f45-5.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\oldbob\Desktop" je 1386 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0
"C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher
"C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager
"C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.doko-search.com/?babsrc=HP_s ... l&tsp=5256
RLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... l&tsp=5256
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511951170} -> No File
Toolbar: HKLM - No Name - {828DC97A-2277-4E10-92A9-4907FA0922A9} - No File
FF SearchPlugin: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\default-search.xml
FF Extension: Plus-HD-V1.9 - C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\Extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com [2014-07-13]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Dále stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

fix:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-07-2014
Ran by oldbob at 2014-07-28 21:47:30 Run:1
Running from C:\Users\oldbob\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.doko-search.com/?babsrc=HP_s ... l&tsp=5256
RLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
SearchScopes: HKLM - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTe ... l&tsp=5256
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-search.net/search?si ... &src=ds&p={searchTerms}
BHO: No Name -> {11111111-1111-1111-1111-110511951170} -> No File
Toolbar: HKLM - No Name - {828DC97A-2277-4E10-92A9-4907FA0922A9} - No File
FF SearchPlugin: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\default-search.xml
FF Extension: Plus-HD-V1.9 - C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\Extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com [2014-07-13]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job
End
*****************

"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsemngr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsermngr.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bundlesweetimsetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cltmngsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta babylon.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta tb.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\delta2.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltainstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltasetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltatb.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\deltatb_2501-c733154b.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iminentsetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rjatydimofu.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\sweetimsetup.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\tbdelta.exetoolbar783881609.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe" => Key deleted successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe" => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
RLSearchHook: HKLM - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
"HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key deleted successfully.
"HKCR\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951170}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110511951170}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{828DC97A-2277-4E10-92A9-4907FA0922A9} => value deleted successfully.
"HKCR\CLSID\{828DC97A-2277-4E10-92A9-4907FA0922A9}" => Key not found.
C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\buenosearch.xml => Moved successfully.
C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\searchplugins\default-search.xml => Moved successfully.
C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\Extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-11.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-3.job => Moved successfully.
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-4.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-1.job => Moved successfully.
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5_user.job => Moved successfully.
c:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-5.job => Moved successfully.
C:\Windows\Tasks\c9d77c59-0ff5-4036-8806-71115fd01f45-2.job => Moved successfully.

==== End of Fixlog ====


rsit:

Logfile of random's system information tool 1.10 (written by random/random)
Run by oldbob at 2014-07-28 22:00:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 144 GB (31%) free of 465 GB
Total RAM: 2047 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:15, on 28.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Users\oldbob\Desktop\RSIT.exe
C:\Program Files\trend micro\oldbob.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:21320
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1766143570-740836603-3036058849-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1766143570-740836603-3036058849-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Logo Calibration Loader.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 7551 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-03 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-11-15 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2013-05-16 3830224]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-03 4086432]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-11-15 821144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-11-15 36760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30 499608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logo Calibration Loader.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\CalibrationLoader\CalibrationLoader.exe
ProfileReminder.lnk - C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-07-28 22:00:36 ----D---- C:\rsit
2014-07-28 22:00:36 ----D---- C:\Program Files\trend micro
2014-07-28 21:50:34 ----D---- C:\_OTM
2014-07-28 20:03:11 ----D---- C:\FRST
2014-07-16 21:35:32 ----D---- C:\ProgramData\ManiaPlanet
2014-07-13 16:03:33 ----D---- C:\Program Files\Common Files\Skype
2014-07-13 16:03:32 ----RD---- C:\Program Files\Skype
2014-07-10 18:46:02 ----D---- C:\Program Files\HDPlus-V1.9
2014-07-09 19:59:44 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 19:59:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 19:59:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 19:59:43 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 19:59:43 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 19:59:43 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 19:59:42 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 19:59:42 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 19:59:42 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 19:59:42 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 19:59:42 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 19:59:42 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 19:59:41 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 19:59:40 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 19:59:40 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 19:59:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 19:59:40 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 19:59:39 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 19:59:38 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 19:59:38 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 19:59:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 19:59:37 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 19:59:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 19:59:36 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 19:59:35 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 19:59:34 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 19:59:33 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 19:59:33 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 19:59:20 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 19:59:20 ----A---- C:\Windows\system32\osk.exe
2014-07-09 19:59:18 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 19:58:52 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 19:58:48 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 19:57:42 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-07 17:56:01 ----D---- C:\Users\oldbob\AppData\Roaming\GretagMacbeth
2014-07-07 17:50:15 ----D---- C:\Program Files\X-Rite
2014-07-07 17:50:15 ----A---- C:\Windows\system32\drivers\i1iO2.sys
2014-07-07 17:50:15 ----A---- C:\Windows\system32\drivers\i1display.sys
2014-07-07 17:50:15 ----A---- C:\Windows\system32\drivers\i1.sys
2014-07-07 17:50:13 ----A---- C:\Windows\system32\drivers\pdihwctl.sys
2014-07-07 17:50:13 ----A---- C:\Windows\system32\drivers\direci2c.dll
2014-07-07 17:49:47 ----D---- C:\Program Files\GretagMacbeth
2014-07-03 10:11:38 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2014-07-28 22:01:07 ----D---- C:\Windows\Prefetch
2014-07-28 22:00:39 ----D---- C:\Windows\Temp
2014-07-28 22:00:36 ----D---- C:\Program Files
2014-07-28 21:57:56 ----D---- C:\Windows\System32
2014-07-28 21:57:56 ----D---- C:\Windows\inf
2014-07-28 21:57:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-28 21:52:48 ----D---- C:\ProgramData\NVIDIA
2014-07-28 21:51:49 ----D---- C:\Windows\system32\config
2014-07-28 21:51:31 ----D---- C:\Windows\system32\drivers\etc
2014-07-28 21:47:47 ----D---- C:\Windows\Tasks
2014-07-28 21:42:02 ----D---- C:\Users\oldbob\AppData\Roaming\TS3Client
2014-07-28 20:03:13 ----D---- C:\Windows
2014-07-28 19:34:18 ----D---- C:\Program Files\Steam
2014-07-27 16:51:46 ----SHD---- C:\System Volume Information
2014-07-26 17:55:03 ----SHD---- C:\Windows\Installer
2014-07-26 17:51:05 ----D---- C:\Program Files\Google
2014-07-26 17:50:32 ----D---- C:\Windows\system32\Tasks
2014-07-26 16:39:58 ----D---- C:\Windows\Logs
2014-07-26 16:39:58 ----D---- C:\Windows\debug
2014-07-19 01:07:02 ----D---- C:\Program Files\Common Files\Steam
2014-07-16 21:35:32 ----HD---- C:\ProgramData
2014-07-16 17:37:24 ----D---- C:\Windows\system32\catroot2
2014-07-13 20:06:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-07-13 19:07:28 ----D---- C:\Users\oldbob\AppData\Roaming\Skype
2014-07-13 16:03:39 ----D---- C:\ProgramData\Skype
2014-07-13 16:03:33 ----D---- C:\Program Files\Common Files
2014-07-13 10:47:26 ----D---- C:\Windows\Downloaded Program Files
2014-07-12 03:27:46 ----D---- C:\Windows\rescache
2014-07-09 20:09:53 ----D---- C:\Windows\winsxs
2014-07-09 20:07:21 ----D---- C:\Windows\system32\en-US
2014-07-09 20:07:21 ----D---- C:\Program Files\Windows Journal
2014-07-09 20:07:21 ----D---- C:\Program Files\Internet Explorer
2014-07-09 20:07:20 ----D---- C:\Windows\system32\drivers
2014-07-09 20:07:20 ----D---- C:\Windows\system32\Dism
2014-07-09 20:07:20 ----D---- C:\Windows\ehome
2014-07-09 20:07:19 ----D---- C:\Windows\system32\cs-CZ
2014-07-09 20:02:52 ----D---- C:\Windows\system32\MRT
2014-07-09 20:00:37 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 19:59:12 ----D---- C:\Windows\system32\catroot
2014-07-07 17:51:52 ----D---- C:\Windows\system32\DriverStore
2014-07-06 11:52:05 ----RSD---- C:\Windows\assembly
2014-07-03 10:11:38 ----A---- C:\Windows\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-03 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-03 192352]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-03 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-03 779536]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-04 414520]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [2014-05-18 31120]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-03 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-03 67824]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-03 71944]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 PDIHWCTL;PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [2007-01-25 14416]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-14 44032]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2013-09-19 12088]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2013-08-20 33568]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2013-09-19 76600]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2013-09-19 13112]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 i1;i1 Pro; C:\Windows\System32\Drivers\i1.sys [2003-11-27 26045]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-03 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14573856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 662816]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-04-21 76888]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-05-16 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-05-16 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-05-15 171928]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 WTabletServicePro;Wacom Professional Service; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-10-04 531224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-26 116648]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-26 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 108032]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-15 1343400]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Smazáno. Nastala nějaká změna?

zdravím. vše se zdá být v nejlepším pořádku.
děkuji velice!

... jen ještě dotaz: v případě stejného problému někdy v budoucnu, je možno opět použít stejný postup - OTM?

Pokud dokážete napsat skript, pak ano. Na každý problém může být skript jiný.

... napsat dokážu tak leda dopis babičce

bohužel, začalo to dělat znova, zatím tedy pouze na stránce ikariamu

zdravím. tak jsem se opravdu radoval předčasně reklamy vyskakují znovu, jak ve stránkách, tak celá nová okna.
mám opět vložit log z frst?

Ještě zkuste následující postup:

1.

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

2.

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

adwcleaner:

# AdwCleaner v3.301 - Report created 29/07/2014 at 20:27:53
# Updated 28/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : oldbob - OLDBOB-PC
# Running from : C:\Users\oldbob\Desktop\adwcleaner_3.301.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Deleted : PnkBstrA

***** [ Files / Folders ] *****

[#] Folder Deleted : C:\ProgramData\BitGuard
[#] Folder Deleted : C:\ProgramData\Browser Manager
[#] Folder Deleted : C:\ProgramData\BrowserProtect
Folder Deleted : C:\ProgramData\systemk
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\Program Files\Settings Manager
Folder Deleted : C:\Program Files\HDPlus-V1.9
Folder Deleted : C:\Users\oldbob\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\oldbob\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\Extensions\3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com
Folder Deleted : C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeldhknnfopoiloahhpmbblbhemankjj
File Deleted : C:\Windows\system32\PnkBstrA.exe
File Deleted : C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059570.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059570.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059570.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0059570.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952270}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955570}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Linkey
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SystemK
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\AppDataLow\Software\HDPlus-V1.9
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\InstalledBrowserExtensions
Key Deleted : HKLM\Software\SystemK
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\HDPlus-V1.9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v

[ File : C:\Users\oldbob\AppData\Roaming\Mozilla\Firefox\Profiles\o9orjxna.default\prefs.js ]

Line Deleted : user_pref("extensions.a3446275a54774d33bd0d44b466c519cd4bf28e2458334fb888c3cd8403bb6141com59570.59570.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.c[...]
Line Deleted : user_pref("extensions.a3446275a54774d33bd0d44b466c519cd4bf28e2458334fb888c3cd8403bb6141com59570.59570.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.buenosearch.admin", false);
Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.bbDpng", "26");
Line Deleted : user_pref("extensions.buenosearch.cntry", "CZ");
Line Deleted : user_pref("extensions.buenosearch.dfltLng", "cs");
Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.buenosearch.hdrMd5", "F0186BBE10FAF8982CEF3375D7ED736E");
Line Deleted : user_pref("extensions.buenosearch.id", "2c99be3b0000000000000019662e8958");
Line Deleted : user_pref("extensions.buenosearch.instlDay", "16213");
Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
Line Deleted : user_pref("extensions.buenosearch.lastB", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("extensions.buenosearch.lastVrsnTs", "1.8.28.719:43:22");
Line Deleted : user_pref("extensions.buenosearch.newTab", false);
Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
Line Deleted : user_pref("extensions.buenosearch.sg", "azb");
Line Deleted : user_pref("extensions.buenosearch.smplGrp", "azb");
Line Deleted : user_pref("extensions.buenosearch.tb_url", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... l&tsp=5256");
Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
Line Deleted : user_pref("extensions.buenosearch.tlbrSrchUrl", "hxxp://www.buenosearch.com/?q={searchTerms}&ba ... l&tsp=5256");
Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.719:43:22");
Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");
Line Deleted : user_pref("extensions.crossrider.bic", "147215331b28842063730dea9a8d1072");
Line Deleted : user_pref("extensions.enabledItems", "3446275a-5477-4d33-bd0d-44b466c519cd@4bf28e24-5833-4fb8-88c3-cd8403bb6141.com:0.95.38,ffxtlbr@buenosearch.com:1.6.0,wrc@avast.com:9.0.2021.112,web2pdfextension@we[...]

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\oldbob\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : jeldhknnfopoiloahhpmbblbhemankjj

*************************

AdwCleaner[R0].txt - [6587 octets] - [29/07/2014 20:26:17]
AdwCleaner[S0].txt - [6492 octets] - [29/07/2014 20:27:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6552 octets] ##########



jrt:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by oldbob on Łt 29.07.2014 at 20:31:10,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544954470}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544954470}



~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\epupdater



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 29.07.2014 at 20:35:08,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OK. Nastala nějaká změna?

... tentokrát již nechci jásat předčasně, ale vše vypadá v pořádku i po několikerém restartu. s oslavami počkám ještě tak den či dva
samozřejmě vám velice děkuji za pomoc, vstřícnost a trpělivost! doporučím vás přátelům a neopomenu podpořit forum.

Děkuji za uznání i za podporu fóra. Nemáte zač!