VIRY.CZ

Ahoj,

moc se v tom nevyznám, mám pocit že mám v NTB viry. Mohla bych vás prosím poprosit o kontrolu? Moc Vám děkuji!!!

can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by pindie (administrator) on PINDIE-PC on 04-09-2014 20:00:28
Running from C:\Users\pindie\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) D:\Program Files (x86)\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [Facebook Update] => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-11] (Facebook Inc.)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [Advanced SystemCare 6] => C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [490880 2012-09-24] (IObit)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {5598aec8-0fdd-11e4-b78b-002454dc9aed} - G:\iStudio.exe
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {be141859-8778-11e3-8ff9-002454dc9aed} - F:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
URLSearchHook: HKCU - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKCU - (No Name) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No File
URLSearchHook: HKCU - (No Name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... J1LZ901601
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3220468
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx? ... rms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... 39dffa7484
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={EE2C ... 2011-12-15 19:36:22&v=10.0.0.7&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT3220468
SearchScopes: HKCU - {D32570EE-584B-40BA-8877-8A47CD8D4F23} URL = http://websearch.ask.com/redirect?clien ... 1C8DEB112F
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {7473b6bd-4691-4744-a82b-7854eb3d70b6} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
Toolbar: HKLM-x32 - No Name - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No File
Toolbar: HKCU - No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKCU - No Name - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - No Name - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll ()
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.seznam.cz/
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\pindie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pindie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Sense - C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-09-03]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default\Extensions\ascsurfingprotection@iobit.com [2014-01-29]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2010-09-09]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com/?type=sc&ts=1 ... J1LZ901601

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=14097656 ... J1LZ901601"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html",
"chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: Default -> conduit.search
CHR DefaultSearchProvider: Default -> Conduit Search
CHR DefaultSearchURL: Default -> http://search.conduit.com/Results.aspx? ... rms}&SSPV=
CHR DefaultSuggestURL: Default -> http://suggest.search.conduit.com/CSugg ... earchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-14]
CHR Extension: (McAfee Security Scan+) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-20]
CHR Extension: (Google Search) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-14]
CHR Extension: (uTorrentControl_v2) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda [2012-12-23]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-11]
CHR Extension: (Google Wallet) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-16]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-03]
CHR Extension: (Gmail) - C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-14]
CHR HKCU\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\pindie\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [ejpbbhjlbipncjklfjjaedaieimbmdda] - C:\Users\pindie\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx [2013-01-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [464256 2012-10-31] (IObit)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S4 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [203280 2009-01-23] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-11-16] (PS Media s.r.o.)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-27] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-07-23] (Huawei Technologies Co., Ltd.)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-14] (Windows (R) 2003 DDK 3790 provider)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-19] (LG Electronics Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 20:00 - 2014-09-04 20:01 - 00022534 _____ () C:\Users\pindie\Desktop\FRST.txt
2014-09-04 19:59 - 2014-09-04 19:59 - 00112640 _____ (forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe
2014-09-04 19:59 - 2014-09-04 19:58 - 02104832 _____ (Farbar) C:\Users\pindie\Desktop\FRST64.exe
2014-09-04 19:58 - 2014-09-04 20:00 - 00000000 ____D () C:\FRST
2014-09-04 19:53 - 2014-09-04 19:53 - 00005574 _____ () C:\Windows\PFRO.log
2014-09-04 19:53 - 2014-09-04 19:53 - 00000056 _____ () C:\Windows\setupact.log
2014-09-04 19:53 - 2014-09-04 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 19:45 - 2014-09-03 19:50 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-03 19:45 - 2014-09-03 19:45 - 00000000 ____D () C:\Users\pindie\AppData\Local\globalUpdate
2014-09-03 19:39 - 2014-09-03 19:39 - 00003152 _____ () C:\Windows\System32\Tasks\{8E00167B-C3DB-487E-9B07-E928E33FA720}
2014-09-03 19:39 - 2014-09-03 19:39 - 00000000 ____D () C:\ProgramData\374311380
2014-09-03 19:38 - 2014-09-03 19:38 - 00000000 ____D () C:\Users\pindie\Documents\Optimizer Pro
2014-09-03 19:36 - 2014-09-03 19:36 - 00003120 _____ () C:\Windows\System32\Tasks\{4E9B2196-2F29-4563-A7E8-8E2CE62C2DB9}
2014-09-03 19:35 - 2014-09-04 19:53 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-09-03 19:35 - 2014-09-03 19:35 - 00255464 _____ () C:\Users\pindie\Downloads\blmojkbhnkkphngknkmgccmlenfaelkd_27633.crx
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-09-03 19:34 - 2014-09-03 20:53 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-03 19:34 - 2014-09-03 19:41 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-03 19:34 - 2014-09-03 19:40 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Seznam.cz
2014-09-03 19:34 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-03 19:34 - 2014-09-03 19:34 - 00004314 _____ () C:\Windows\System32\Tasks\Installer_iwebar
2014-09-03 19:34 - 2014-09-03 19:34 - 00000000 ____D () C:\Users\pindie\AppData\Local\CrashRpt
2014-09-03 19:33 - 2014-09-03 19:39 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-03 19:33 - 2014-09-03 19:33 - 00002161 _____ () C:\Users\Guest\Desktop\FLV Player.lnk
2014-09-03 19:33 - 2014-09-03 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-08-13 19:39 - 2014-08-07 03:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 19:39 - 2014-08-07 03:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-11 20:48 - 2014-08-11 20:48 - 00000719 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-11 20:48 - 2014-08-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-11 20:44 - 2014-08-11 20:56 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Battle.net
2014-08-11 20:44 - 2014-08-11 20:55 - 00000000 ____D () C:\Users\pindie\AppData\Local\Battle.net
2014-08-11 20:44 - 2014-08-11 20:44 - 00001144 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Local\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-11 20:42 - 2014-08-11 20:42 - 00000000 ____D () C:\ProgramData\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 20:01 - 2014-09-04 20:00 - 00022534 _____ () C:\Users\pindie\Desktop\FRST.txt
2014-09-04 20:00 - 2014-09-04 19:58 - 00000000 ____D () C:\FRST
2014-09-04 19:59 - 2014-09-04 19:59 - 00112640 _____ (forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe
2014-09-04 19:58 - 2014-09-04 19:59 - 02104832 _____ (Farbar) C:\Users\pindie\Desktop\FRST64.exe
2014-09-04 19:57 - 2012-12-24 21:57 - 01062856 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 19:53 - 2014-09-04 19:53 - 00005574 _____ () C:\Windows\PFRO.log
2014-09-04 19:53 - 2014-09-04 19:53 - 00000056 _____ () C:\Windows\setupact.log
2014-09-04 19:53 - 2014-09-04 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-04 19:53 - 2014-09-03 19:35 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-09-04 19:53 - 2013-11-16 23:12 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2014-09-04 19:53 - 2012-04-14 11:30 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 19:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-04 06:26 - 2014-06-24 20:21 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fd91ec6c26d.job
2014-09-04 06:14 - 2012-09-29 13:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 05:04 - 2012-09-11 19:59 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000UA.job
2014-09-03 20:53 - 2014-09-03 19:34 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-03 20:03 - 2012-09-11 19:58 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000Core.job
2014-09-03 19:54 - 2013-12-24 22:35 - 00000000 ____D () C:\Users\pindie\AppData\Local\PMB Files
2014-09-03 19:50 - 2014-09-03 19:45 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-03 19:45 - 2014-09-03 19:45 - 00000000 ____D () C:\Users\pindie\AppData\Local\globalUpdate
2014-09-03 19:42 - 2013-11-16 23:10 - 00001790 _____ () C:\Users\pindie\Desktop\chrome – zástupce.lnk
2014-09-03 19:42 - 2011-10-07 05:12 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 19:42 - 2011-01-13 15:07 - 00001443 _____ () C:\Users\pindie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 19:42 - 2011-01-13 15:07 - 00001409 _____ () C:\Users\pindie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-03 19:41 - 2014-09-03 19:34 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-03 19:41 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-03 19:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-03 19:40 - 2014-09-03 19:34 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Seznam.cz
2014-09-03 19:40 - 2014-09-03 19:34 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-03 19:39 - 2014-09-03 19:39 - 00003152 _____ () C:\Windows\System32\Tasks\{8E00167B-C3DB-487E-9B07-E928E33FA720}
2014-09-03 19:39 - 2014-09-03 19:39 - 00000000 ____D () C:\ProgramData\374311380
2014-09-03 19:39 - 2014-09-03 19:33 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-03 19:39 - 2011-01-13 15:02 - 00000000 ____D () C:\ProgramData\Temp
2014-09-03 19:38 - 2014-09-03 19:38 - 00000000 ____D () C:\Users\pindie\Documents\Optimizer Pro
2014-09-03 19:36 - 2014-09-03 19:36 - 00003120 _____ () C:\Windows\System32\Tasks\{4E9B2196-2F29-4563-A7E8-8E2CE62C2DB9}
2014-09-03 19:35 - 2014-09-03 19:35 - 00255464 _____ () C:\Users\pindie\Downloads\blmojkbhnkkphngknkmgccmlenfaelkd_27633.crx
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-03 19:35 - 2014-09-03 19:35 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-09-03 19:34 - 2014-09-03 19:34 - 00004314 _____ () C:\Windows\System32\Tasks\Installer_iwebar
2014-09-03 19:34 - 2014-09-03 19:34 - 00000000 ____D () C:\Users\pindie\AppData\Local\CrashRpt
2014-09-03 19:33 - 2014-09-03 19:33 - 00002161 _____ () C:\Users\Guest\Desktop\FLV Player.lnk
2014-09-03 19:33 - 2014-09-03 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-09-03 19:30 - 2009-07-14 06:45 - 00020032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 19:30 - 2009-07-14 06:45 - 00020032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 19:28 - 2010-09-10 02:17 - 00667124 _____ () C:\Windows\system32\perfh005.dat
2014-09-03 19:28 - 2010-09-10 02:17 - 00140530 _____ () C:\Windows\system32\perfc005.dat
2014-09-03 19:28 - 2009-07-14 07:13 - 01579034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-01 21:05 - 2012-06-24 12:53 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\vlc
2014-08-27 19:04 - 2013-12-24 22:35 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-13 23:49 - 2013-12-28 20:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 23:49 - 2013-11-17 01:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 23:46 - 2014-07-10 23:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 23:46 - 2011-01-15 11:45 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 20:56 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Battle.net
2014-08-11 20:55 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Local\Battle.net
2014-08-11 20:48 - 2014-08-11 20:48 - 00000719 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-11 20:48 - 2014-08-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-11 20:48 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-11 20:44 - 2014-08-11 20:44 - 00001144 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Local\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-11 20:42 - 2014-08-11 20:42 - 00000000 ____D () C:\ProgramData\Battle.net
2014-08-08 19:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-07 03:52 - 2014-08-13 19:39 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:46 - 2014-08-13 19:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 09:20 - 2011-03-16 01:07 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\pindie\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\pindie\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\pindie\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\pindie\AppData\Local\Temp\tu17p84.exe
C:\Users\pindie\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-28 23:19

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:112 GB) (Free:7.13 GB) NTFS
Drive d: () (Fixed) (Total:165.99 GB) (Free:42.79 GB) NTFS
Drive f: (Sims3EP10) (CDROM) (Total:4.39 GB) (Free:0 GB) UDF

Available physical RAM: 1243.22 MB
Total physical RAM: 2932.55 MB
Percentage of memory in use: 57%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 298.1 GB) (Disk ID: 3C290A7B)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=166 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000Core.job => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000UA.job => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fd91ec6c26d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8530A643
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Security Center ==================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pindie\Desktop" je 13370 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
C:\Program Files\Elantech\ETDCtrl.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
"C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager
"C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_dec12
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu
Re�im ECHO je vypnut.

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^pindie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Kooperativa - PDF Server.lnk
C:\PROGRA~1\KOOPER~1\KoopPxBN\KOOPPD~1.EXE

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Zdravim a pekny vecer preji
Vas log se studuje Obrázek

a pracuje se na nem Obrázek

.
Prosim o strpeni! Obrázek

Jeste jednou hezky vecer

Mate tam toho oooopravdu hoooodne - cela zoo i s babkou pokladni

Odinstalujte Advanced SystemCare 6 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Odinstalujte McAfee Security Scan a i pote vse od McAfee (SiteAdvisor) - v ntb mate ESET Smart coz je komplexni balicek a nepotrebuje dalsi veci k sobe

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Moc děkuji, přesně tohodle jsem se bála

Hned jdu na to

Nebojte, spolecne to vycistime a polecime

Jste tu úžasní, asi jsem se zamilovala

Tak tady první:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by pindie on źt 04.09.2014 at 20:31:35,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\livesupport
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\optimizer pro
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\livesupport_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\livesupport_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\sweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnToolbarInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnToolbarInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D32570EE-584B-40BA-8877-8A47CD8D4F23}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}

~~~ Files

Successfully deleted: [File] "C:\Users\pindie\appdata\local\google\chrome\user data\default\local storage\http_facebook.conduitapps.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Windows\syswow64\conduitengine.tmp"
Successfully deleted: [File] C:\Windows\syswow64\shoC94B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE3BC.tmp

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\Users\pindie\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\pindie\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Users\pindie\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\pindie\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\pindie\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\pindie\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\pindie\documents\optimizer pro"
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{137E01EE-CF8F-4DD6-A89A-EEE2EF2E2243}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{17AD89E0-731B-4B32-B1BF-7500E1444056}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{498F4888-E570-4985-9F0A-5BD665D80C8E}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{5630FF23-B1C5-47D8-923A-0D355FC2EE01}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{69130CE6-4979-44EE-9380-BB61ACF45C0D}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{899F1882-2E23-416C-8B85-DD7443257C8B}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{BB29E0FF-CD2B-4A4E-92F1-3FD04D82C1BA}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{BF88FCBC-B8B1-443C-A7F0-A78332BA48CB}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{DD9F61A2-7E92-46E0-B704-B1CB5F8F818F}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{E27EC075-9BE5-40EA-BAF3-269F67D3801F}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{ED2B806E-A0D7-4819-81C5-A26ED425E2C5}
Successfully deleted: [Empty Folder] C:\Users\pindie\appdata\local\{F0FF8628-0A7B-46A6-B4E5-E749BA69AB13}
Successfully deleted: [Folder] "C:\ProgramData\ask"

~~~ FireFox

Successfully deleted: [Folder] C:\Users\pindie\AppData\Roaming\mozilla\firefox\profiles\jndst8nl.default\conduitcommon
Successfully deleted: [Folder] C:\Users\pindie\AppData\Roaming\mozilla\firefox\profiles\jndst8nl.default\extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
Successfully deleted the following from C:\Users\pindie\AppData\Roaming\mozilla\firefox\profiles\jndst8nl.default\prefs.js

user_pref("CT1750559..clientLogIsEnabled", false);
user_pref("CT1750559..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT1750559..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT1750559.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT1750559.BrowserCompStateIsOpen_129495727276863004", true);
user_pref("CT1750559.BrowserCompStateIsOpen_129502713039250930", true);
user_pref("CT1750559.BrowserCompStateIsOpen_129544988592463877", true);
user_pref("CT1750559.BrowserCompStateIsOpen_129634080503807015", true);
user_pref("CT1750559.BrowserCompStateIsOpen_130052166684768527", true);
user_pref("CT1750559.CT1750559", "CT1750559");
user_pref("CT1750559.CurrentServerDate", "16-11-2013");
user_pref("CT1750559.DSInstall", true);
user_pref("CT1750559.DialogsAlignMode", "LTR");
user_pref("CT1750559.DialogsGetterLastCheckTime", "Sat Nov 16 2013 21:15:55 GMT+0100");
user_pref("CT1750559.DownloadReferralCookieData", "");
user_pref("CT1750559.FirstServerDate", "14-4-2012");
user_pref("CT1750559.FirstTime", true);
user_pref("CT1750559.FirstTimeFF3", true);
user_pref("CT1750559.FixPageNotFoundErrors", true);
user_pref("CT1750559.GroupingServerCheckInterval", 1440);
user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT1750559.HPChangedManually", false);
user_pref("CT1750559.HPInstall", true);
user_pref("CT1750559.HPProtectChoice", true);
user_pref("CT1750559.HPProtectCount", 1);
user_pref("CT1750559.HasUserGlobalKeys", true);
user_pref("CT1750559.HomePageProtectorEnabled", true);
user_pref("CT1750559.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
user_pref("CT1750559.Initialize", true);
user_pref("CT1750559.InitializeCommonPrefs", true);
user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
user_pref("CT1750559.InstallationType", "Unknown");
user_pref("CT1750559.InstalledDate", "Sat Apr 14 2012 11:41:24 GMT+0200");
user_pref("CT1750559.InvalidateCache", false);
user_pref("CT1750559.IsAlertDBUpdated", true);
user_pref("CT1750559.IsGrouping", false);
user_pref("CT1750559.IsInitSetupIni", true);
user_pref("CT1750559.IsMulticommunity", false);
user_pref("CT1750559.IsOpenThankYouPage", true);
user_pref("CT1750559.IsOpenUninstallPage", true);
user_pref("CT1750559.IsProtectorsInit", true);
user_pref("CT1750559.LanguagePackLastCheckTime", "Sat Nov 16 2013 21:16:00 GMT+0100");
user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
user_pref("CT1750559.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT1750559.LastLogin_3.10.0.1", "Sat Apr 14 2012 11:41:36 GMT+0200");
user_pref("CT1750559.LastLogin_3.12.2.3", "Thu May 31 2012 07:41:26 GMT+0200");
user_pref("CT1750559.LastLogin_3.13.0.6", "Tue Jul 17 2012 13:17:28 GMT+0200");
user_pref("CT1750559.LastLogin_3.14.1.0", "Tue Aug 21 2012 21:01:44 GMT+0200");
user_pref("CT1750559.LastLogin_3.15.1.0", "Tue Mar 05 2013 17:19:16 GMT+0100");
user_pref("CT1750559.LastLogin_3.18.0.7", "Sat Nov 16 2013 21:15:58 GMT+0100");
user_pref("CT1750559.LatestVersion", "3.20.0.4");
user_pref("CT1750559.Locale", "en-us");
user_pref("CT1750559.MCDetectTooltipHeight", "83");
user_pref("CT1750559.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT1750559.MCDetectTooltipWidth", "295");
user_pref("CT1750559.MyStuffEnabledAtInstallation", true);
user_pref("CT1750559.OriginalFirstVersion", "3.10.0.1");
user_pref("CT1750559.RadioIsPodcast", false);
user_pref("CT1750559.RadioLastCheckTime", "Sat Apr 14 2012 11:41:24 GMT+0200");
user_pref("CT1750559.RadioLastUpdateIPServer", "3");
user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
user_pref("CT1750559.RadioMediaID", "11237206");
user_pref("CT1750559.RadioMediaType", "Media Player");
user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
user_pref("CT1750559.RadioShrinkedFromSetup", false);
user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
user_pref("CT1750559.SavedHomepage", "seznam.cz");
user_pref("CT1750559.SearchCaption", "BS Player Customized Web Search");
user_pref("CT1750559.SearchEngineBeforeUnload", "BS Player Customized Web Search");
user_pref("CT1750559.SearchFromAddressBarIsInit", true);
user_pref("CT1750559.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
user_pref("CT1750559.SearchInNewTabEnabled", true);
user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
user_pref("CT1750559.SearchInNewTabLastCheckTime", "Sat Nov 16 2013 21:15:50 GMT+0100");
user_pref("CT1750559.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT1750559.SearchProtectorEnabled", true);
user_pref("CT1750559.SearchProtectorToolbarDisabled", false);
user_pref("CT1750559.SendProtectorDataViaLogin", true);
user_pref("CT1750559.ServiceMapLastCheckTime", "Sat Nov 16 2013 21:15:54 GMT+0100");
user_pref("CT1750559.SettingsLastCheckTime", "Sat Nov 16 2013 21:15:49 GMT+0100");
user_pref("CT1750559.SettingsLastUpdate", "1384592142");
user_pref("CT1750559.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Sat Apr 14 2012 11:41:19 GMT+0200");
user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT1750559.ToolbarShrinkedFromSetup", false);
user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1750559");
user_pref("CT1750559.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com
user_pref("CT1750559.UserID", "UN22858505618793412");
user_pref("CT1750559.ValidationData_Toolbar", 1);
user_pref("CT1750559.WeatherNetwork", "");
user_pref("CT1750559.WeatherPollDate", "Sat Apr 14 2012 11:41:24 GMT+0200");
user_pref("CT1750559.WeatherUnit", "C");
user_pref("CT1750559.alertChannelId", "31130");
user_pref("CT1750559.backendstorage.amazonnew_all", "3139373136312C3139383039312C3139383038312C323438353230312C3139383133312C3139363331312C323437383734312C3139363330312C313938
user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
user_pref("CT1750559.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
user_pref("CT1750559.backendstorage.twitter_v1.9.0_twitter_app_open_t_f", "66616C7365");
user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlP
user_pref("CT1750559.globalFirstTimeInfoLastCheckTime", "Sat Apr 14 2012 11:41:22 GMT+0200");
user_pref("CT1750559.homepageProtectorEnableByLogin", true);
user_pref("CT1750559.initDone", true);
user_pref("CT1750559.isAppTrackingManagerOn", true);
user_pref("CT1750559.isFirstRadioInstallation", false);
user_pref("CT1750559.myStuffEnabled", true);
user_pref("CT1750559.myStuffPublihserMinWidth", 400);
user_pref("CT1750559.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
user_pref("CT1750559.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT1750559.navigateToUrlOnSearch", false);
user_pref("CT1750559.revertSettingsEnabled", true);
user_pref("CT1750559.searchProtectorDialogDelayInSec", 10);
user_pref("CT1750559.searchProtectorEnableByLogin", true);
user_pref("CT1750559.testingCtid", "");
user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Sat Nov 16 2013 21:16:00 GMT+0100");
user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Sat Apr 14 2012 11:41:24 GMT+0200");
user_pref("CT1750559.usagesFlag", 2);
user_pref("CT3220468.BT_Stats.enc", "eyJsYXN0X2xvZyI6MTM1NjI3MDk5MCwidXVpZCI6OTcwODU5OTY4MTYzMDcyLCJzZXFfaWQiOjEsInNzYiI6MTM1NjI3MDk5MH0=");
user_pref("CT3220468.CBOpenMAMSettings.enc", "MA==");
user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.FirstTime", "true");
user_pref("CT3220468.FirstTimeFF3", "true");
user_pref("CT3220468.LoginRevertSettingsEnabled", true);
user_pref("CT3220468.RevertSettingsEnabled", true);
user_pref("CT3220468.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&q=&SearchSource=2");
user_pref("CT3220468.UserID", "UN20994748187241163");
user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT3220468.autoDisableScopes", -1);
user_pref("CT3220468.browser.search.defaultthis.engineName", true);
user_pref("CT3220468.cbcountry_001.enc", "Q1o=");
user_pref("CT3220468.cbfirsttime.enc", "U3VuIERlYyAyMyAyMDEyIDE0OjU2OjI5IEdNVCswMTAw");
user_pref("CT3220468.defaultSearch", "true");
user_pref("CT3220468.enableAlerts", "always");
user_pref("CT3220468.enableFix404ByUser", "FALSE");
user_pref("CT3220468.enableSearchFromAddressBar", "true");
user_pref("CT3220468.firstTimeDialogOpened", "true");
user_pref("CT3220468.fixPageNotFoundError", "true");
user_pref("CT3220468.fixPageNotFoundErrorByUser", "true");
user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
user_pref("CT3220468.fixUrls", true);
user_pref("CT3220468.installType", "xpe");
user_pref("CT3220468.isCheckedStartAsHidden", true);
user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.isFirstTimeToolbarLoading", "false");
user_pref("CT3220468.isNewTabEnabled", true);
user_pref("CT3220468.isPerformedSmartBarTransition", "true");
user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.keyword", true);
user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN2099474818724116
user_pref("CT3220468.lastVersion", "10.16.2.509");
user_pref("CT3220468.migrateAppsAndComponents", true);
user_pref("CT3220468.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.google.com%2Fintl%2Fcs%2Fchrome%2Fbrowser%2Fthankyou.html%3Fbrand%3DCHNG%26oneclickins
user_pref("CT3220468.openThankYouPage", "true");
user_pref("CT3220468.openUninstallPage", "false");
user_pref("CT3220468.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
user_pref("CT3220468.revertSettingsEnabled", "false");
user_pref("CT3220468.search.searchAppId", "129813684258939747");
user_pref("CT3220468.search.searchCount", "2");
user_pref("CT3220468.searchInNewTabEnabledByUser", "true");
user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1356270987082");
user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1356270986816");
user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1356270987586");
user_pref("CT3220468.serviceLayer_services_location_lastUpdate", "1369673499918");
user_pref("CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate", "1362500472054");
user_pref("CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364125717543");
user_pref("CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate", "1369395457937");
user_pref("CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate", "1369673500270");
user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1356270987719");
user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1356270986384");
user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1369673499667");
user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1356270987489");
user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1369680700268");
user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1369673499989");
user_pref("CT3220468.settingsINI", true);
user_pref("CT3220468.shouldFirstTimeDialog", "false");
user_pref("CT3220468.showToolbarPermission", "false");
user_pref("CT3220468.smartbar.CTID", "CT3220468");
user_pref("CT3220468.smartbar.Uninstall", "0");
user_pref("CT3220468.smartbar.homepage", true);
user_pref("CT3220468.smartbar.isHidden", true);
user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
user_pref("CT3220468.toolbarBornServerTime", "23-12-2012");
user_pref("CT3220468.toolbarCurrentServerTime", "27-5-2013");
user_pref("CT3220468.toolbarLoginClientTime", "Sat Mar 16 2013 15:41:13 GMT+0100");
user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384632950220,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1750559&SearchSource=13");
user_pref("CommunityToolbar.ConduitSearchList", "BS Player Customized Web Search");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1750559/CT1750559", "\"fbaa29003602c32cb565918f5a95b4713\"");
user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1750559", "\"1357730213\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "C5ZJe6gL80JBW5CuLy+wkg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "V3ke+ogt4ejn0sB1xPR3nw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "bM8wQLfFAEKgVLVF/G5zig==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80133a6b165cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"9f8d2729abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1750559", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"ad9cd3b32c68906c8c16d35d5ffc7f70\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"24cd66a6006eed0d0b7bf2cbc9b0dd16\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\pindie\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\jndst8nl.default\\conduitCommon\\modules\\3.10.0.1");
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://isearch.avg.com/search?cid=%7Bc37abbc6-7d38-4779-be9b-6d79503673e9%7D&mid=d1d35265c167a5163730c4dedc2f7a51-6
user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
user_pref("CommunityToolbar.ToolbarsList2", "CT1750559");
user_pref("CommunityToolbar.ToolbarsList4", "CT1750559");
user_pref("CommunityToolbar.globalUserId", "88d76901-bfa0-4195-b997-ea6802526079");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1750559");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Apr 14 2012 11:41:25 GMT+0200");
user_pref("CommunityToolbar.notifications.alertEnabled", true);
user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Apr 14 2012 11:41:34 GMT+0200");
user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Apr 14 2012 11:41:22 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "c74442d8-2759-4bb4-b61b-1e91c80f18b2");
user_pref("CommunityToolbar.originalHomepage", "seznam.cz");
user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
user_pref("Smartbar.ConduitHomepagesList", "");
user_pref("Smartbar.ConduitSearchEngineList", "uTorrentControl_v2 Customized Web Search");
user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&q=&SearchSource=2");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3220468");
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaultthis.engineName", "BS Player Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q={searchTerms}");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100490");
user_pref("extensions.BabylonToolbar.bbDpng", 16);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "c6529999000000000000ee39dffa7484");
user_pref("extensions.BabylonToolbar.instlDay", "15316");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=100490&babsrc=adbartrp&mntrId=c6529999000000000000ee39dffa7484&q=");
user_pref("extensions.BabylonToolbar.lastDP", 16);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.175:37:28");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "21.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 123192961);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.175:37:28");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100490");
user_pref("extensions.BabylonToolbar_i.hardId", "c6529999000000000000ee39dffa7484");
user_pref("extensions.BabylonToolbar_i.id", "c6529999000000000000ee39dffa7484");
user_pref("extensions.BabylonToolbar_i.instlDay", "15316");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.175:37:28");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.crossrider.bic", "1483ca0714b81f8f35b7225480c10b87");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
user_pref("smartBar.searchInNewTabOwner", "CT3220468");
user_pref("smartbar.addressBarOwnerCTID", "CT3220468");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=13&CUI=SB_CUI");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3220468&q=&SearchSource=2,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT
user_pref("smartbar.defaultSearchOwnerCTID", "CT3220468");
user_pref("smartbar.machineId", "3NPOK7FJD9YAA4H0Q/GJIGXXGEXS/+XRYDIIW2LKAQIXBMJJH2PSNCOH6QX8UGCVRX/V2M+U60MZTHNAT6KJQG");
user_pref("smartbar.originalHomepage", "hxxp://www.seznam.cz/");
user_pref("smartbar.originalSearchAddressUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=2&q=");
user_pref("smartbar.originalSearchEngine", "Ask.com");
Emptied folder: C:\Users\pindie\AppData\Roaming\mozilla\firefox\profiles\jndst8nl.default\minidumps [210 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\pindie\appdata\local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 04.09.2014 at 20:39:01,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

A druhý

# AdwCleaner v3.309 - Report created 04/09/2014 at 20:46:49
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : pindie - PINDIE-PC
# Running from : C:\Users\pindie\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IePluginServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Guest\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Guest\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Guest\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Guest\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\pindie\AppData\Local\Babylon
Folder Deleted : C:\Users\pindie\AppData\Local\Conduit
Folder Deleted : C:\Users\pindie\AppData\Local\globalUpdate
Folder Deleted : C:\Users\pindie\AppData\Local\PackageAware
Folder Deleted : C:\Users\pindie\AppData\LocalLow\AlterGeo
Folder Deleted : C:\Users\pindie\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\YTAHelper
Folder Deleted : C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
File Deleted : C:\Users\pindie\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx
File Deleted : C:\Users\pindie\AppData\Roaming\LiveSupport.exe_log.txt
File Deleted : C:\Users\pindie\AppData\Roaming\regsvr32.exe_log.txt
File Deleted : C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal
File Deleted : C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_v5_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_v5_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84134D79-CC48-420B-AFE9-D625DCF318BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{46C41992-850F-49BD-982D-0913C043EB8F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v21.0 (cs)

[ File : C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default\prefs.js ]

Line Deleted : user_pref("CT1750559.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3220468&octid=CT3220468&SearchSource=15&CUI=UN20994748187241163&SSPV=EB_SSPV&Lay=1\"}")[...]
Line Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxps%3A%2F%2Fwww.google.com%2Fintl%2Fcs%2Fchrome%2Fbrowser%2Fthankyou.html%3Fbrand%3DCHNG%26oneclickinstalled%3D1%26installdatai[...]
Line Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3220468\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentControlv2.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentControl_v2\"}");
Line Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3220468_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1384632950220,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1750559/CT1750559", "\"fbaa29003602c32cb565918f5a95b4713\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/31130/30609/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1750559", "\"1357730213\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"80133a6b165cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"9f8d2729abc2ce1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1750559", "\"52c3f1538cb4af4ada257fcbc6b15d49\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"ad9cd3b32c68906c8c16d35d5ffc7f70\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"24cd66a6006eed0d0b7bf2cbc9b0dd16\"");
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\pindie\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\jndst8nl.default\\conduitCommon\\modules\\3.10.0.1");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3220468
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3220468&octid=EB_ORIGINAL_CTID&SearchSource=62&CUI=&UM=&UP=SP9AE9D815-33B3-41AC-898A-02C4BE390A0F&q={searchTerms}&SSPV=
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3220468&octid=EB_ORIGINAL_CTID&SearchSource=62&CUI=&UM=&UP=SP9AE9D815-33B3-41AC-898A-02C4BE390A0F&q={searchTerms}&SSPV=
Deleted [Startup_urls] : hxxp://www.istartsurf.com/?type=hp&ts=14097656 ... J1LZ901601
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda

*************************

AdwCleaner[R0].txt - [14450 octets] - [04/09/2014 20:41:58]
AdwCleaner[R1].txt - [14511 octets] - [04/09/2014 20:45:09]
AdwCleaner[S0].txt - [13024 octets] - [04/09/2014 20:46:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13085 octets] ##########

To nerikejte, zena mi obcas kouka pres rameno

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Ahh, "žena přes rameno" bezcitně uťala všechny mé plané naděje a ideály....

Nedá se nic dělat, musím jít tedy o dům dál

Zasílám další kupu pro mě nesmyslného textu

Zoek.exe v5.0.0.0 Updated 04-September-2014
Tool run by pindie on źt 04.09.2014 at 23:02:29,31.
Microsoft Windows 7 Home Premium 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\pindie\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.9.2014 23:03:29 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} deleted successfully
HKEY_USERS\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully
HKEY_USERS\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} deleted successfully
HKEY_USERS\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{09EC805C-CB2E-4D53-B0D3-A75A428B81C7} deleted successfully
HKEY_USERS\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\pindie\AppData\Roaming\TomTom\HOME\Profiles\ujvy3z5n.default\prefs.js:

Added to C:\Users\pindie\AppData\Roaming\TomTom\HOME\Profiles\ujvy3z5n.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default

user.js not found
---- Lines a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292 removed from prefs.js ----
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-00
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.active", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbar", "NA");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.addressbarenhanced", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb.was_copied", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.backgroundver", 1);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.certdomaininstaller", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallationTime.value", "%221409766303%2
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallerParams.expiration", "Fri Feb 01
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.description", ".");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.domain", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.enablesearch", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.homepage", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.changeprevious", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.iframe", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationThankYouPage", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.InstallationTime", 1409766303);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb._installer_additional_info.expiration
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb._installer_additional_info.value", "%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_regBundledWithSof
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_regBundledWithSof
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_appVer.value", "88");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_lastVersion.value", "0");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.expiration", "Fri
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastDailyReport", "1409853310294");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.lastUpdate", "1409853310292");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.manifesturl", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.name", "Sense");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.newtab", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.opensearch", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsurl", "http://js.loadgenclientservice.com
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.pluginsversion", 82);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.publisher", "Object Browser");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.searchstatus", 0);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.setnewtab", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.thankyou", "");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.updateinterval", 360);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.ver", 88);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.apps", "48292");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.bic", "1483ca0714b81f8f35b7225480c10b87");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.cid", 48292);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.firstrun", false);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.hadappinstalled", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.installationdate", 1409766421);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.modetype", "production");
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.reportInstall", true);
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.statsDailyCounter", 2);
---- FireFox user.js and prefs.js backups ----

prefs_04.09.2014_2314_.backup

ProfilePath: C:\Users\pindie\AppData\Roaming\TomTom\HOME\Profiles\ujvy3z5n.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_04.09.2014_2314_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Špidla Data Processing, s.r.o not found
C:\PROGRA~2\GUT5DF9.tmp deleted
C:\PROGRA~2\GUM5DE9.tmp deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\Users\pindie\AppData\Local\CRE deleted
C:\Users\pindie\AppData\Local\Installer deleted
C:\Users\pindie\AppData\Local\CrashRpt deleted
C:\Users\pindie\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default\CT1750559 deleted
"C:\Users\pindie\AppData\Roaming\spidla" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\pindie\AppData\Roaming\TomTom\HOME\Profiles\ujvy3z5n.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default
4390CCD3790F8D9C427C0C29590C62D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC - C:\Users\pindie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
D493C8FC0D0FD015BB9765658D77346E - C:\Users\pindie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

==== Chrome Look ======================

Advanced SystemCare Surfing Protection - pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Seznam LiĹˇtiÄŤka - RychlĂˇ volba - pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak

==== Chrome Fix ======================

C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.utorrent.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-devtools_devtools_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olfeabkoenfaoljndfecamgilllcpiak_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_email.seznam.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_email.seznam.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ls.hit.gemius.pl_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ls.hit.gemius.pl_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.google.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube-nocookie.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.youtube-nocookie.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_2gis.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_2gis.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cilichili.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_cilichili.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d21r4q0rdzodf.cloudfront.net_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d21r4q0rdzodf.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_damokles.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_damokles.seznamit.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_es.privalia.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_es.privalia.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_film.moviezone.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_film.moviezone.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_googleads.g.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_homesmiles.blog.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_jizdnirady.idnes.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_jizdnirady.idnes.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ls.hit.gemius.pl_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ls.hit.gemius.pl_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapy.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mapy.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_novy.email.seznam.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_rasta-manka.blog.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_s7.addthis.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_s7.addthis.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.seznam.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.seznam.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_wlogin.icq.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_worldoftanks.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_worldoftanks.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_worldoftanks.eu_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_worldoftanks.eu_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.accuweather.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.accuweather.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cervenykoberec.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cervenykoberec.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cinemacity.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cinemacity.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.damokles.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.facebook.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.galerieharfa.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.galerieharfa.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.google.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.google.sk_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.pcgamer.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.seznam.cz_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.seznam.cz_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.utorrent.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.weather.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.weather.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage-journal deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0 deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\databases\http_film.moviezone.cz_0 deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\databases\http_jizdnirady.idnes.cz_0 deleted successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_roc_dec12 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\pindie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\pindie\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pindie\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pindie\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\pindie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\pindie\AppData\Local\Mozilla\Firefox\Profiles\jndst8nl.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=941 folders=275 65769988 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\pindie\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\pindie\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\pindie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on źt 04.09.2014 at 23:20:30,87 ======================

Ale tak preci si to tu nebudem psat verejne, pripadne muj mail najdete v podpise

Ja se v tom textu docela vyznam

Poprosim o novy log z FRST - to je ten uuuplne prvni co jste delala

Pardón, pátek mě nějak zlákal, takže po práci hned ven

Mejl mě láká, ale mám strochu strach z "nesmiřlivého pohledu ženy"

btw. mě tu fungují SZ, takžéééééé - i am waiting

Zde ten "log" :

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by pindie (administrator) on PINDIE-PC on 06-09-2014 00:13:12
Running from C:\Users\pindie\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) D:\Program Files (x86)\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [Facebook Update] => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-11] (Facebook Inc.)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {5598aec8-0fdd-11e4-b78b-002454dc9aed} - G:\iStudio.exe
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {be141859-8778-11e3-8ff9-002454dc9aed} - F:\Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\pindie\AppData\Roaming\Mozilla\Firefox\Profiles\jndst8nl.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\pindie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\pindie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-03-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\pindie\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-11-16] (PS Media s.r.o.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-27] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-07-23] (Huawei Technologies Co., Ltd.)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-14] (Windows (R) 2003 DDK 3790 provider)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-19] (LG Electronics Inc.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 23:18 - 2014-09-04 23:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-04 23:03 - 2014-09-04 23:20 - 00038191 _____ () C:\zoek-results.log
2014-09-04 23:02 - 2014-09-04 23:16 - 00000000 ____D () C:\zoek_backup
2014-09-04 23:02 - 2014-09-04 23:01 - 01288704 _____ () C:\Users\pindie\Desktop\zoek.exe
2014-09-04 20:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-04 20:41 - 2014-09-04 20:46 - 00000000 ____D () C:\AdwCleaner
2014-09-04 20:39 - 2014-09-04 20:39 - 00034959 _____ () C:\Users\pindie\Desktop\JRT.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 01370467 _____ () C:\Users\pindie\Desktop\adwcleaner_3.309.exe
2014-09-04 20:31 - 2014-09-04 20:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 20:31 - 2014-09-04 20:30 - 01016261 _____ (Thisisu) C:\Users\pindie\Desktop\JRT.exe
2014-09-04 20:04 - 2014-09-04 20:04 - 00040991 _____ () C:\Users\pindie\Desktop\FRST-pro viry.txt
2014-09-04 20:02 - 2014-09-04 20:02 - 00032233 _____ () C:\Users\pindie\Desktop\Addition.txt
2014-09-04 20:00 - 2014-09-06 00:16 - 00011913 _____ () C:\Users\pindie\Desktop\FRST.txt
2014-09-04 19:59 - 2014-09-04 19:59 - 00112640 _____ (forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe
2014-09-04 19:59 - 2014-09-04 19:58 - 02104832 _____ (Farbar) C:\Users\pindie\Desktop\FRST64.exe
2014-09-04 19:58 - 2014-09-06 00:13 - 00000000 ____D () C:\FRST
2014-09-04 19:53 - 2014-09-06 00:12 - 00000224 _____ () C:\Windows\setupact.log
2014-09-04 19:53 - 2014-09-04 23:19 - 00007370 _____ () C:\Windows\PFRO.log
2014-09-04 19:53 - 2014-09-04 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 19:39 - 2014-09-03 19:39 - 00003152 _____ () C:\Windows\System32\Tasks\{8E00167B-C3DB-487E-9B07-E928E33FA720}
2014-09-03 19:36 - 2014-09-03 19:36 - 00003120 _____ () C:\Windows\System32\Tasks\{4E9B2196-2F29-4563-A7E8-8E2CE62C2DB9}
2014-09-03 19:35 - 2014-09-03 19:35 - 00255464 _____ () C:\Users\pindie\Downloads\blmojkbhnkkphngknkmgccmlenfaelkd_27633.crx
2014-09-03 19:34 - 2014-09-03 19:40 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Seznam.cz
2014-09-03 19:34 - 2014-09-03 19:40 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-03 19:34 - 2014-09-03 19:34 - 00004314 _____ () C:\Windows\System32\Tasks\Installer_iwebar
2014-09-03 19:33 - 2014-09-04 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-09-03 19:33 - 2014-09-03 19:33 - 00002161 _____ () C:\Users\Guest\Desktop\FLV Player.lnk
2014-08-13 19:39 - 2014-08-07 03:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 19:39 - 2014-08-07 03:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-11 20:48 - 2014-08-11 20:48 - 00000719 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-11 20:48 - 2014-08-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-11 20:44 - 2014-08-11 20:56 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Battle.net
2014-08-11 20:44 - 2014-08-11 20:55 - 00000000 ____D () C:\Users\pindie\AppData\Local\Battle.net
2014-08-11 20:44 - 2014-08-11 20:44 - 00001144 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Local\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-11 20:42 - 2014-08-11 20:42 - 00000000 ____D () C:\ProgramData\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-06 00:16 - 2014-09-04 20:00 - 00011913 _____ () C:\Users\pindie\Desktop\FRST.txt
2014-09-06 00:16 - 2012-12-24 21:57 - 01103965 _____ () C:\Windows\WindowsUpdate.log
2014-09-06 00:14 - 2012-09-29 13:41 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-06 00:13 - 2014-09-04 19:58 - 00000000 ____D () C:\FRST
2014-09-06 00:12 - 2014-09-04 19:53 - 00000224 _____ () C:\Windows\setupact.log
2014-09-06 00:12 - 2013-11-16 23:12 - 00000000 _____ () C:\Windows\SysWOW64\sinstall.log
2014-09-06 00:12 - 2012-04-14 11:30 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-06 00:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-04 23:27 - 2009-07-14 06:45 - 00020032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-04 23:27 - 2009-07-14 06:45 - 00020032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-04 23:26 - 2014-06-24 20:21 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fd91ec6c26d.job
2014-09-04 23:20 - 2014-09-04 23:03 - 00038191 _____ () C:\zoek-results.log
2014-09-04 23:19 - 2014-09-04 19:53 - 00007370 _____ () C:\Windows\PFRO.log
2014-09-04 23:16 - 2014-09-04 23:02 - 00000000 ____D () C:\zoek_backup
2014-09-04 23:04 - 2012-09-11 19:59 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000UA.job
2014-09-04 23:02 - 2014-09-04 23:18 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-04 23:01 - 2014-09-04 23:02 - 01288704 _____ () C:\Users\pindie\Desktop\zoek.exe
2014-09-04 21:38 - 2013-12-24 22:35 - 00000000 ____D () C:\Users\pindie\AppData\Local\PMB Files
2014-09-04 20:48 - 2010-09-09 09:40 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-04 20:48 - 2009-07-14 07:08 - 00032526 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-04 20:46 - 2014-09-04 20:41 - 00000000 ____D () C:\AdwCleaner
2014-09-04 20:46 - 2014-09-03 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLV Player
2014-09-04 20:39 - 2014-09-04 20:39 - 00034959 _____ () C:\Users\pindie\Desktop\JRT.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 01370467 _____ () C:\Users\pindie\Desktop\adwcleaner_3.309.exe
2014-09-04 20:31 - 2014-09-04 20:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 20:30 - 2014-09-04 20:31 - 01016261 _____ (Thisisu) C:\Users\pindie\Desktop\JRT.exe
2014-09-04 20:04 - 2014-09-04 20:04 - 00040991 _____ () C:\Users\pindie\Desktop\FRST-pro viry.txt
2014-09-04 20:03 - 2012-09-11 19:58 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000Core.job
2014-09-04 20:02 - 2014-09-04 20:02 - 00032233 _____ () C:\Users\pindie\Desktop\Addition.txt
2014-09-04 19:59 - 2014-09-04 19:59 - 00112640 _____ (forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe
2014-09-04 19:58 - 2014-09-04 19:59 - 02104832 _____ (Farbar) C:\Users\pindie\Desktop\FRST64.exe
2014-09-04 19:53 - 2014-09-04 19:53 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-03 19:42 - 2013-11-16 23:10 - 00001790 _____ () C:\Users\pindie\Desktop\chrome – zástupce.lnk
2014-09-03 19:42 - 2011-10-07 05:12 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 19:42 - 2011-01-13 15:07 - 00001443 _____ () C:\Users\pindie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 19:42 - 2011-01-13 15:07 - 00001409 _____ () C:\Users\pindie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-03 19:41 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-03 19:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-09-03 19:40 - 2014-09-03 19:34 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Seznam.cz
2014-09-03 19:40 - 2014-09-03 19:34 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-09-03 19:39 - 2014-09-03 19:39 - 00003152 _____ () C:\Windows\System32\Tasks\{8E00167B-C3DB-487E-9B07-E928E33FA720}
2014-09-03 19:39 - 2011-01-13 15:02 - 00000000 ____D () C:\ProgramData\Temp
2014-09-03 19:36 - 2014-09-03 19:36 - 00003120 _____ () C:\Windows\System32\Tasks\{4E9B2196-2F29-4563-A7E8-8E2CE62C2DB9}
2014-09-03 19:35 - 2014-09-03 19:35 - 00255464 _____ () C:\Users\pindie\Downloads\blmojkbhnkkphngknkmgccmlenfaelkd_27633.crx
2014-09-03 19:34 - 2014-09-03 19:34 - 00004314 _____ () C:\Windows\System32\Tasks\Installer_iwebar
2014-09-03 19:33 - 2014-09-03 19:33 - 00002161 _____ () C:\Users\Guest\Desktop\FLV Player.lnk
2014-09-03 19:28 - 2010-09-10 02:17 - 00667124 _____ () C:\Windows\system32\perfh005.dat
2014-09-03 19:28 - 2010-09-10 02:17 - 00140530 _____ () C:\Windows\system32\perfc005.dat
2014-09-03 19:28 - 2009-07-14 07:13 - 01579034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-01 21:05 - 2012-06-24 12:53 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\vlc
2014-08-27 19:04 - 2013-12-24 22:35 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-13 23:49 - 2013-12-28 20:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 23:49 - 2013-11-17 01:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 23:46 - 2014-07-10 23:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 23:46 - 2011-01-15 11:45 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 20:56 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Roaming\Battle.net
2014-08-11 20:55 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Local\Battle.net
2014-08-11 20:48 - 2014-08-11 20:48 - 00000719 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-11 20:48 - 2014-08-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-11 20:48 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-11 20:44 - 2014-08-11 20:44 - 00001144 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Users\pindie\AppData\Local\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-11 20:44 - 2014-08-11 20:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-11 20:42 - 2014-08-11 20:42 - 00000000 ____D () C:\ProgramData\Battle.net
2014-08-08 19:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-07 03:52 - 2014-08-13 19:39 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:46 - 2014-08-13 19:39 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-28 23:19

==================== End Of Log ============================

Mail v pohode, ten si ctu sam

SZ Vam nefunguji, ty jsou az od hodnosti Vzorny nasvtevnik a vyse

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [Facebook Update] => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-11] (Facebook Inc.)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {5598aec8-0fdd-11e4-b78b-002454dc9aed} - G:\iStudio.exe
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {be141859-8778-11e3-8ff9-002454dc9aed} - F:\Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File

2014-09-04 23:18 - 2014-09-04 23:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-04 23:03 - 2014-09-04 23:20 - 00038191 _____ () C:\zoek-results.log
2014-09-04 23:02 - 2014-09-04 23:16 - 00000000 ____D () C:\zoek_backup
2014-09-04 23:02 - 2014-09-04 23:01 - 01288704 _____ () C:\Users\pindie\Desktop\zoek.exe
2014-09-04 20:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-04 20:41 - 2014-09-04 20:46 - 00000000 ____D () C:\AdwCleaner
2014-09-04 20:39 - 2014-09-04 20:39 - 00034959 _____ () C:\Users\pindie\Desktop\JRT.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 01370467 _____ () C:\Users\pindie\Desktop\adwcleaner_3.309.exe
2014-09-04 20:31 - 2014-09-04 20:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 20:31 - 2014-09-04 20:30 - 01016261 _____ (Thisisu) C:\Users\pindie\Desktop\JRT.exe
2014-09-04 20:04 - 2014-09-04 20:04 - 00040991 _____ () C:\Users\pindie\Desktop\FRST-pro viry.txt
2014-09-04 20:02 - 2014-09-04 20:02 - 00032233 _____ () C:\Users\pindie\Desktop\Addition.txt
2014-09-04 20:00 - 2014-09-06 00:16 - 00011913 _____ () C:\Users\pindie\Desktop\FRST.txt
2014-09-04 19:59 - 2014-09-04 19:59 - 00112640 _____ (forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe
2014-09-03 19:34 - 2014-09-03 19:34 - 00004314 _____ () C:\Windows\System32\Tasks\Installer_iwebar

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000Core.job => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000UA.job => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fd91ec6c26d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8530A643
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f

Hosts:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Trošku nestíhám, tak jen v krátkosti zasílám

Mejlovat budem večer

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by pindie at 2014-09-06 13:56:08 Run:1
Running from C:\Users\pindie\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [Facebook Update] => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-11] (Facebook Inc.)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {5598aec8-0fdd-11e4-b78b-002454dc9aed} - G:\iStudio.exe
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\...\MountPoints2: {be141859-8778-11e3-8ff9-002454dc9aed} - F:\Autorun.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

BHO: No Name -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> No File

2014-09-04 23:18 - 2014-09-04 23:02 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-04 23:03 - 2014-09-04 23:20 - 00038191 _____ () C:\zoek-results.log
2014-09-04 23:02 - 2014-09-04 23:16 - 00000000 ____D () C:\zoek_backup
2014-09-04 23:02 - 2014-09-04 23:01 - 01288704 _____ () C:\Users\pindie\Desktop\zoek.exe
2014-09-04 20:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-04 20:41 - 2014-09-04 20:46 - 00000000 ____D () C:\AdwCleaner
2014-09-04 20:39 - 2014-09-04 20:39 - 00034959 _____ () C:\Users\pindie\Desktop\JRT.txt
2014-09-04 20:32 - 2014-09-04 20:32 - 01370467 _____ () C:\Users\pindie\Desktop\adwcleaner_3.309.exe
2014-09-04 20:31 - 2014-09-04 20:31 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 20:31 - 2014-09-04 20:30 - 01016261 _____ (Thisisu) C:\Users\pindie\Desktop\JRT.exe
2014-09-04 20:04 - 2014-09-04 20:04 - 00040991 _____ () C:\Users\pindie\Desktop\FRST-pro viry.txt
2014-09-04 20:02 - 2014-09-04 20:02 - 00032233 _____ () C:\Users\pindie\Desktop\Addition.txt
2014-09-04 20:00 - 2014-09-06 00:16 - 00011913 _____ () C:\Users\pindie\Desktop\FRST.txt
2014-09-04 19:59 - 2014-09-04 19:59 - 00112640 _____ (forum.viry.cz) C:\Users\pindie\Desktop\FRSTLauncher.exe
2014-09-03 19:34 - 2014-09-03 19:34 - 00004314 _____ () C:\Windows\System32\Tasks\Installer_iwebar

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000Core.job => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000UA.job => C:\Users\pindie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fd91ec6c26d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:268F887D
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:8530A643
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f

Hosts:
Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-395732706-3271692416-3045027566-1000\Software\Microsoft\Windows\CurrentVersion\Run\\TomTomHOME.exe => value deleted successfully.
"HKU\S-1-5-21-395732706-3271692416-3045027566-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5598aec8-0fdd-11e4-b78b-002454dc9aed}" => Key deleted successfully.
"HKCR\CLSID\{5598aec8-0fdd-11e4-b78b-002454dc9aed}" => Key not found.
"HKU\S-1-5-21-395732706-3271692416-3045027566-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{be141859-8778-11e3-8ff9-002454dc9aed}" => Key deleted successfully.
"HKCR\CLSID\{be141859-8778-11e3-8ff9-002454dc9aed}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
"HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key not found.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\pindie\Desktop\zoek.exe => Moved successfully.
C:\Windows\SysWOW64\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\pindie\Desktop\JRT.txt => Moved successfully.
C:\Users\pindie\Desktop\adwcleaner_3.309.exe => Moved successfully.
C:\Windows\ERUNT => Moved successfully.
C:\Users\pindie\Desktop\JRT.exe => Moved successfully.
C:\Users\pindie\Desktop\FRST-pro viry.txt => Moved successfully.
C:\Users\pindie\Desktop\Addition.txt => Moved successfully.
C:\Users\pindie\Desktop\FRST.txt => Moved successfully.
C:\Users\pindie\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Windows\System32\Tasks\Installer_iwebar => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-395732706-3271692416-3045027566-1000UA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8fd91ec6c26d.job => Moved successfully.
C:\ProgramData\Temp => ":2430E4FC" ADS removed successfully.
C:\ProgramData\Temp => ":268F887D" ADS removed successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":8530A643" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Online Backup" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray" /f =========

Chyba: Syst‚m nenalezl zadaně klˇź registru nebo po§adovanou hodnotu.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC, jsou nejake problemy???

Chová se celkem v pohodě, nikde nic nevyskakuje...celkem si přede. Ale já celkem dlouho žila s onou zoo, takže bych se na můj úsudek 100% nespoléhala

Podle toho "nesouvislého a nicneznamenajícího" textu se to tváří jak?

VIRY.CZ

Asi vir?

Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?

Re: Asi vir?