VIRY.CZ

dobrý den, prosím o pomoc
do PC se mi dostala nějaká "mrcha" která ignoruje nastavení web prohlížeče, ať už je to chrome nebo mozzila.
Vždy když otevřu prohlížeč otevře se mi stránka :mystartsearch.com a občas i nějaké pop-up windows.
snažil jsem se jakkoli pročistit (NOD32 + CCleaer) nebo přenastavit... a nic nepomáhá.
Můžete prosím poradit?
Mnohokrát děkuji

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-10-2014
Ran by Petr (administrator) on PETR-PC on 26-10-2014 07:58:35
Running from C:\Users\Petr\Downloads
Loaded Profile: Petr (Available profiles: Petr)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Global Graphics Software Ltd) C:\Windows\System32\PDFCreatorMessages.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Photodex\ProShow Producer\scsiaccess.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Global Graphics Software Ltd.) C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Petr\Downloads\RSIT.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CTSysVol] => C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [SbUsb AudCtrl] => RunDll32 sbusbdll.dll,RCMonitor
HKLM\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [PDFCreatorClient] => C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe [315392 2003-12-09] (Global Graphics Software Ltd.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [RemoteCenter] => C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [147456 2004-06-25] (Creative Technology Ltd)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-08-27] ()
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\MountPoints2: {557bfdac-f917-11e3-8fea-1c6f65d9cc96} - F:\Startme.exe
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 4271642716
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... 4271642716
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://isearch.glarysoft.com/?src=iehome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/?type=hp&t ... 4271642716
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/?type=hp&t ... 4271642716
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
URLSearchHook: HKLM - (No Name) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - No File
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - (No Name) - {66bd2442-241b-44cd-8c7a-b51037053cdb} - No File
URLSearchHook: HKCU - (No Name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&t ... 4271642716
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2548838
SearchScopes: HKLM - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={search ... c=iesearch
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2548838
SearchScopes: HKCU - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={search ... c=iesearch
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: My Global Search Bar BHO -> {37B85A21-692B-4205-9CAD-2626E4993404} -> No File
BHO: No Name -> {66bd2442-241b-44cd-8c7a-b51037053cdb} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: TBSB05810 Class -> {A7AF277D-1466-4A7B-93AF-B043984A5671} -> C:\Program Files\Glarysoft Toolbar\tbcore3.dll ()
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - No Name - {66bd2442-241b-44cd-8c7a-b51037053cdb} - No File
Toolbar: HKLM - Glarysoft Toolbar - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files\Glarysoft Toolbar\tbcore3.dll ()
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - Glarysoft Toolbar - {32D47EA5-9473-4CAD-805D-9999F15D5AE2} - C:\Program Files\Glarysoft Toolbar\tbcore3.dll ()
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.19.1 10.10.10.10

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: TheTorntv V10 - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com [2014-10-25]
FF Extension: Fast Start - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\faststartff@gmail.com [2014-10-25]
FF Extension: Glarysoft Toolbar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} [2012-12-29]
FF Extension: TVersitybar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb} [2014-09-28]
FF Extension: innoApp - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\{f9b80c28-8495-4ac4-80e8-af04938b2b46}.xpi [2014-10-25]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\extensions\faststartff@gmail.com
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-10-25]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://www.mystartsearch.com/?type=sc&t ... 4271642716

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=14142 ... 4271642716
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\38.0.2125.104\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\38.0.2125.104\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\38.0.2125.104\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-30]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-30]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Quick start) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-10-25]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-30]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx [2014-10-25]
CHR StartMenuInternet: Google Chrome - C:\Program Files\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/?type=sc&t ... 4271642716

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-06-16] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S2 DMService; C:\Program Files\FineRecovery\DMService.exe [167936 2013-01-30] () [File not signed]
S2 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [255488 2013-08-25] (Ryan Conrad) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-25] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-25] (globalUpdate) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 PDFCreatorMessages; C:\Windows\System32\PDFCreatorMessages.exe [139264 2003-12-09] (Global Graphics Software Ltd) [File not signed]
R2 ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [186760 2014-09-26] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-12] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95384 2010-12-21] (ESET)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-07-29] (Sony Mobile Communications)
R3 ksaud; C:\Windows\System32\drivers\ksaud.sys [899712 2009-12-15] (Creative Technology Ltd.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [90472 2009-08-21] (PACE Anti-Piracy, Inc.) [File not signed]
S1 DMFilter; system32\drivers\DMFilter.sys [X]
S1 hxxzoczx; \??\C:\Windows\system32\drivers\hxxzoczx.sys [X]
S1 idrhafyy; \??\C:\Windows\system32\drivers\idrhafyy.sys [X]
S1 kutykdeb; \??\C:\Windows\system32\drivers\kutykdeb.sys [X]
S1 oxfupnzi; \??\C:\Windows\system32\drivers\oxfupnzi.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 07:58 - 2014-10-26 07:59 - 00022712 _____ () C:\Users\Petr\Downloads\FRST.txt
2014-10-26 07:58 - 2014-10-26 07:58 - 00000000 ____D () C:\FRST
2014-10-26 07:57 - 2014-10-26 07:58 - 01104384 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2014-10-26 07:57 - 2014-10-26 07:58 - 00000000 ____D () C:\rsit
2014-10-26 07:57 - 2014-10-26 07:58 - 00000000 ____D () C:\Program Files\trend micro
2014-10-26 07:56 - 2014-10-26 07:56 - 01107968 _____ () C:\Users\Petr\Downloads\RSIT.exe
2014-10-25 21:10 - 2014-10-25 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-10-25 21:10 - 2014-10-25 21:10 - 00000000 ____D () C:\ProgramData\ESET
2014-10-25 21:10 - 2014-10-25 21:10 - 00000000 ____D () C:\Program Files\ESET
2014-10-25 20:28 - 2014-10-25 21:16 - 00000000 ____D () C:\Users\Petr\Downloads\Rena Jones - Driftwood-2006-LOSSLESS
2014-10-25 19:34 - 2014-10-25 20:31 - 997389930 _____ () C:\Users\Petr\Downloads\Atlas-mraků-2012-cz-dab-(PSP).mp4.crdownload
2014-10-25 19:31 - 2014-10-26 05:07 - 00000000 ____D () C:\Program Files\SupTab
2014-10-25 19:31 - 2014-10-26 05:06 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-10-25 19:31 - 2014-10-26 05:06 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-10-25 19:31 - 2014-10-25 19:31 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\SupTab
2014-10-25 19:29 - 2014-10-26 05:08 - 00002416 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-5_user.job
2014-10-25 19:29 - 2014-10-26 05:08 - 00002416 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-5.job
2014-10-25 19:29 - 2014-10-26 05:06 - 00000000 ____D () C:\Program Files\innoApp
2014-10-25 19:28 - 2014-10-26 07:28 - 00004128 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-6.job
2014-10-25 19:28 - 2014-10-26 05:08 - 00004464 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-4.job
2014-10-25 19:28 - 2014-10-26 05:08 - 00003784 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-7.job
2014-10-25 19:28 - 2014-10-26 05:08 - 00003084 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-1.job
2014-10-25 19:28 - 2014-10-26 05:08 - 00002080 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-2.job
2014-10-25 19:28 - 2014-10-26 05:08 - 00001328 _____ () C:\Windows\Tasks\JYH.job
2014-10-25 19:28 - 2014-10-25 19:28 - 00013881 _____ () C:\Users\Petr\Downloads\4F79A65F528BCC6348D71B38DF930F63140417D8.torrent
2014-10-25 19:27 - 2014-10-26 05:08 - 00004810 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-11.job
2014-10-25 19:27 - 2014-10-26 05:08 - 00003440 _____ () C:\Windows\Tasks\8659b09c-dda9-42d0-85f4-34019f78e5f1-3.job
2014-10-25 19:27 - 2014-10-26 05:08 - 00001680 _____ () C:\Windows\Tasks\PBFXEPI.job
2014-10-25 19:27 - 2014-10-26 05:08 - 00000872 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-25 19:27 - 2014-10-26 05:06 - 00000000 ____D () C:\Program Files\TheTorntv V10
2014-10-25 19:27 - 2014-10-26 01:32 - 00000876 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-25 19:27 - 2014-10-25 19:27 - 00000000 ____D () C:\Users\Petr\AppData\Local\globalUpdate
2014-10-25 19:27 - 2014-10-25 19:27 - 00000000 ____D () C:\Program Files\globalUpdate
2014-10-16 17:50 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 17:50 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 17:50 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 17:50 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 17:50 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 17:50 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 17:50 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 17:50 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 17:50 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 17:50 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 17:50 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 17:50 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 17:50 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 17:50 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 17:50 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 17:50 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 17:50 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 17:50 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 17:50 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 17:50 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 17:50 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 17:50 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 17:49 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 17:49 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 17:49 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 17:49 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 17:49 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 17:49 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 17:49 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 17:49 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 17:49 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 17:49 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 17:49 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 17:49 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 17:49 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 17:48 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 17:48 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 17:48 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 17:48 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 17:48 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 17:48 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 17:48 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 17:48 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 17:47 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 17:47 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 19:13 - 2014-10-14 19:27 - 00000000 ____D () C:\Users\Petr\Desktop\Svoboda Frankova
2014-10-14 19:13 - 2014-10-14 19:13 - 01375900 _____ () C:\Users\Petr\Downloads\KVASNICE_prodej_EUR_1-2014.xls.zip
2014-10-14 18:05 - 2014-10-14 18:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-11 10:40 - 2014-10-12 09:32 - 00001732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 pro Windows.lnk
2014-10-11 10:39 - 2014-10-11 10:39 - 00000000 ____D () C:\Program Files\Photo Story 3 for Windows
2014-10-11 10:35 - 2014-10-11 10:36 - 03374592 _____ () C:\Users\Petr\Downloads\PStory.msi
2014-10-10 18:55 - 2014-10-10 23:56 - 2722459926 _____ () C:\Users\Petr\Downloads\Atlas-mraků-(1080p-CZ).mkv
2014-10-10 18:09 - 2014-10-26 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Slide Show
2014-10-10 18:08 - 2014-10-10 18:09 - 14134051 _____ () C:\Users\Petr\Downloads\quick-slide-show_2.22.exe
2014-10-10 14:04 - 2014-10-10 14:07 - 44908832 _____ () C:\Users\Petr\Downloads\Proshow-Producer-5.0.3297-+-CRACK-!!!.rar
2014-10-09 15:17 - 2014-10-09 15:17 - 00000340 _____ () C:\Users\Petr\proshow-burn.log
2014-10-03 13:07 - 2014-10-03 20:22 - 3927566336 _____ () C:\Users\Petr\Downloads\Rio-cz.avi
2014-10-01 16:20 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-29 19:40 - 2014-10-20 19:52 - 67936590 _____ () C:\Users\Petr\Documents\uvidíme.pxc
2014-09-29 19:40 - 2014-10-09 15:25 - 00666345 _____ () C:\Users\Petr\Documents\uvidíme.psh
2014-09-29 19:40 - 2014-10-09 15:08 - 00666344 _____ () C:\Users\Petr\Documents\uvidíme.bak
2014-09-29 19:40 - 2014-09-29 19:56 - 00663932 _____ () C:\Users\Petr\Documents\uvidíme.b01
2014-09-29 19:40 - 2014-09-29 19:41 - 00663981 _____ () C:\Users\Petr\Documents\uvidíme.b02
2014-09-26 19:29 - 2014-09-26 19:29 - 00002087 _____ () C:\Users\Public\Desktop\ProShow Producer.lnk
2014-09-26 19:29 - 2014-09-26 19:29 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Netscape
2014-09-26 19:29 - 2014-09-26 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
2014-09-26 19:29 - 2014-09-26 19:29 - 00000000 ____D () C:\Program Files\Photodex Presenter
2014-09-26 19:28 - 2014-09-26 19:29 - 00000000 ____D () C:\ProgramData\Photodex
2014-09-26 19:28 - 2014-09-26 19:28 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Photodex
2014-09-26 19:28 - 2014-09-26 19:28 - 00000000 ____D () C:\Program Files\Photodex
2014-09-26 19:22 - 2014-09-26 19:24 - 40220992 _____ () C:\Users\Petr\Downloads\Photodex-ProShow-Producer-5.0.3310-CZ.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 07:59 - 2013-08-27 18:17 - 00000000 ____D () C:\Users\Petr\AppData\Local\PMB Files
2014-10-26 07:46 - 2012-11-14 10:21 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 07:29 - 2014-09-24 18:15 - 00000372 _____ () C:\Windows\Tasks\WpsUpdateTask_Petr.job
2014-10-26 07:12 - 2012-12-30 18:02 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 05:28 - 2014-02-11 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
2014-10-26 05:28 - 2014-01-19 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FineRecovery
2014-10-26 05:28 - 2013-04-19 16:48 - 00000000 ____D () C:\Users\Petr\AppData\Local\CrashDumps
2014-10-26 05:28 - 2012-11-14 13:21 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server
2014-10-26 05:28 - 2012-06-07 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jaws Systems
2014-10-26 05:28 - 2011-06-21 17:27 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2014-10-26 05:28 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-10-26 05:15 - 2011-06-07 10:39 - 02090308 ____N () C:\Windows\WindowsUpdate.log
2014-10-26 05:15 - 2009-07-14 05:34 - 00031904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 05:15 - 2009-07-14 05:34 - 00031904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 05:14 - 2010-11-20 22:01 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-26 05:12 - 2012-12-30 18:02 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 05:08 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 05:04 - 2013-12-21 17:51 - 00000000 ____D () C:\Users\Petr\AppData\Local\genienext
2014-10-26 04:34 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2014-10-25 19:30 - 2012-11-13 15:54 - 00001329 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-25 19:30 - 2011-06-07 10:39 - 00001605 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-25 14:31 - 2014-01-22 19:24 - 00000000 ____D () C:\Users\Petr\Desktop\účesy
2014-10-22 15:38 - 2012-12-30 14:22 - 06260224 ___SH () C:\Users\Petr\Downloads\Thumbs.db
2014-10-21 16:52 - 2012-11-13 12:11 - 00000000 ____D () C:\Users\Petr\Desktop\Fotečky
2014-10-20 16:44 - 2011-08-23 22:20 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\BSplayer PRO
2014-10-19 07:33 - 2014-01-28 19:46 - 00000000 ____D () C:\Users\Petr\Desktop\naše tvorba
2014-10-19 07:33 - 2013-03-16 10:53 - 00000000 ____D () C:\Users\Petr\Documents\FFOutput
2014-10-18 20:35 - 2014-08-28 17:39 - 00000000 ____D () C:\Users\Petr\Desktop\hudba na svatbu
2014-10-17 17:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 16:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 16:13 - 2009-07-14 05:33 - 00495056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 16:11 - 2014-05-06 14:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 20:05 - 2011-06-07 11:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 20:02 - 2013-08-14 20:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 19:54 - 2011-04-08 10:16 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 17:39 - 2012-11-13 15:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-10 18:12 - 2014-09-22 19:14 - 00000000 ____D () C:\Program Files\Quick Slide Show
2014-10-10 13:57 - 2014-06-24 15:35 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-10-10 13:57 - 2014-06-21 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-10-10 13:57 - 2011-06-06 08:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-09 15:25 - 2011-06-07 10:39 - 00000000 ____D () C:\Users\Petr
2014-10-05 15:32 - 2013-01-17 12:47 - 00000000 ____D () C:\Users\Petr\Desktop\pohádky
2014-10-02 18:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-28 14:01 - 2012-06-01 22:14 - 00020480 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-26 19:29 - 2012-11-13 15:56 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Mozilla

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 00:41

==================== End Of Log ============================

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Operace se zdařily a vypadá to lépe
přikládám logy:

# AdwCleaner v4.001 - Report created 26/10/2014 at 13:19:04
# DB v2014-10-26.1
# Updated 20/10/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Downloads\adwcleaner_4.001.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : IePluginServices
[#] Service Deleted : WindowsMangerProtect

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Users\Petr\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Petr\AppData\Local\genienext
Folder Deleted : C:\Program Files\Glarysoft Toolbar
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\Petr\AppData\Local\globalUpdate
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\Users\Petr\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Petr\Documents\Mobogenie
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Users\Petr\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\Petr\AppData\Roaming\pdfforge
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Users\Petr\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Petr\AppData\LocalLow\Toolbar4
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Users\Petr\AppData\Local\CrashRpt
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\Program Files\TVersitybar
Folder Deleted : C:\Users\Petr\AppData\LocalLow\TVersitybar
Folder Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\faststartff@gmail.com
Folder Deleted : C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\Extensions\{66bd2442-241b-44cd-8c7a-b51037053cdb}
Folder Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
File Deleted : C:\Users\Petr\daemonprocess.txt

***** [ Scheduled Tasks ] *****

Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-1
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-11
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-2
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-3
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-4
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-5
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-5_user
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-6
Task Deleted : 8659b09c-dda9-42d0-85f4-34019f78e5f1-7

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.TBSB05810
Key Deleted : HKLM\SOFTWARE\Classes\TBSB05810.TBSB05810.3
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2548838
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB05810
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB05810.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7AF277D-1466-4A7B-93AF-B043984A5671}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611331111}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335511}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336611}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334411}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7AF277D-1466-4A7B-93AF-B043984A5671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7AF277D-1466-4A7B-93AF-B043984A5671}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7AF277D-1466-4A7B-93AF-B043984A5671}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63AA9985-C254-4F03-9E22-2E0C78EC8E66}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32D47EA5-9473-4CAD-805D-9999F15D5AE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32D47EA5-9473-4CAD-805D-9999F15D5AE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{66BD2442-241B-44CD-8C7A-B51037053CDB}]
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\MGShareware
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\TornTv Downloader
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\TheTorntv V10
Key Deleted : HKCU\Software\AppDataLow\Software\TVersitybar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\MGShareware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\TheTorntv V10
Key Deleted : HKLM\SOFTWARE\TVersitybar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TVersitybar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v33.0 (x86 cs)


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [21586 octets] - [26/10/2014 13:17:19]
AdwCleaner[S0].txt - [21130 octets] - [26/10/2014 13:19:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21191 octets] ##########

---------------------------------------------------------------------------------------------------------------


Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Petr on ne 26.10.2014 at 13:26:52.83.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Petr\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

26.10.2014 13:29:07 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2001693606-2778892166-153574141-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2001693606-2778892166-153574141-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");
user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
user_pref("browser.search.defaultenginename", "mystartsearch");
user_pref("browser.search.selectedEngine", "mystartsearch");

Added to C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\prefs.js:

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_26.10.2014_1335_.backup

==== Deleting Files \ Folders ======================

C:\Windows\system32\appdata deleted
C:\Program Files\Java deleted
C:\Program Files\MyGlobalSearch deleted
C:\Program Files\TheTorntv V10 deleted
C:\Users\Petr\.android deleted
C:\Program Files\Mozilla Firefox\browser\searchplugins\mystartsearch.xml deleted
C:\Program Files\FreeRIP2 deleted
C:\Users\Petr\AppData\Roaming\Alawar deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\Petr\AppData\Local\cache deleted
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma.crx deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\extensions\a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com deleted
C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default\extensions\{55C81E27-A6E2-40AB-B96F-D7107755F451} deleted
"C:\Program Files\Windows Portable Devices" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default
- Undetermined - faststartff@gmail.com
- Undetermined - a338c5448f724f94af2f11@cc4cdd6788a64e7ca7d83cb2cd.com

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default
40AAE0A1A4F664828DF5A95875AEA1C8 - C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll - Google Update
E759D131AA74F0355EA35E29E2EB5B9E - C:\Program Files\Photodex Presenter\npPxPlay.dll - Photodex Presenter Plugin
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In
5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa
5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin
EEEB86077BB4682B3FCFEDA5AED3E396 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.4
BADFB0DCCD9B7E9F2F6EB7954D24EED1 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.4
1153F58FACBC9731AF6CDF313F76DF29 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.4
9E4F520270BF7301CC24E8FA67791C22 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.4
E50A1DB5DE70D656287511297B42F9F2 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.4
4DA979E6A3269922A16D4653AEF26D7F - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
93A6E62490C778FE0F8F61D246218998 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery
8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================


==== Chromium Fix ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma deleted successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{945E2276-8B3F-EB2C-1964-AFE5B24BE28D} deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OM2B6XT0 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Petr\AppData\Local\Mozilla\Firefox\Profiles\5d9txey1.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1176 folders=100 101673747 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Petr\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Petr\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OM2B6XT0" not found

==== EOF on ne 26.10.2014 at 13:55:58.30 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-10-2014
Ran by Petr (administrator) on PETR-PC on 26-10-2014 18:38:06
Running from C:\Users\Petr\Downloads
Loaded Profile: Petr (Available profiles: Petr)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Global Graphics Software Ltd) C:\Windows\System32\PDFCreatorMessages.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\Photodex\ProShow Producer\scsiaccess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Creative Technology Ltd) C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Global Graphics Software Ltd.) C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Creative Technology Ltd) C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-03] (Realtek Semiconductor)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CTSysVol] => C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe [57344 2003-09-17] (Creative Technology Ltd)
HKLM\...\Run: [SbUsb AudCtrl] => RunDll32 sbusbdll.dll,RCMonitor
HKLM\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [PDFCreatorClient] => C:\Program Files\JawsSystems\Jaws PDF Creator\PDFClient.exe [315392 2003-12-09] (Global Graphics Software Ltd.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Creative SB Monitoring Utility] => RunDll32 sbavmon.dll,SBAVMonitor
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2219184 2011-01-12] (ESET)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [RemoteCenter] => C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [147456 2004-06-25] (Creative Technology Ltd)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-08-27] ()
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\MountPoints2: {557bfdac-f917-11e3-8fea-1c6f65d9cc96} - F:\Startme.exe
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.19.1 10.10.10.10

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\5d9txey1.default
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-10-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=14142 ... 4271642716
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-26]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-26]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-30]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-30]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-30]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-26]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-30]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-06-16] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S2 DMService; C:\Program Files\FineRecovery\DMService.exe [167936 2013-01-30] () [File not signed]
S2 DroidExplorerService; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [255488 2013-08-25] (Ryan Conrad) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [33584 2011-01-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [810144 2011-01-12] (ESET)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 PDFCreatorMessages; C:\Windows\System32\PDFCreatorMessages.exe [139264 2003-12-09] (Global Graphics Software Ltd) [File not signed]
R2 ScsiAccess; C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe [186760 2014-09-26] ()
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-12] (DT Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137144 2010-12-21] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [115008 2010-12-21] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [95384 2010-12-21] (ESET)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2014-07-29] (Sony Mobile Communications)
R3 ksaud; C:\Windows\System32\drivers\ksaud.sys [899712 2009-12-15] (Creative Technology Ltd.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R0 TPkd; C:\Windows\system32\Drivers\TPkd.sys [90472 2009-08-21] (PACE Anti-Piracy, Inc.) [File not signed]
S1 DMFilter; system32\drivers\DMFilter.sys [X]
S1 hxxzoczx; \??\C:\Windows\system32\drivers\hxxzoczx.sys [X]
S1 idrhafyy; \??\C:\Windows\system32\drivers\idrhafyy.sys [X]
S1 kutykdeb; \??\C:\Windows\system32\drivers\kutykdeb.sys [X]
S1 oxfupnzi; \??\C:\Windows\system32\drivers\oxfupnzi.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 18:38 - 2014-10-26 18:38 - 06251570 _____ () C:\Users\Petr\Downloads\Atlas-mraků-2012-cz-dab-(PSP).mp4.crdownload
2014-10-26 18:38 - 2014-10-26 18:38 - 00014756 _____ () C:\Users\Petr\Downloads\FRST.txt
2014-10-26 18:37 - 2014-10-26 18:37 - 00000000 ____D () C:\Users\Petr\Downloads\FRST-OlderVersion
2014-10-26 13:38 - 2014-10-26 13:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-10-26 13:28 - 2014-10-26 13:55 - 00012043 _____ () C:\zoek-results.log
2014-10-26 13:26 - 2014-10-26 13:36 - 00000000 ____D () C:\zoek_backup
2014-10-26 13:25 - 2014-10-26 13:26 - 01290752 _____ () C:\Users\Petr\Downloads\zoek.exe
2014-10-26 13:25 - 2014-10-26 13:25 - 00021272 _____ () C:\Users\Petr\Desktop\AdwCleaner[S0].txt
2014-10-26 13:21 - 2014-10-26 13:55 - 00000652 _____ () C:\Windows\PFRO.log
2014-10-26 13:21 - 2014-10-26 13:55 - 00000112 _____ () C:\Windows\setupact.log
2014-10-26 13:21 - 2014-10-26 13:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-26 13:17 - 2014-10-26 13:20 - 00000000 ____D () C:\AdwCleaner
2014-10-26 13:16 - 2014-10-26 13:17 - 01962496 _____ () C:\Users\Petr\Downloads\adwcleaner_4.001.exe
2014-10-26 07:58 - 2014-10-26 18:38 - 00000000 ____D () C:\FRST
2014-10-26 07:57 - 2014-10-26 18:37 - 01104896 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2014-10-26 07:57 - 2014-10-26 07:58 - 00000000 ____D () C:\rsit
2014-10-26 07:57 - 2014-10-26 07:58 - 00000000 ____D () C:\Program Files\trend micro
2014-10-26 07:56 - 2014-10-26 07:56 - 01107968 _____ () C:\Users\Petr\Downloads\RSIT.exe
2014-10-25 21:10 - 2014-10-25 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-10-25 21:10 - 2014-10-25 21:10 - 00000000 ____D () C:\ProgramData\ESET
2014-10-25 21:10 - 2014-10-25 21:10 - 00000000 ____D () C:\Program Files\ESET
2014-10-25 20:28 - 2014-10-25 21:16 - 00000000 ____D () C:\Users\Petr\Downloads\Rena Jones - Driftwood-2006-LOSSLESS
2014-10-25 19:29 - 2014-10-26 05:06 - 00000000 ____D () C:\Program Files\innoApp
2014-10-25 19:28 - 2014-10-26 16:04 - 00001328 _____ () C:\Windows\Tasks\JYH.job
2014-10-25 19:28 - 2014-10-25 19:28 - 00013881 _____ () C:\Users\Petr\Downloads\4F79A65F528BCC6348D71B38DF930F63140417D8.torrent
2014-10-25 19:27 - 2014-10-26 17:24 - 00001680 _____ () C:\Windows\Tasks\PBFXEPI.job
2014-10-16 17:50 - 2014-10-10 02:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 17:50 - 2014-10-10 02:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 17:50 - 2014-10-10 02:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 17:50 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 17:50 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 17:50 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 17:50 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 17:50 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 17:50 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 17:50 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 17:50 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 17:50 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 17:50 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 17:50 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 17:50 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 17:50 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 17:50 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 17:50 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 17:50 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 17:50 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 17:50 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 17:50 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 17:49 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 17:49 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 17:49 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 17:49 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 17:49 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 17:49 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 17:49 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 17:49 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 17:49 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 17:49 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 17:49 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 17:49 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 17:49 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 17:48 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 17:48 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 17:48 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 17:48 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 17:48 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 17:48 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 17:48 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 17:48 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 17:48 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 17:47 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 17:47 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-14 19:13 - 2014-10-14 19:27 - 00000000 ____D () C:\Users\Petr\Desktop\Svoboda Frankova
2014-10-14 19:13 - 2014-10-14 19:13 - 01375900 _____ () C:\Users\Petr\Downloads\KVASNICE_prodej_EUR_1-2014.xls.zip
2014-10-14 18:05 - 2014-10-14 18:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-11 10:40 - 2014-10-12 09:32 - 00001732 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Story 3 pro Windows.lnk
2014-10-11 10:39 - 2014-10-11 10:39 - 00000000 ____D () C:\Program Files\Photo Story 3 for Windows
2014-10-11 10:35 - 2014-10-11 10:36 - 03374592 _____ () C:\Users\Petr\Downloads\PStory.msi
2014-10-10 18:55 - 2014-10-10 23:56 - 2722459926 _____ () C:\Users\Petr\Downloads\Atlas-mraků-(1080p-CZ).mkv
2014-10-10 18:09 - 2014-10-26 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Slide Show
2014-10-10 18:08 - 2014-10-10 18:09 - 14134051 _____ () C:\Users\Petr\Downloads\quick-slide-show_2.22.exe
2014-10-10 14:04 - 2014-10-10 14:07 - 44908832 _____ () C:\Users\Petr\Downloads\Proshow-Producer-5.0.3297-+-CRACK-!!!.rar
2014-10-09 15:17 - 2014-10-09 15:17 - 00000340 _____ () C:\Users\Petr\proshow-burn.log
2014-10-03 13:07 - 2014-10-03 20:22 - 3927566336 _____ () C:\Users\Petr\Downloads\Rio-cz.avi
2014-10-01 16:20 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-29 19:40 - 2014-10-20 19:52 - 67936590 _____ () C:\Users\Petr\Documents\uvidíme.pxc
2014-09-29 19:40 - 2014-10-09 15:25 - 00666345 _____ () C:\Users\Petr\Documents\uvidíme.psh
2014-09-29 19:40 - 2014-10-09 15:08 - 00666344 _____ () C:\Users\Petr\Documents\uvidíme.bak
2014-09-29 19:40 - 2014-09-29 19:56 - 00663932 _____ () C:\Users\Petr\Documents\uvidíme.b01
2014-09-29 19:40 - 2014-09-29 19:41 - 00663981 _____ () C:\Users\Petr\Documents\uvidíme.b02
2014-09-26 19:29 - 2014-09-26 19:29 - 00002087 _____ () C:\Users\Public\Desktop\ProShow Producer.lnk
2014-09-26 19:29 - 2014-09-26 19:29 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Netscape
2014-09-26 19:29 - 2014-09-26 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer
2014-09-26 19:29 - 2014-09-26 19:29 - 00000000 ____D () C:\Program Files\Photodex Presenter
2014-09-26 19:28 - 2014-09-26 19:29 - 00000000 ____D () C:\ProgramData\Photodex
2014-09-26 19:28 - 2014-09-26 19:28 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Photodex
2014-09-26 19:28 - 2014-09-26 19:28 - 00000000 ____D () C:\Program Files\Photodex
2014-09-26 19:22 - 2014-09-26 19:24 - 40220992 _____ () C:\Users\Petr\Downloads\Photodex-ProShow-Producer-5.0.3310-CZ.rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 18:39 - 2013-08-27 18:17 - 00000000 ____D () C:\Users\Petr\AppData\Local\PMB Files
2014-10-26 18:29 - 2014-09-24 18:15 - 00000372 _____ () C:\Windows\Tasks\WpsUpdateTask_Petr.job
2014-10-26 18:12 - 2012-12-30 18:02 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-26 17:46 - 2012-11-14 10:21 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 16:50 - 2011-06-07 10:39 - 01087568 _____ () C:\Windows\WindowsUpdate.log
2014-10-26 14:02 - 2009-07-14 05:34 - 00031904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 14:02 - 2009-07-14 05:34 - 00031904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 14:01 - 2010-11-20 22:01 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-26 13:55 - 2012-12-30 18:02 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-26 13:55 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 13:36 - 2011-06-07 10:39 - 00000000 ____D () C:\Users\Petr
2014-10-26 13:20 - 2012-12-30 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-26 13:20 - 2012-11-13 15:54 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-26 13:20 - 2011-06-07 10:39 - 00001120 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-26 10:00 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-10-26 05:28 - 2014-02-11 18:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5
2014-10-26 05:28 - 2014-01-19 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FineRecovery
2014-10-26 05:28 - 2013-04-19 16:48 - 00000000 ____D () C:\Users\Petr\AppData\Local\CrashDumps
2014-10-26 05:28 - 2012-11-14 13:21 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server
2014-10-26 05:28 - 2012-06-07 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jaws Systems
2014-10-26 05:28 - 2011-06-21 17:27 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2014-10-26 04:34 - 2009-07-14 03:04 - 00000580 _____ () C:\Windows\win.ini
2014-10-25 14:31 - 2014-01-22 19:24 - 00000000 ____D () C:\Users\Petr\Desktop\účesy
2014-10-22 15:38 - 2012-12-30 14:22 - 06260224 ___SH () C:\Users\Petr\Downloads\Thumbs.db
2014-10-21 16:52 - 2012-11-13 12:11 - 00000000 ____D () C:\Users\Petr\Desktop\Fotečky
2014-10-20 16:44 - 2011-08-23 22:20 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\BSplayer PRO
2014-10-19 07:33 - 2014-01-28 19:46 - 00000000 ____D () C:\Users\Petr\Desktop\naše tvorba
2014-10-19 07:33 - 2013-03-16 10:53 - 00000000 ____D () C:\Users\Petr\Documents\FFOutput
2014-10-18 20:35 - 2014-08-28 17:39 - 00000000 ____D () C:\Users\Petr\Desktop\hudba na svatbu
2014-10-17 17:59 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-10-17 16:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-17 16:13 - 2009-07-14 05:33 - 00495056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-17 16:11 - 2014-05-06 14:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 20:05 - 2011-06-07 11:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-16 20:02 - 2013-08-14 20:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 19:54 - 2011-04-08 10:16 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 17:39 - 2012-11-13 15:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-10 18:12 - 2014-09-22 19:14 - 00000000 ____D () C:\Program Files\Quick Slide Show
2014-10-10 13:57 - 2014-06-24 15:35 - 00001972 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-10-10 13:57 - 2014-06-21 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-10-10 13:57 - 2011-06-06 08:11 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-05 15:32 - 2013-01-17 12:47 - 00000000 ____D () C:\Users\Petr\Desktop\pohádky
2014-10-02 18:24 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-28 14:01 - 2012-06-01 22:14 - 00020480 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-26 19:29 - 2012-11-13 15:56 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Mozilla

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 00:41

==================== End Of Log ============================

Bezi tam dva antiviry - MSE a NOD32 - jeden z nich musi kazdopadne pryc. Pokud mate na NOD zakoupenou licenci, tak jej nechte, pokud ne, tak NOD do pryc.

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-09-20] (Adobe Systems Incorporated)
  HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
  HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
  HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [RemoteCenter] => C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE [147456 2004-06-25] (Creative Technology Ltd)
  HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
  HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [Pando Media Booster] => C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2013-08-27] ()
  HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\Run: [Sony PC Companion] => C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
  HKU\S-1-5-21-2001693606-2778892166-153574141-1000\...\MountPoints2: {557bfdac-f917-11e3-8fea-1c6f65d9cc96} - F:\Startme.exe
  
  URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
  
  CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&t ... 4271642716
  
  S1 DMFilter; system32\drivers\DMFilter.sys [X]
  S1 hxxzoczx; \??\C:\Windows\system32\drivers\hxxzoczx.sys [X]
  S1 idrhafyy; \??\C:\Windows\system32\drivers\idrhafyy.sys [X]
  S1 kutykdeb; \??\C:\Windows\system32\drivers\kutykdeb.sys [X]
  S1 oxfupnzi; \??\C:\Windows\system32\drivers\oxfupnzi.sys [X]
  C:\Windows\system32\drivers\hxxzoczx.sys
  C:\Windows\system32\drivers\idrhafyy.sys
  C:\Windows\system32\drivers\kutykdeb.sys
  C:\Windows\system32\drivers\oxfupnzi.sys
  
  2014-10-26 18:38 - 2014-10-26 18:38 - 00014756 _____ () C:\Users\Petr\Downloads\FRST.txt
  2014-10-26 18:37 - 2014-10-26 18:37 - 00000000 ____D () C:\Users\Petr\Downloads\FRST-OlderVersion
  2014-10-26 13:38 - 2014-10-26 13:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-10-26 13:28 - 2014-10-26 13:55 - 00012043 _____ () C:\zoek-results.log
  2014-10-26 13:26 - 2014-10-26 13:36 - 00000000 ____D () C:\zoek_backup
  2014-10-26 13:25 - 2014-10-26 13:26 - 01290752 _____ () C:\Users\Petr\Downloads\zoek.exe
  2014-10-26 13:25 - 2014-10-26 13:25 - 00021272 _____ () C:\Users\Petr\Desktop\AdwCleaner[S0].txt
  2014-10-26 13:21 - 2014-10-26 13:55 - 00000652 _____ () C:\Windows\PFRO.log
  2014-10-26 13:21 - 2014-10-26 13:55 - 00000112 _____ () C:\Windows\setupact.log
  2014-10-26 13:21 - 2014-10-26 13:21 - 00000000 _____ () C:\Windows\setuperr.log
  2014-10-26 13:17 - 2014-10-26 13:20 - 00000000 ____D () C:\AdwCleaner
  2014-10-26 13:16 - 2014-10-26 13:17 - 01962496 _____ () C:\Users\Petr\Downloads\adwcleaner_4.001.exe
  2014-10-26 07:57 - 2014-10-26 07:58 - 00000000 ____D () C:\rsit
  2014-10-26 07:57 - 2014-10-26 07:58 - 00000000 ____D () C:\Program Files\trend micro
  2014-10-26 07:56 - 2014-10-26 07:56 - 01107968 _____ () C:\Users\Petr\Downloads\RSIT.exe
  2014-10-25 19:29 - 2014-10-26 05:06 - 00000000 ____D () C:\Program Files\innoApp
  2014-10-25 19:28 - 2014-10-26 16:04 - 00001328 _____ () C:\Windows\Tasks\JYH.job
  2014-10-25 19:27 - 2014-10-26 17:24 - 00001680 _____ () C:\Windows\Tasks\PBFXEPI.job
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt