FB Private video

Zpráva

nicky.2000 · #1 Příspěvek od **nicky.2000** » 06 pro 2014 21:20

Ano, jsem debil. Přišla mi od kamaráda, který mi shodou okolností bohužel často nějaká videa posílá, zpráva s tímto videem. Klikla jsem na to, chtělo to po mně nějaké youtube rozšíření, což jsem sice zavřela, ale pak jsem koukala, že tam to rozšíření stejně mám. Smazala jsem to, ale záhy jsem zjistila, že se stejný odkaz s videem automaticky odeslal všem mým přátelům v soukromé zprávě. Okamžitě jsem všem napsala varování, ať to neotvírají, a teď potřebuju vyřešit svůj problém. Jelikož jsem žádný .exe soubor nestáhla, nevím, jestli teda v počítači vir mám, nebo se pouze rozeslal ten spam. Avast nic nehlásí.
Mohl by mi prosím někdo poradit, jak postupovat? Předem moc děkuju!

#2 Příspěvek od **vyosek** » 06 pro 2014 21:24

Zdravim a pekny vecer preji

Dejte log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100 a kouknem na to

nicky.2000 · #3 Příspěvek od **nicky.2000** » 06 pro 2014 21:53

Nejde mi spustit ten FRSTLauncher. Možná proto, že používám ještě XP.

#4 Příspěvek od **vyosek** » 06 pro 2014 21:55

Tak spustte jen samotny FRST

nicky.2000 · #5 Příspěvek od **nicky.2000** » 06 pro 2014 22:02

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2014 02
Ran by doma (administrator) on DOMA-95E00D2E76 on 06-12-2014 21:59:00
Running from C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
Loaded Profile: doma (Available profiles: doma)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(BitTorrent Inc.) C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent\updates\3.4.2_35702.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe
(ICQ) C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ICQM\icq.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16857600 2008-02-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-05-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-23] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NSU_agent] => C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [uTorrent] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent\updates\3.4.2_35702.exe [1385808 2014-11-12] (BitTorrent Inc.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [iLivid] => "C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Gadwin PrintScreen (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe [12326560 2014-05-27] (Gadwin Systems)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [icq] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ICQM\icq.exe [34848264 2014-07-24] (ICQ)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [LiveSupport] => "C:\Program Files\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [TornTv Downloader] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe /c=startup
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Only-search] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\onlysearch\onlysearch\1.3.14.11\onlysearch.exe
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\MountPoints2: {43b3539a-1857-11e4-98da-0021853469aa} - F:\OblivionLauncher.exe
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exeaswBoot.exe /M:940804baed05 /dir:"C:\Program Files\AVAST Software\Avast"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1004336348-602609370-682003330-1004] => http=127.0.0.1:41017
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc ... 9962999629
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> 0F797EB4A49660AD252EB537C7E74195 URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> 286F752FD6CD468E5CCBB6B943AC0976 URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> EA1E71FEE399B7BB3147D1FEC001E6DC URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> EA3D442948A771916E62AD5955860694 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.only-search.com/?q={searchTe ... t&tsp=5402
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://istart.webssearches.com/web/?typ ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.ht ... earchTerms}
BHO: No Name -> {544d1238-13bb-4e77-82f0-c9491d2c073f} -> No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: No Name -> {aec568db-d8b6-469e-8f57-dfd82e2e5756} -> No File
Toolbar: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 79.98.156.2 79.98.152.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchEngineS: GadgetBox
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SearchEngineOrder.1S: GadgetBox
FF SelectedSearchEngine: Seznam
FF SelectedSearchEngineS: GadgetBox
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @alawar.com/npapi -> C:\WINDOWS\npapi.dll (Alawar)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\firmy.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\freeonlineradioplayerrecorder-customized-web-search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\GadgetBox.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\MyOnlineSearch.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\onlysearchkms.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\SearchAmong.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\szukaj-gazeta-pl.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\videa.seznam.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\zbozi.cz-015348.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar [2014-10-05]
FF Extension: NextCoup - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\B3G@S.net [2014-10-20]
FF Extension: YoutuBBeAadBlocke - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\DEuv@Kfxr.net [2014-10-20]
FF Extension: GeoSave - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\mnMYc4J4@DcU.edu [2014-10-20]
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar.xpi [2014-07-08]
FF Extension: TimeLineRemove.Com - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\tl_r@jetpack.xpi [2013-06-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-02]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://istart.webssearches.com/?type=sc ... 9962999629

Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1413380460&from=wpc&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYUH19962999629
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (GCVote) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2013-09-07]
CHR Extension: (GeoSave) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dilmbipdciijdlljhkkemephcnbmobmk [2014-10-15]
CHR Extension: (TLRemove) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk [2013-03-07]
CHR Extension: (NextCoup) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lgmpbjmdohcbefjoomihfhkfchnkekji [2014-10-15]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-23]
CHR HKLM\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-23] (AVAST Software)
S2 c67abfdb; c:\Program Files\SW-Booster\AssistantSvc.dll [174928 2014-10-15] () [File not signed]
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-23] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-11-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-23] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-07-02] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [253640 2014-11-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-23] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-23] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-23] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-07-31] (Disc Soft Ltd)
S3 HPFXBULKLEDM; C:\WINDOWS\System32\drivers\hppcbulkio.sys [20504 2011-05-10] (Hewlett Packard)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-07-31] (Duplex Secure Ltd.)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 21:59 - 2014-12-06 21:59 - 00023158 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.txt
2014-12-06 21:58 - 2014-12-06 21:58 - 00029696 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\MSGBOX.EXE
2014-12-06 21:58 - 2014-12-06 21:58 - 00015327 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\LM.bat
2014-12-06 21:58 - 2014-12-06 21:50 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
2014-12-06 21:55 - 2014-12-06 21:59 - 00000000 ____D () C:\FRST
2014-12-06 21:50 - 2014-12-06 21:44 - 01111040 _____ (Farbar) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.exe
2014-12-04 04:50 - 2014-12-04 04:50 - 00016921 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Olomouc multi.xlsx
2014-12-04 04:39 - 2014-12-06 04:38 - 00024492 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Olomouc mystery.xlsx
2014-12-04 03:00 - 2014-12-04 03:00 - 00282992 _____ () C:\WINDOWS\msxml4-KB2758694-enu.LOG
2014-12-04 02:51 - 2014-12-04 02:51 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\EurekaLog
2014-12-04 02:44 - 2014-12-04 04:45 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\gsak
2014-12-04 02:44 - 2014-12-04 04:43 - 00000000 ____D () C:\Program Files\gsak
2014-12-04 02:44 - 2014-12-04 02:44 - 00000633 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\GSAK.lnk
2014-12-04 02:44 - 2014-12-04 02:44 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GSAK
2014-12-04 02:44 - 2014-12-04 02:44 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GSAK
2014-12-04 02:44 - 2012-08-06 17:39 - 02416640 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatZip2.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 02068480 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatHttp.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 01818624 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatFtp2.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 00700416 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatCharset.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 00622592 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatBz2.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 00577536 _____ () C:\WINDOWS\system32\ChilkatCsv.dll
2014-12-04 02:44 - 2008-10-08 12:11 - 00007492 _____ () C:\WINDOWS\SDENSX.UDF
2014-12-04 02:44 - 2000-01-24 05:01 - 00111104 _____ (Inprise Corporation) C:\WINDOWS\system32\midas.dll
2014-12-02 22:43 - 2014-12-02 22:43 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Nokia
2014-12-02 22:34 - 2014-12-02 22:34 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
2014-12-02 22:34 - 2014-12-02 22:34 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
2014-12-02 22:32 - 2014-12-02 22:42 - 00000000 ____D () C:\Program Files\Nokia
2014-12-02 22:32 - 2014-12-02 22:42 - 00000000 ____D () C:\Program Files\Common Files\Nokia
2014-12-02 22:32 - 2014-12-02 22:33 - 00019862 _____ () C:\WINDOWS\DPINST.LOG
2014-12-02 22:32 - 2014-12-02 22:33 - 00000000 ____D () C:\Program Files\DIFX
2014-12-02 22:32 - 2014-12-02 22:32 - 00001770 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Nokia PC Suite.lnk
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Program Files\Common Files\PCSuite
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Nokia PC Suite
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Nokia PC Suite
2014-12-02 22:32 - 2012-06-11 11:33 - 00019072 _____ (Nokia) C:\WINDOWS\system32\Drivers\pccsmcfd.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00137600 _____ (Nokia) C:\WINDOWS\system32\Drivers\nmwcdnsu.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00023168 _____ (Nokia) C:\WINDOWS\system32\Drivers\ccdcmbo.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00018176 _____ (Nokia) C:\WINDOWS\system32\Drivers\ccdcmb.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00008576 _____ (Nokia) C:\WINDOWS\system32\Drivers\nmwcdnsuc.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00008192 _____ (Nokia) C:\WINDOWS\system32\Drivers\usbser_lowerfltj.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00008192 _____ (Nokia) C:\WINDOWS\system32\Drivers\usbser_lowerflt.sys
2014-12-02 22:31 - 2014-12-02 22:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Installations
2014-12-02 22:31 - 2014-12-02 22:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Installations
2014-11-24 17:36 - 2014-11-24 17:36 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ArtifexMundi
2014-11-23 02:55 - 2014-11-23 02:55 - 00001804 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Avast SafeZone.lnk
2014-11-23 02:55 - 2014-11-23 02:55 - 00001744 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Avast Internet Security.lnk
2014-11-23 02:55 - 2014-11-23 02:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVAST Software
2014-11-23 02:55 - 2014-11-23 02:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVAST Software
2014-11-23 02:55 - 2014-11-23 02:54 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-23 02:54 - 2014-11-23 02:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-12 17:09 - 2014-11-12 17:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SugarGames
2014-11-12 17:09 - 2014-11-12 17:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SugarGames
2014-11-08 02:12 - 2014-11-08 02:12 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Five-BN Games

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 21:59 - 2014-06-29 10:41 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
2014-12-06 21:59 - 2014-06-29 10:41 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp
2014-12-06 21:58 - 2014-06-29 10:41 - 00000000 ___HD () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací
2014-12-06 21:57 - 2012-11-04 21:43 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent
2014-12-06 21:55 - 2014-06-29 11:16 - 00015628 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-12-06 21:36 - 2012-03-21 14:46 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Skype
2014-12-06 21:33 - 2014-06-29 12:05 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 20:56 - 2014-10-15 15:12 - 00000000 ____D () C:\Program Files\NextCoup
2014-12-06 20:45 - 2014-10-04 02:49 - 00000370 _____ () C:\WINDOWS\Tasks\At6.job
2014-12-06 17:39 - 2012-03-22 07:21 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\vlc
2014-12-06 17:10 - 2014-10-15 16:05 - 00000984 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-12-06 17:10 - 2014-10-15 16:05 - 00000980 _____ () C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-12-06 17:05 - 2014-10-15 16:05 - 00004826 _____ () C:\WINDOWS\Tasks\efacc9f8-8745-4a7b-b3e1-3f287ec996e3-11.job
2014-12-06 17:05 - 2014-10-15 16:05 - 00004144 _____ () C:\WINDOWS\Tasks\efacc9f8-8745-4a7b-b3e1-3f287ec996e3-3.job
2014-12-06 17:05 - 2014-10-15 16:05 - 00001740 _____ () C:\WINDOWS\Tasks\NKBXUML.job
2014-12-06 15:37 - 2014-06-29 12:21 - 01187830 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-06 15:15 - 2014-10-15 16:04 - 00000274 _____ () C:\WINDOWS\Tasks\EPUpdater.job
2014-12-06 14:55 - 2014-07-02 00:58 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-12-06 14:30 - 2014-10-04 02:49 - 00000370 _____ () C:\WINDOWS\Tasks\At8.job
2014-12-06 14:30 - 2014-07-02 20:13 - 00000370 _____ () C:\WINDOWS\Tasks\At4.job
2014-12-06 13:39 - 2014-06-29 10:30 - 01180322 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-06 13:36 - 2014-07-04 01:12 - 00000644 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-12-06 13:36 - 2014-06-29 12:24 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-06 13:36 - 2014-06-29 12:24 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-12-06 13:35 - 2014-06-29 15:24 - 00000220 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-06 13:35 - 2014-06-29 12:05 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 13:35 - 2014-06-29 10:40 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-06 06:32 - 2014-06-29 10:40 - 00032610 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-06 06:31 - 2014-06-29 10:41 - 00000178 ___SH () C:\Documents and Settings\doma.DOMA-95E00D2E76\ntuser.ini
2014-12-06 03:49 - 2014-10-04 02:49 - 00000370 _____ () C:\WINDOWS\Tasks\At7.job
2014-12-05 07:39 - 2014-06-29 10:41 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76
2014-12-05 03:22 - 2012-05-17 19:42 - 00002563 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Microsoft Office Word 2007.lnk
2014-12-04 19:01 - 2008-04-14 13:00 - 00012984 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-04 06:11 - 2012-03-22 19:42 - 00161792 ____C () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-04 03:17 - 2014-05-02 22:45 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\GeoGet
2014-12-04 03:00 - 2014-07-03 23:41 - 00000661 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\GeoGet.lnk
2014-12-04 03:00 - 2014-07-03 23:41 - 00000000 ____D () C:\Program Files\GeoGet
2014-12-04 03:00 - 2014-07-03 23:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GeoGet
2014-12-04 03:00 - 2014-07-03 23:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GeoGet
2014-12-04 03:00 - 2014-06-29 12:21 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Plocha
2014-12-04 02:51 - 2014-06-29 10:41 - 00000000 __RHD () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací
2014-12-04 02:44 - 2014-06-29 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-12-04 02:44 - 2014-06-29 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-12-03 23:45 - 2014-06-29 10:41 - 00000000 ___RD () C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy
2014-12-03 23:41 - 2014-07-02 20:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
2014-12-03 23:41 - 2014-07-02 20:52 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
2014-12-03 23:41 - 2014-06-29 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty
2014-12-03 23:41 - 2012-07-23 23:33 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\AlawarEntertainment
2014-12-03 00:30 - 2014-07-04 01:12 - 00000616 _____ () C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-12-02 22:45 - 2014-06-29 12:19 - 00868916 _____ () C:\WINDOWS\setupapi.log
2014-12-02 22:45 - 2014-06-29 12:19 - 00205446 _____ () C:\WINDOWS\setupact.log
2014-12-02 22:43 - 2014-07-04 20:11 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-12-02 22:43 - 2012-11-18 22:40 - 00001991 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Nokia Software Updater.lnk
2014-12-02 22:34 - 2014-06-29 12:19 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-12-01 00:53 - 2014-07-04 01:12 - 00000446 _____ () C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-11-23 02:55 - 2014-07-02 00:58 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-23 02:55 - 2014-07-02 00:58 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00253640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00026136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-14 10:15 - 2014-10-04 02:49 - 00000370 _____ () C:\WINDOWS\Tasks\At5.job
2014-11-13 00:11 - 2014-06-29 12:36 - 00002283 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
2014-11-12 03:07 - 2014-07-03 22:46 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2014-11-12 03:07 - 2014-07-03 22:46 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2014-11-12 03:05 - 2014-06-29 14:28 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 03:01 - 2014-06-29 13:48 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-08 15:00 - 2014-06-29 15:24 - 00000214 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job

Files to move or delete:
====================
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job
C:\Windows\Tasks\At7.job
C:\Windows\Tasks\At8.job

Some content of TEMP:
====================
C:\Documents and Settings\doma\Local Settings\Temp\GeewaBlackRainbowCs_0.exe
C:\Documents and Settings\doma\Local Settings\Temp\GeewaTheSpellCs_0.exe
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\GeewaAbyssTheWraithsofEdenCollectorsEditionCs_1669.exe
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\GeewaClawsandFeathersCs_1669.exe
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\Setup.exe
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp\_is243.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

#6 Příspěvek od **vyosek** » 06 pro 2014 22:05

Odinstalujte Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

nicky.2000 · #7 Příspěvek od **nicky.2000** » 06 pro 2014 22:22

# AdwCleaner v4.104 - Report created 06/12/2014 at 22:18:41
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : doma - DOMA-95E00D2E76
# Running from : C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_4.104.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : c67abfdb

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\NextCoup
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Tbccint
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AlawarWrapper
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\GooSaave
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\YoutuBBeAadBlocke
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Data aplikací\680baa167f4c998c
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\NextCoup
Folder Deleted : C:\Program Files\sw-booster

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Internet Explorer.lnk
Shortcut Disinfected : C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk
Shortcut Disinfected : C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Only-search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-4207289789
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282722
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5ca8d475-1a86-47c5-847b-248815b7f14d}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5ca8d475-1a86-47c5-847b-248815b7f14d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\TornTv Downloader
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SW-Booster
Key Deleted : HKLM\SOFTWARE\Upt
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\WinUpd
Key Deleted : HKLM\SOFTWARE\SI-App
Key Deleted : HKLM\SOFTWARE\RST
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v31.0 (x86 cs)

-\\ Google Chrome v39.0.2171.71

-\\ Chromium v

-\\ Comodo Dragon v

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [11563 octets] - [06/12/2014 22:14:43]
AdwCleaner[S0].txt - [10727 octets] - [06/12/2014 22:18:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10788 octets] ##########

#8 Příspěvek od **vyosek** » 06 pro 2014 22:32

Pokracujte Zoek-em

nicky.2000 · #9 Příspěvek od **nicky.2000** » 06 pro 2014 22:41

Zoek.exe v5.0.0.0 Updated 06-December-2014
Tool run by doma on so 06.12.2014 at 22:28:36,43.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-12-06-212457.log 1403 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{544d1238-13bb-4e77-82f0-c9491d2c073f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{544d1238-13bb-4e77-82f0-c9491d2c073f} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{aec568db-d8b6-469e-8f57-dfd82e2e5756} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aec568db-d8b6-469e-8f57-dfd82e2e5756} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\WINDOWS\System32\FunctionPathSamba deleted
C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted
C:\SoloApp deleted
C:\user.js deleted
C:\WINDOWS\Tasks\efacc9f8-8745-4a7b-b3e1-3f287ec996e3-11.job deleted
C:\WINDOWS\Tasks\efacc9f8-8745-4a7b-b3e1-3f287ec996e3-3.job deleted
C:\WINDOWS\SET3.tmp deleted
C:\WINDOWS\SET4.tmp deleted
C:\WINDOWS\SET8.tmp deleted
C:\WINDOWS\wininit.ini deleted
C:\WINDOWS\tasks\EPUpdater.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job deleted
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job deleted
C:\WINDOWS\tasks\At4.job deleted
C:\WINDOWS\tasks\At5.job deleted
C:\WINDOWS\tasks\At6.job deleted
C:\WINDOWS\tasks\At7.job deleted
C:\WINDOWS\tasks\At8.job deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03.07.2014 15:41]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[23.11.2014 02:54]
mibfbmhijjgpkmobcfdlelpccpeafoom - No path found[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
"Start Page"="https://www.seznam.cz/?clid=22668"
"Search Bar"="https://www.seznam.cz/?clid=22668"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\fi]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\ma]
@="http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\zb]
@="http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} Seznam Url="http://search.seznam.cz/?sourceid=quick ... earchTerms}"
{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Unknown Url="Not_Found"
{szukaj.gazeta.pl} Gazeta.pl Url="http://szukaj.gazeta.pl/internet/0,0.ht ... earchTerms}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7130468A-F53F-4698-8C09-A339EA3B05E6} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\A8640317F35F8964C8903A93AEB3506E deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\doma\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=26 folders=2 19697789 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\DOMA~1.DOM\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on so 06.12.2014 at 22:39:44,81 ======================

#10 Příspěvek od **vyosek** » 06 pro 2014 23:00

Poprosim o novy log z FRST

nicky.2000 · #11 Příspěvek od **nicky.2000** » 06 pro 2014 23:04

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-12-2014 02
Ran by doma (administrator) on DOMA-95E00D2E76 on 06-12-2014 23:02:22
Running from C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
Loaded Profile: doma (Available profiles: doma)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(BitTorrent Inc.) C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent\updates\3.4.2_35702.exe
(Gadwin Systems) C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe
(ICQ) C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ICQM\icq.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\ping.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16857600 2008-02-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-05-20] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-11-23] (AVAST Software)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NSU_agent] => C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [uTorrent] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent\updates\3.4.2_35702.exe [1385808 2014-11-12] (BitTorrent Inc.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Gadwin PrintScreen (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe [12326560 2014-05-27] (Gadwin Systems)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [icq] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ICQM\icq.exe [34848264 2014-07-24] (ICQ)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\MountPoints2: {43b3539a-1857-11e4-98da-0021853469aa} - F:\OblivionLauncher.exe
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> 0F797EB4A49660AD252EB537C7E74195 URL = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> 286F752FD6CD468E5CCBB6B943AC0976 URL = http://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> EA1E71FEE399B7BB3147D1FEC001E6DC URL = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> EA3D442948A771916E62AD5955860694 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> {szukaj.gazeta.pl} URL = http://szukaj.gazeta.pl/internet/0,0.ht ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-1004336348-602609370-682003330-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 79.98.156.2 79.98.152.2

FireFox:
========
FF ProfilePath: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default
FF DefaultSearchEngine: Seznam
FF DefaultSearchEngineS: GadgetBox
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SearchEngineOrder.1S: GadgetBox
FF SelectedSearchEngine: Seznam
FF SelectedSearchEngineS: GadgetBox
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @alawar.com/npapi -> C:\WINDOWS\npapi.dll (Alawar)
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\firmy.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\freeonlineradioplayerrecorder-customized-web-search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\GadgetBox.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\MyOnlineSearch.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\onlysearchkms.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\SearchAmong.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\szukaj-gazeta-pl.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\videa.seznam.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\yqs-barff-yandex.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\zbozi.cz-015348.xml
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar [2014-10-05]
FF Extension: NextCoup - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\B3G@S.net [2014-10-20]
FF Extension: YoutuBBeAadBlocke - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\DEuv@Kfxr.net [2014-10-20]
FF Extension: GeoSave - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\mnMYc4J4@DcU.edu [2014-10-20]
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar.xpi [2014-07-08]
FF Extension: TimeLineRemove.Com - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\tl_r@jetpack.xpi [2013-06-25]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-02]

Chrome:
=======
CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1413380460&from=wpc&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYUH19962999629
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (GCVote) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2013-09-07]
CHR Extension: (GeoSave) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dilmbipdciijdlljhkkemephcnbmobmk [2014-10-15]
CHR Extension: (TLRemove) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk [2013-03-07]
CHR Extension: (NextCoup) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lgmpbjmdohcbefjoomihfhkfchnkekji [2014-10-15]
CHR Extension: (Peněženka Google) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-23]
CHR HKLM\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-23] (AVAST Software)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-11-23] ()
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [26136 2014-11-23] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [70384 2014-11-23] (AVAST Software)
R0 aswNdis; C:\WINDOWS\System32\DRIVERS\aswNdis.sys [12112 2014-07-02] (ALWIL Software)
R0 aswNdis2; C:\WINDOWS\system32\Drivers\aswNdis2.sys [253640 2014-11-23] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55240 2014-11-23] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-11-23] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [787800 2014-11-23] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [423784 2014-11-23] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57928 2014-11-23] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206248 2014-11-23] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [243128 2014-07-31] (Disc Soft Ltd)
S3 HPFXBULKLEDM; C:\WINDOWS\System32\drivers\hppcbulkio.sys [20504 2011-05-10] (Hewlett Packard)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [320120 2014-07-31] (Duplex Secure Ltd.)
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S4 IntelIde; No ImagePath
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 23:02 - 2014-12-06 23:02 - 00015327 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\LM.bat
2014-12-06 22:37 - 2014-12-06 23:02 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Temp
2014-12-06 22:37 - 2014-12-06 22:28 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-12-06 22:29 - 2014-12-06 22:24 - 00001403 _____ () C:\zoek-results2014-12-06-212457.log
2014-12-06 22:23 - 2014-12-06 22:39 - 00009553 _____ () C:\zoek-results.log
2014-12-06 22:22 - 2014-12-06 22:35 - 00000000 ____D () C:\zoek_backup
2014-12-06 22:22 - 2014-12-06 22:22 - 01295360 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\zoek.exe
2014-12-06 22:14 - 2014-12-06 22:18 - 00000000 ____D () C:\AdwCleaner
2014-12-06 22:14 - 2014-12-06 22:14 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-06 22:14 - 2014-12-06 22:13 - 02153472 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_4.104.exe
2014-12-06 22:01 - 2014-12-06 22:01 - 00008306 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Addition.rar
2014-12-06 21:59 - 2014-12-06 23:02 - 00019024 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.txt
2014-12-06 21:58 - 2014-12-06 23:02 - 00029696 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\MSGBOX.EXE
2014-12-06 21:55 - 2014-12-06 23:02 - 00000000 ____D () C:\FRST
2014-12-06 21:50 - 2014-12-06 21:50 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
2014-12-06 21:50 - 2014-12-06 21:44 - 01111040 _____ (Farbar) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.exe
2014-12-04 04:50 - 2014-12-04 04:50 - 00016921 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Olomouc multi.xlsx
2014-12-04 04:39 - 2014-12-06 04:38 - 00024492 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Olomouc mystery.xlsx
2014-12-04 03:00 - 2014-12-04 03:00 - 00282992 _____ () C:\WINDOWS\msxml4-KB2758694-enu.LOG
2014-12-04 02:51 - 2014-12-04 02:51 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\EurekaLog
2014-12-04 02:44 - 2014-12-04 04:45 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\gsak
2014-12-04 02:44 - 2014-12-04 04:43 - 00000000 ____D () C:\Program Files\gsak
2014-12-04 02:44 - 2014-12-04 02:44 - 00000633 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\GSAK.lnk
2014-12-04 02:44 - 2014-12-04 02:44 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GSAK
2014-12-04 02:44 - 2014-12-04 02:44 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GSAK
2014-12-04 02:44 - 2012-08-06 17:39 - 02416640 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatZip2.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 02068480 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatHttp.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 01818624 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatFtp2.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 00700416 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatCharset.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 00622592 _____ (Chilkat Software, Inc.) C:\WINDOWS\system32\ChilkatBz2.dll
2014-12-04 02:44 - 2012-08-06 17:38 - 00577536 _____ () C:\WINDOWS\system32\ChilkatCsv.dll
2014-12-04 02:44 - 2008-10-08 12:11 - 00007492 _____ () C:\WINDOWS\SDENSX.UDF
2014-12-04 02:44 - 2000-01-24 05:01 - 00111104 _____ (Inprise Corporation) C:\WINDOWS\system32\midas.dll
2014-12-02 22:43 - 2014-12-02 22:43 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Nokia
2014-12-02 22:34 - 2014-12-02 22:34 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
2014-12-02 22:34 - 2014-12-02 22:34 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\PC Suite
2014-12-02 22:32 - 2014-12-02 22:42 - 00000000 ____D () C:\Program Files\Nokia
2014-12-02 22:32 - 2014-12-02 22:42 - 00000000 ____D () C:\Program Files\Common Files\Nokia
2014-12-02 22:32 - 2014-12-02 22:33 - 00019862 _____ () C:\WINDOWS\DPINST.LOG
2014-12-02 22:32 - 2014-12-02 22:33 - 00000000 ____D () C:\Program Files\DIFX
2014-12-02 22:32 - 2014-12-02 22:32 - 00001770 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Nokia PC Suite.lnk
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Program Files\Common Files\PCSuite
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Nokia PC Suite
2014-12-02 22:32 - 2014-12-02 22:32 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Nokia PC Suite
2014-12-02 22:32 - 2012-06-11 11:33 - 00019072 _____ (Nokia) C:\WINDOWS\system32\Drivers\pccsmcfd.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00137600 _____ (Nokia) C:\WINDOWS\system32\Drivers\nmwcdnsu.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00023168 _____ (Nokia) C:\WINDOWS\system32\Drivers\ccdcmbo.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00018176 _____ (Nokia) C:\WINDOWS\system32\Drivers\ccdcmb.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00008576 _____ (Nokia) C:\WINDOWS\system32\Drivers\nmwcdnsuc.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00008192 _____ (Nokia) C:\WINDOWS\system32\Drivers\usbser_lowerfltj.sys
2014-12-02 22:32 - 2012-01-09 17:28 - 00008192 _____ (Nokia) C:\WINDOWS\system32\Drivers\usbser_lowerflt.sys
2014-12-02 22:31 - 2014-12-02 22:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Installations
2014-12-02 22:31 - 2014-12-02 22:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Installations
2014-11-24 17:36 - 2014-11-24 17:36 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ArtifexMundi
2014-11-23 02:55 - 2014-11-23 02:55 - 00001804 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Avast SafeZone.lnk
2014-11-23 02:55 - 2014-11-23 02:55 - 00001744 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Avast Internet Security.lnk
2014-11-23 02:55 - 2014-11-23 02:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVAST Software
2014-11-23 02:55 - 2014-11-23 02:55 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\AVAST Software
2014-11-23 02:55 - 2014-11-23 02:54 - 00291352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-23 02:54 - 2014-11-23 02:54 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-12 17:09 - 2014-11-12 17:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SugarGames
2014-11-12 17:09 - 2014-11-12 17:09 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\SugarGames
2014-11-08 02:12 - 2014-11-08 02:12 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Five-BN Games

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 23:02 - 2014-06-29 10:41 - 00000000 ___HD () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací
2014-12-06 23:02 - 2014-06-29 10:41 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
2014-12-06 23:01 - 2014-06-29 11:16 - 00015628 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-12-06 23:01 - 2012-03-21 14:46 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Skype
2014-12-06 23:00 - 2012-11-04 21:43 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent
2014-12-06 22:44 - 2014-06-29 12:21 - 01187830 ____C () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-06 22:41 - 2014-06-29 10:30 - 01203662 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-06 22:40 - 2014-07-02 00:58 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-12-06 22:40 - 2014-06-29 12:24 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-12-06 22:40 - 2014-06-29 12:24 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-12-06 22:39 - 2014-10-15 16:05 - 00001740 _____ () C:\WINDOWS\Tasks\NKBXUML.job
2014-12-06 22:39 - 2014-06-29 15:24 - 00000220 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-06 22:39 - 2014-06-29 12:05 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 22:39 - 2014-06-29 10:40 - 00032388 _____ () C:\WINDOWS\SchedLgU.Txt
2014-12-06 22:39 - 2014-06-29 10:40 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-06 22:38 - 2014-06-29 10:41 - 00000178 ___SH () C:\Documents and Settings\doma.DOMA-95E00D2E76\ntuser.ini
2014-12-06 22:38 - 2014-06-29 10:41 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76
2014-12-06 22:33 - 2014-06-29 12:05 - 00000940 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 22:18 - 2014-06-29 12:19 - 00000000 __RHD () C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2014-12-06 22:18 - 2014-06-29 12:06 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Google Chrome
2014-12-06 22:18 - 2014-06-29 12:06 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Google Chrome
2014-12-06 22:18 - 2014-06-29 10:41 - 00000782 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Internet Explorer.lnk
2014-12-06 22:18 - 2014-06-29 10:41 - 00000000 ___RD () C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy
2014-12-06 22:10 - 2014-07-04 01:12 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-12-06 22:09 - 2014-07-04 01:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy
2014-12-06 22:09 - 2014-07-04 01:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy
2014-12-06 22:09 - 2014-06-29 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-12-06 22:09 - 2014-06-29 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy
2014-12-06 22:09 - 2014-06-29 12:21 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Plocha
2014-12-06 17:39 - 2012-03-22 07:21 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\vlc
2014-12-05 03:22 - 2012-05-17 19:42 - 00002563 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Microsoft Office Word 2007.lnk
2014-12-04 19:01 - 2008-04-14 13:00 - 00012984 _____ () C:\WINDOWS\system32\wpa.dbl
2014-12-04 06:11 - 2012-03-22 19:42 - 00161792 ____C () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-04 03:17 - 2014-05-02 22:45 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\GeoGet
2014-12-04 03:00 - 2014-07-03 23:41 - 00000661 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\GeoGet.lnk
2014-12-04 03:00 - 2014-07-03 23:41 - 00000000 ____D () C:\Program Files\GeoGet
2014-12-04 03:00 - 2014-07-03 23:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GeoGet
2014-12-04 03:00 - 2014-07-03 23:41 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\GeoGet
2014-12-04 02:51 - 2014-06-29 10:41 - 00000000 __RHD () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací
2014-12-03 23:41 - 2014-06-29 12:21 - 00000000 ___RD () C:\Documents and Settings\All Users.WINDOWS\Dokumenty
2014-12-03 23:41 - 2012-07-23 23:33 - 00000000 ____D () C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\AlawarEntertainment
2014-12-02 22:45 - 2014-06-29 12:19 - 00868916 _____ () C:\WINDOWS\setupapi.log
2014-12-02 22:45 - 2014-06-29 12:19 - 00205446 _____ () C:\WINDOWS\setupact.log
2014-12-02 22:43 - 2014-07-04 20:11 - 00000000 ____D () C:\Program Files\MSXML 4.0
2014-12-02 22:43 - 2012-11-18 22:40 - 00001991 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Nokia Software Updater.lnk
2014-11-23 02:55 - 2014-07-02 00:58 - 00787800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-23 02:55 - 2014-07-02 00:58 - 00423784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00253640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNdis2.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00206248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00070384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00057928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00055240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00026136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2014-11-23 02:54 - 2014-07-02 00:58 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-13 00:11 - 2014-06-29 12:36 - 00002283 _____ () C:\Documents and Settings\All Users.WINDOWS\Plocha\Skype.lnk
2014-11-12 03:07 - 2014-07-03 22:46 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2014-11-12 03:07 - 2014-07-03 22:46 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2014-11-12 03:05 - 2014-06-29 14:28 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-12 03:01 - 2014-06-29 13:48 - 100445232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-08 15:00 - 2014-06-29 15:24 - 00000214 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job

Some content of TEMP:
====================
C:\Documents and Settings\doma\Local Settings\Temp\GeewaBlackRainbowCs_0.exe
C:\Documents and Settings\doma\Local Settings\Temp\GeewaTheSpellCs_0.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

#12 Příspěvek od **vyosek** » 06 pro 2014 23:17

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NSU_agent] => C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [uTorrent] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent\updates\3.4.2_35702.exe [1385808 2014-11-12] (BitTorrent Inc.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Gadwin PrintScreen (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe [12326560 2014-05-27] (Gadwin Systems)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [icq] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ICQM\icq.exe [34848264 2014-07-24] (ICQ)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\MountPoints2: {43b3539a-1857-11e4-98da-0021853469aa} - F:\OblivionLauncher.exe
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
BootExecute: autocheck autochk * sdnclean.exe

FF DefaultSearchEngineS: GadgetBox
FF SearchEngineOrder.1S: GadgetBox
F SelectedSearchEngineS: GadgetBox
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\firmy.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\freeonlineradioplayerrecorder-customized-web-search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\GadgetBox.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\MyOnlineSearch.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\onlysearchkms.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\SearchAmong.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\szukaj-gazeta-pl.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\videa.seznam.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\yqs-barff-yandex.xml
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar [2014-10-05]
FF Extension: NextCoup - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\B3G@S.net [2014-10-20]
FF Extension: YoutuBBeAadBlocke - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\DEuv@Kfxr.net [2014-10-20]
FF Extension: GeoSave - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\mnMYc4J4@DcU.edu [2014-10-20]
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar.xpi [2014-07-08]
FF Extension: TimeLineRemove.Com - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\tl_r@jetpack.xpi [2013-06-25]

CHR Extension: (GCVote) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2013-09-07]
CHR Extension: (GeoSave) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dilmbipdciijdlljhkkemephcnbmobmk [2014-10-15]
CHR Extension: (TLRemove) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk [2013-03-07]
CHR Extension: (NextCoup) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lgmpbjmdohcbefjoomihfhkfchnkekji [2014-10-15]
CHR HKLM\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path

2014-12-06 23:02 - 2014-12-06 23:02 - 00015327 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\LM.bat
2014-12-06 22:37 - 2014-12-06 22:28 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-12-06 22:29 - 2014-12-06 22:24 - 00001403 _____ () C:\zoek-results2014-12-06-212457.log
2014-12-06 22:23 - 2014-12-06 22:39 - 00009553 _____ () C:\zoek-results.log
2014-12-06 22:22 - 2014-12-06 22:35 - 00000000 ____D () C:\zoek_backup
2014-12-06 22:22 - 2014-12-06 22:22 - 01295360 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\zoek.exe
2014-12-06 22:14 - 2014-12-06 22:18 - 00000000 ____D () C:\AdwCleaner
2014-12-06 22:14 - 2014-12-06 22:14 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-06 22:14 - 2014-12-06 22:13 - 02153472 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_4.104.exe
2014-12-06 22:01 - 2014-12-06 22:01 - 00008306 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Addition.rar
2014-12-06 21:59 - 2014-12-06 23:02 - 00019024 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.txt
2014-12-06 21:58 - 2014-12-06 23:02 - 00029696 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\MSGBOX.EXE
2014-12-06 21:50 - 2014-12-06 21:50 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
2014-12-06 22:10 - 2014-07-04 01:12 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-12-06 22:09 - 2014-07-04 01:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy
2014-12-06 22:09 - 2014-07-04 01:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy

2014-11-08 15:00 - 2014-06-29 15:24 - 00000214 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-06 22:39 - 2014-10-15 16:05 - 00001740 _____ () C:\WINDOWS\Tasks\NKBXUML.job
2014-12-06 22:39 - 2014-06-29 15:24 - 00000220 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-06 22:39 - 2014-06-29 12:05 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

nicky.2000 · #13 Příspěvek od **nicky.2000** » 06 pro 2014 23:24

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-12-2014 02
Ran by doma at 2014-12-06 23:19:51 Run:1
Running from C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha
Loaded Profile: doma (Available profiles: doma)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [NSU_agent] => C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [uTorrent] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\uTorrent\updates\3.4.2_35702.exe [1385808 2014-11-12] (BitTorrent Inc.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Gadwin PrintScreen (32-bit)] => C:\Program Files\Gadwin\Gadwin PrintScreen\PrintScreen32.exe [12326560 2014-05-27] (Gadwin Systems)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [icq] => C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\ICQM\icq.exe [34848264 2014-07-24] (ICQ)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [22067296 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-1004336348-602609370-682003330-1004\...\MountPoints2: {43b3539a-1857-11e4-98da-0021853469aa} - F:\OblivionLauncher.exe
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
Startup: C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe (No File)
BootExecute: autocheck autochk * sdnclean.exe

FF DefaultSearchEngineS: GadgetBox
FF SearchEngineOrder.1S: GadgetBox
F SelectedSearchEngineS: GadgetBox
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\firmy.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\freeonlineradioplayerrecorder-customized-web-search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\GadgetBox.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\MyOnlineSearch.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\onlysearchkms.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\SearchAmong.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam-avast.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\szukaj-gazeta-pl.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\videa.seznam.cz-015348.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\yqs-barff-yandex.xml
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar [2014-10-05]
FF Extension: NextCoup - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\B3G@S.net [2014-10-20]
FF Extension: YoutuBBeAadBlocke - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\DEuv@Kfxr.net [2014-10-20]
FF Extension: GeoSave - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\mnMYc4J4@DcU.edu [2014-10-20]
FF Extension: Game BOX - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar.xpi [2014-07-08]
FF Extension: TimeLineRemove.Com - C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\tl_r@jetpack.xpi [2013-06-25]

CHR Extension: (GCVote) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2013-09-07]
CHR Extension: (GeoSave) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dilmbipdciijdlljhkkemephcnbmobmk [2014-10-15]
CHR Extension: (TLRemove) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk [2013-03-07]
CHR Extension: (NextCoup) - C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lgmpbjmdohcbefjoomihfhkfchnkekji [2014-10-15]
CHR HKLM\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - No Path

2014-12-06 23:02 - 2014-12-06 23:02 - 00015327 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\LM.bat
2014-12-06 22:37 - 2014-12-06 22:28 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-12-06 22:29 - 2014-12-06 22:24 - 00001403 _____ () C:\zoek-results2014-12-06-212457.log
2014-12-06 22:23 - 2014-12-06 22:39 - 00009553 _____ () C:\zoek-results.log
2014-12-06 22:22 - 2014-12-06 22:35 - 00000000 ____D () C:\zoek_backup
2014-12-06 22:22 - 2014-12-06 22:22 - 01295360 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\zoek.exe
2014-12-06 22:14 - 2014-12-06 22:18 - 00000000 ____D () C:\AdwCleaner
2014-12-06 22:14 - 2014-12-06 22:14 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-06 22:14 - 2014-12-06 22:13 - 02153472 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_4.104.exe
2014-12-06 22:01 - 2014-12-06 22:01 - 00008306 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Addition.rar
2014-12-06 21:59 - 2014-12-06 23:02 - 00019024 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.txt
2014-12-06 21:58 - 2014-12-06 23:02 - 00029696 _____ () C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\MSGBOX.EXE
2014-12-06 21:50 - 2014-12-06 21:50 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe
2014-12-06 22:10 - 2014-07-04 01:12 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-12-06 22:09 - 2014-07-04 01:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy
2014-12-06 22:09 - 2014-07-04 01:12 - 00000000 ____D () C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy

2014-11-08 15:00 - 2014-06-29 15:24 - 00000214 _____ () C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-06 22:39 - 2014-10-15 16:05 - 00001740 _____ () C:\WINDOWS\Tasks\NKBXUML.job
2014-12-06 22:39 - 2014-06-29 15:24 - 00000220 _____ () C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2014-12-06 22:39 - 2014-06-29 12:05 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NSU_agent => value deleted successfully.
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Gadwin PrintScreen (32-bit) => value deleted successfully.
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\icq => value deleted successfully.
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-1004336348-602609370-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray => value deleted successfully.
"HKU\S-1-5-21-1004336348-602609370-682003330-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{43b3539a-1857-11e4-98da-0021853469aa}" => Key deleted successfully.
"HKCR\CLSID\{43b3539a-1857-11e4-98da-0021853469aa}" => Key not found.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe not found.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Nabídka Start\Programy\Po spuštění\TornTvDownloader.lnk not found.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\TornTV.com\Torntv Downloader.exe not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
Firefox DefaultSearchEngineS deleted successfully.
Firefox SearchEngineOrder.1S deleted successfully.
F SelectedSearchEngineS: GadgetBox => Error: No automatic fix found for this entry.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\babylon.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\firmy.cz-015348.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\freeonlineradioplayerrecorder-customized-web-search.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\GadgetBox.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\MyOnlineSearch.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\onlysearchkms.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\SearchAmong.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\seznam-avast.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\szukaj-gazeta-pl.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\videa.seznam.cz-015348.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\Web Search.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\searchplugins\yqs-barff-yandex.xml => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\B3G@S.net => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\DEuv@Kfxr.net => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\mnMYc4J4@DcU.edu => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\alawar@Alawar.xpi => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Data aplikací\Mozilla\Firefox\Profiles\6x7bcx0y.default\Extensions\tl_r@jetpack.xpi => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dilmbipdciijdlljhkkemephcnbmobmk => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\hneieddeibpcngeljjkdpcajfcgelalk => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lgmpbjmdohcbefjoomihfhkfchnkekji => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\mibfbmhijjgpkmobcfdlelpccpeafoom" => Key deleted successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\LM.bat => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results2014-12-06-212457.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\AdwCleanerDebug.txt => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\adwcleaner_4.104.exe => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\Addition.rar => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRST.txt => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Local Settings\Data aplikací\MSGBOX.EXE => Moved successfully.
C:\Documents and Settings\doma.DOMA-95E00D2E76\Plocha\FRSTLauncher.exe => Moved successfully.
C:\Program Files\Spybot - Search & Destroy 2 => Moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy => Moved successfully.
"C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spybot - Search & Destroy" => File/Directory not found.
C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job => Moved successfully.
C:\WINDOWS\Tasks\NKBXUML.job => Moved successfully.
C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 583.4 MB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#14 Příspěvek od **vyosek** » 06 pro 2014 23:25

Tak co FB, stale si sam povida???

nicky.2000 · #15 Příspěvek od **nicky.2000** » 06 pro 2014 23:26

Ne, zdá se, že už ho to přestalo bavit.

VIRY.CZ

FB Private video

FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video

Re: FB Private video