omiga-plus a trojan?

[vava8]

Dobrý den, mohli byste mi prosím pomoct vyčistit ntbk?
včera jsem stahoval a omylem nainstaloval Omiga+..... dle googlu jsem našel odkazy co ho může najít a vymazat... použil jsem STOPZILLA , která našla asi 130? nákaz? , ale na konci scanu chtěli platbu pro dokončení
Prosím poraďte mi, čím a jak můžu vyčistit. Před tím ntb běžel fakt super, rychle nabíhali W, vše ok.
Teď to chroustá, vše pomalé.
Díky moc vava

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-12-2014
Ran by vasudeva (administrator) on VND on 13-12-2014 10:17:56
Running from C:\Users\vasudeva\Desktop
Loaded Profile: vasudeva (Available profiles: vasudeva)
Platform: Microsoft Windows 8 Pro (X86) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(TODO: <Company name>) C:\Program Files\STab\ProtectService.exe
(Microsoft Corporation) C:\Windows\sppsvc.exe
() C:\Program Files\innoApp\updateinnoApp.exe
(TODO: <Company name>) C:\Program Files\STab\HPNotify.exe
(BitTorrent Inc.) C:\Users\vasudeva\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(forum.viry.cz) C:\Users\vasudeva\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SBRegRebootCleaner] => "C:\Program Files\STOPzilla!\sbrc.exe"
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\...\Run: [uTorrent] => C:\Users\vasudeva\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-12-02] (BitTorrent Inc.)
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\...\RunOnce: [Adobe Speed Launcher] => 1418459120
Startup: C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
ShortcutTarget: TornTvDownloader.lnk -> C:\Users\vasudeva\AppData\Roaming\TornTV.com\TornTV Downloader.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... 4915549155
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... 4915549155
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hp& ... 4915549155
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hp& ... 4915549155
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... 4915549155
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-3683556855-2863975626-802348343-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-3683556855-2863975626-802348343-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
BHO: innoApp 1.0.0.5 -> {59e47ef9-5163-4e82-9c17-3d6f63dda496} -> C:\Program Files\innoApp\innoAppbho.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Mapy.cz
FF SelectedSearchEngine: omiga-plus
FF Homepage: hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\user.js
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\omiga-plus.xml
FF Extension: Fast Start - C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\faststartff@gmail.com [2014-12-12]
FF Extension: innoApp 1.0.1 - C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi [2014-12-12]
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc& ... 4915549155

Chrome:
=======
CHR Profile: C:\Users\vasudeva\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\vasudeva\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]
CHR Extension: (No Name) - C:\Users\vasudeva\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
R2 IHProtect Service; C:\Program Files\STab\ProtectService.exe [158864 2014-11-10] (TODO: <Company name>)
R2 SLSvc; C:\Windows\sppsvc.exe [10240 2012-08-25] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Update innoApp; C:\Program Files\innoApp\updateinnoApp.exe [523544 2014-12-12] ()
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13864 2012-07-26] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485888 2014-12-12] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [24576 2012-07-26] (Microsoft Corporation)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [175320 2013-10-28] (Broadcom Corporation.)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [144600 2013-10-28] (Broadcom Corporation.)
R3 netwlv32; C:\Windows\system32\DRIVERS\netwlv32.sys [6637056 2012-06-02] (Intel Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
R2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S1 {7b92ebda-59e4-4459-a904-440931a40b95}Gw; system32\drivers\{7b92ebda-59e4-4459-a904-440931a40b95}Gw.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 10:17 - 2014-12-13 10:18 - 00010132 _____ () C:\Users\vasudeva\Desktop\FRST.txt
2014-12-13 10:16 - 2014-12-13 10:17 - 00000000 ____D () C:\FRST
2014-12-13 10:15 - 2014-12-13 10:15 - 00112640 _____ (forum.viry.cz) C:\Users\vasudeva\Desktop\FRSTLauncher.exe
2014-12-13 10:14 - 2014-12-13 10:14 - 01111040 _____ (Farbar) C:\Users\vasudeva\Desktop\FRST.exe
2014-12-13 10:11 - 2014-12-13 10:11 - 00112107 _____ (forum.viry.cz) C:\Users\vasudeva\Downloads\VerzeOS.exe
2014-12-13 10:05 - 2014-12-13 10:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000464 __RSH () C:\ProgramData\ntuser.pol
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-83132.txt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-81791.txt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-81697.txt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-81463.txt
2014-12-12 23:44 - 2014-12-12 23:44 - 00000117 _____ () C:\Windows\system32\netcfg-189490124.txt
2014-12-12 21:49 - 2014-12-12 21:49 - 00000117 _____ () C:\Windows\system32\netcfg-182562993.txt
2014-12-12 21:49 - 2014-12-12 21:49 - 00000117 _____ () C:\Windows\system32\netcfg-182561730.txt
2014-12-12 21:22 - 2014-12-12 21:23 - 00707664 _____ (iS3, Inc.) C:\Users\vasudeva\Downloads\SZSetup_AID10121_AV.exe
2014-12-12 21:07 - 2014-12-13 09:31 - 00000000 ____D () C:\Program Files\STab
2014-12-12 21:07 - 2014-12-12 21:07 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-12 21:06 - 2014-12-12 21:06 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-12 21:03 - 2014-12-12 23:22 - 00000000 ____D () C:\Program Files\innoApp
2014-12-12 21:00 - 2014-12-13 09:25 - 00001358 _____ () C:\Windows\Tasks\GCMIBS.job
2014-12-12 21:00 - 2014-12-13 09:25 - 00001354 _____ () C:\Windows\Tasks\DLSL.job
2014-12-12 21:00 - 2014-12-12 21:00 - 02061280 _____ (no) C:\Users\vasudeva\AppData\Roaming\DLSL.exe
2014-12-12 21:00 - 2014-12-12 21:00 - 01567200 _____ (no) C:\Users\vasudeva\AppData\Roaming\GCMIBS.exe
2014-12-12 20:59 - 2014-12-12 21:09 - 00000000 ____D () C:\Program Files\globalUpdate
2014-12-12 20:59 - 2014-12-12 20:59 - 00466456 _____ () C:\Users\vasudeva\Downloads\bruteens_2003_2009_any_sets_Full(1).exe
2014-12-12 20:59 - 2014-12-12 20:59 - 00000000 ____D () C:\Users\vasudeva\AppData\Local\globalUpdate
2014-12-12 20:53 - 2014-12-12 20:53 - 00466456 _____ () C:\Users\vasudeva\Downloads\bruteens_2003_2009_any_sets_Full.exe
2014-12-12 20:33 - 2014-12-13 09:30 - 00000000 ____D () C:\Users\vasudeva\Downloads\Godzilla (2014) [1080p]
2014-12-12 10:00 - 2014-12-12 10:04 - 54401068 _____ () C:\Users\vasudeva\Downloads\100907-221914.WAV
2014-12-12 09:38 - 2014-12-12 09:38 - 00000117 _____ () C:\Windows\system32\netcfg-138730285.txt
2014-12-12 09:38 - 2014-12-12 09:38 - 00000117 _____ () C:\Windows\system32\netcfg-138729380.txt
2014-12-11 08:10 - 2014-12-11 08:10 - 00000117 _____ () C:\Windows\system32\netcfg-47031774.txt
2014-12-11 08:10 - 2014-12-11 08:10 - 00000117 _____ () C:\Windows\system32\netcfg-47029902.txt
2014-12-10 19:08 - 2014-12-10 19:08 - 00000117 _____ () C:\Windows\system32\netcfg-101681.txt
2014-12-10 19:07 - 2014-12-10 19:07 - 00000117 _____ () C:\Windows\system32\netcfg-40560.txt
2014-12-10 19:04 - 2014-12-10 19:04 - 00000117 _____ () C:\Windows\system32\netcfg-80683841.txt
2014-12-10 19:04 - 2014-12-10 19:04 - 00000117 _____ () C:\Windows\system32\netcfg-80682781.txt
2014-12-09 23:07 - 2014-12-09 23:07 - 00000000 ____D () C:\Users\vasudeva\Documents\Adobe Scripts
2014-12-09 20:40 - 2014-12-09 20:40 - 00000117 _____ () C:\Windows\system32\netcfg-65941.txt
2014-12-09 20:40 - 2014-12-09 20:40 - 00000117 _____ () C:\Windows\system32\netcfg-45692.txt
2014-12-09 17:47 - 2014-12-09 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-462207936.txt
2014-12-09 17:47 - 2014-12-09 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-462207843.txt
2014-12-09 08:39 - 2014-12-09 08:39 - 00000117 _____ () C:\Windows\system32\netcfg-429347199.txt
2014-12-09 08:39 - 2014-12-09 08:39 - 00000117 _____ () C:\Windows\system32\netcfg-429347090.txt
2014-12-08 09:26 - 2014-12-08 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-345767792.txt
2014-12-08 09:26 - 2014-12-08 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-345766076.txt
2014-12-07 20:11 - 2014-12-07 20:11 - 03747323 _____ () C:\Users\vasudeva\Downloads\RQMONEY_v23.ZIP
2014-12-07 20:11 - 2014-12-07 20:11 - 00000000 ____D () C:\Users\vasudeva\Downloads\RQMONEY_v23
2014-12-07 18:15 - 2014-12-07 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-291070175.txt
2014-12-07 18:15 - 2014-12-07 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-291067507.txt
2014-12-07 14:46 - 2014-12-07 14:46 - 00000117 _____ () C:\Windows\system32\netcfg-278541719.txt
2014-12-07 14:46 - 2014-12-07 14:46 - 00000117 _____ () C:\Windows\system32\netcfg-278541610.txt
2014-12-07 09:23 - 2014-12-07 09:23 - 00000117 _____ () C:\Windows\system32\netcfg-259161871.txt
2014-12-07 09:23 - 2014-12-07 09:23 - 00000117 _____ () C:\Windows\system32\netcfg-259161543.txt
2014-12-06 09:45 - 2014-12-06 09:45 - 00000117 _____ () C:\Windows\system32\netcfg-174086835.txt
2014-12-06 09:45 - 2014-12-06 09:45 - 00000117 _____ () C:\Windows\system32\netcfg-174086741.txt
2014-12-05 09:07 - 2014-12-05 09:07 - 00000117 _____ () C:\Windows\system32\netcfg-85404806.txt
2014-12-05 09:07 - 2014-12-05 09:07 - 00000117 _____ () C:\Windows\system32\netcfg-85404681.txt
2014-12-04 20:14 - 2014-12-04 20:14 - 00000117 _____ () C:\Windows\system32\netcfg-39045225.txt
2014-12-04 20:14 - 2014-12-04 20:14 - 00000117 _____ () C:\Windows\system32\netcfg-39045006.txt
2014-12-04 09:24 - 2014-12-04 09:24 - 00000117 _____ () C:\Windows\system32\netcfg-60684.txt
2014-12-04 09:24 - 2014-12-04 09:24 - 00000117 _____ () C:\Windows\system32\netcfg-38579.txt
2014-12-04 09:21 - 2014-12-04 09:21 - 00000117 _____ () C:\Windows\system32\netcfg-85799317.txt
2014-12-04 09:21 - 2014-12-04 09:21 - 00000117 _____ () C:\Windows\system32\netcfg-85799036.txt
2014-12-03 19:46 - 2014-12-03 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-36881444.txt
2014-12-03 19:46 - 2014-12-03 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-36880461.txt
2014-12-03 09:36 - 2014-12-03 09:36 - 00000117 _____ () C:\Windows\system32\netcfg-289007.txt
2014-12-03 09:32 - 2014-12-03 09:32 - 00000117 _____ () C:\Windows\system32\netcfg-38017.txt
2014-12-03 08:52 - 2014-12-03 08:52 - 00000117 _____ () C:\Windows\system32\netcfg-83833283.txt
2014-12-03 08:52 - 2014-12-03 08:52 - 00000117 _____ () C:\Windows\system32\netcfg-83833190.txt
2014-12-02 09:47 - 2014-12-02 09:47 - 00000816 _____ () C:\Users\vasudeva\Desktop\µTorrent.lnk
2014-12-02 09:47 - 2014-12-02 09:47 - 00000796 _____ () C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-12-02 09:47 - 2014-12-02 09:47 - 00000117 _____ () C:\Windows\system32\netcfg-710085.txt
2014-12-02 09:36 - 2014-12-02 09:36 - 00000117 _____ () C:\Windows\system32\netcfg-38454.txt
2014-11-27 20:21 - 2014-11-27 20:21 - 00000117 _____ () C:\Windows\system32\netcfg-23605837.txt
2014-11-27 20:21 - 2014-11-27 20:21 - 00000117 _____ () C:\Windows\system32\netcfg-23603715.txt
2014-11-27 20:14 - 2014-11-27 20:14 - 00000117 _____ () C:\Windows\system32\netcfg-23186506.txt
2014-11-27 20:12 - 2014-11-27 20:12 - 00000117 _____ () C:\Windows\system32\netcfg-23036714.txt
2014-11-27 19:47 - 2014-11-27 19:47 - 00000725 _____ () C:\Windows\setupact.log
2014-11-27 19:47 - 2014-11-27 19:47 - 00000117 _____ () C:\Windows\system32\netcfg-21528855.txt
2014-11-27 19:47 - 2014-11-27 19:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-11-27 19:47 - 2014-11-27 19:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-27 19:14 - 2014-11-27 19:14 - 00000117 _____ () C:\Windows\system32\netcfg-19559498.txt
2014-11-27 18:28 - 2014-11-27 18:28 - 00000000 ____D () C:\Users\vasudeva\Downloads\GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-plná-verze
2014-11-27 18:27 - 2014-12-02 09:48 - 06137356 _____ () C:\Users\vasudeva\Downloads\GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-plná-verze.rar
2014-11-27 17:25 - 2014-11-27 17:25 - 00000117 _____ () C:\Windows\system32\netcfg-13026348.txt
2014-11-27 17:00 - 2014-11-27 17:00 - 00000000 ____D () C:\Users\vasudeva\Downloads\Aura_Sygic+Mapy_14.3.2_R-118658_CZSK_Android_27.6.2014
2014-11-27 16:46 - 2014-11-27 16:46 - 00000117 _____ () C:\Windows\system32\netcfg-10678642.txt
2014-11-27 16:46 - 2014-11-27 16:46 - 00000117 _____ () C:\Windows\system32\netcfg-10672168.txt
2014-11-27 16:45 - 2014-11-27 16:45 - 00000117 _____ () C:\Windows\system32\netcfg-10666084.txt
2014-11-27 16:13 - 2014-11-27 16:20 - 230328071 _____ () C:\Users\vasudeva\Downloads\Aura_Sygic+Mapy_14.3.2_R-118658_CZSK_Android_27.6.2014.rar
2014-11-27 15:44 - 2014-11-27 15:44 - 00000117 _____ () C:\Windows\system32\netcfg-6953229.txt
2014-11-27 15:31 - 2014-11-27 15:31 - 00000117 _____ () C:\Windows\system32\netcfg-6190821.txt
2014-11-27 15:05 - 2014-11-27 15:05 - 00000156 _____ () C:\Windows\system32\netcfg-4605648.txt
2014-11-27 14:00 - 2014-11-27 14:00 - 00000117 _____ () C:\Windows\system32\netcfg-740427.txt
2014-11-27 13:49 - 2014-11-27 13:49 - 00000117 _____ () C:\Windows\system32\netcfg-50637.txt
2014-11-25 11:26 - 2014-11-25 11:26 - 00000117 _____ () C:\Windows\system32\netcfg-511622360.txt
2014-11-25 11:26 - 2014-11-25 11:26 - 00000117 _____ () C:\Windows\system32\netcfg-511620613.txt
2014-11-24 13:05 - 2014-11-24 13:05 - 00000117 _____ () C:\Windows\system32\netcfg-431130181.txt
2014-11-24 13:01 - 2014-11-24 13:01 - 00000117 _____ () C:\Windows\system32\netcfg-430924681.txt
2014-11-24 12:51 - 2014-11-24 12:51 - 00000117 _____ () C:\Windows\system32\netcfg-430318633.txt
2014-11-24 12:51 - 2014-11-24 12:51 - 00000117 _____ () C:\Windows\system32\netcfg-430310100.txt
2014-11-24 11:30 - 2014-11-24 11:30 - 00000117 _____ () C:\Windows\system32\netcfg-425445786.txt
2014-11-24 11:30 - 2014-11-24 11:30 - 00000117 _____ () C:\Windows\system32\netcfg-425444881.txt
2014-11-23 20:33 - 2014-11-23 20:34 - 00000117 _____ () C:\Windows\system32\netcfg-371642913.txt
2014-11-23 20:33 - 2014-11-23 20:33 - 00000117 _____ () C:\Windows\system32\netcfg-371623038.txt
2014-11-23 20:03 - 2014-11-23 20:03 - 02347384 _____ (ESET) C:\Users\vasudeva\Downloads\esetsmartinstaller_csy.exe
2014-11-23 11:32 - 2014-11-23 11:32 - 00000117 _____ () C:\Windows\system32\netcfg-339140931.txt
2014-11-23 11:32 - 2014-11-23 11:32 - 00000117 _____ () C:\Windows\system32\netcfg-339137733.txt
2014-11-23 11:32 - 2014-11-23 11:32 - 00000117 _____ () C:\Windows\system32\netcfg-339131493.txt
2014-11-23 11:29 - 2014-11-23 11:29 - 00000117 _____ () C:\Windows\system32\netcfg-338967100.txt
2014-11-19 19:02 - 2014-11-19 19:02 - 00000000 ____D () C:\Users\vasudeva\Downloads\vasudev
2014-11-19 17:06 - 2014-11-19 17:26 - 350311710 _____ () C:\Users\vasudeva\Downloads\vasudev.zip
2014-11-19 13:21 - 2014-11-19 13:21 - 00000117 _____ () C:\Windows\system32\netcfg-67096.txt
2014-11-19 13:20 - 2014-11-19 13:20 - 00000117 _____ () C:\Windows\system32\netcfg-38594.txt
2014-11-19 13:13 - 2014-11-19 13:13 - 00000117 _____ () C:\Windows\system32\netcfg-146278034.txt
2014-11-19 13:13 - 2014-11-19 13:13 - 00000117 _____ () C:\Windows\system32\netcfg-146277972.txt
2014-11-18 22:22 - 2014-11-18 22:22 - 00000117 _____ () C:\Windows\system32\netcfg-92788068.txt
2014-11-18 22:22 - 2014-11-18 22:22 - 00000117 _____ () C:\Windows\system32\netcfg-92787865.txt
2014-11-18 07:28 - 2014-11-18 07:28 - 00000117 _____ () C:\Windows\system32\netcfg-39180930.txt
2014-11-18 07:28 - 2014-11-18 07:28 - 00000117 _____ () C:\Windows\system32\netcfg-39180852.txt
2014-11-17 20:37 - 2014-11-17 20:37 - 00000117 _____ () C:\Windows\system32\netcfg-123630.txt
2014-11-17 20:36 - 2014-11-17 20:36 - 00000117 _____ () C:\Windows\system32\netcfg-49046.txt
2014-11-17 20:35 - 2014-12-13 09:23 - 00013118 _____ () C:\Windows\PFRO.log
2014-11-14 07:13 - 2014-12-13 10:14 - 00159345 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 18:07 - 2014-11-13 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-771306773.txt
2014-11-13 18:07 - 2014-11-13 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-771306695.txt
2014-11-13 09:04 - 2014-11-13 09:04 - 00000117 _____ () C:\Windows\system32\netcfg-738737227.txt
2014-11-13 09:04 - 2014-11-13 09:04 - 00000117 _____ () C:\Windows\system32\netcfg-738737134.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 10:16 - 2014-10-16 08:20 - 00000000 ____D () C:\Users\vasudeva\AppData\Roaming\uTorrent
2014-12-13 10:00 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\system32\sru
2014-12-13 09:35 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-13 09:31 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-13 09:30 - 2014-04-04 19:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 09:24 - 2012-07-26 07:04 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 09:23 - 2014-01-05 06:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-12 22:22 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-12 21:24 - 2012-07-26 05:17 - 00000194 _____ () C:\Windows\win.ini
2014-12-12 21:04 - 2014-01-05 06:12 - 00001335 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-12 21:04 - 2014-01-03 05:15 - 00000000 ____D () C:\Program Files\Google
2014-12-12 21:04 - 2014-01-03 04:51 - 00001648 _____ () C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-12 13:24 - 2014-10-22 20:41 - 00000000 ____D () C:\Users\vasudeva\Desktop\plakát
2014-12-12 09:51 - 2014-01-03 17:41 - 00000000 ____D () C:\Users\vasudeva\AppData\Local\Adobe
2014-12-11 09:47 - 2014-01-05 06:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-09 21:00 - 2014-01-03 17:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-08 09:36 - 2014-01-03 04:51 - 00000000 ____D () C:\Users\vasudeva\AppData\Roaming\Adobe
2014-12-08 09:36 - 2012-07-26 05:43 - 00000000 ___RD () C:\Users\Public
2014-12-07 18:28 - 2014-01-03 04:52 - 01626896 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 19:58 - 2014-01-03 20:04 - 00000000 ____D () C:\Users\vasudeva\AppData\Roaming\vlc
2014-11-27 15:04 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\system32\NDF

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-13 09:35




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:148.7 GB) (Free:71.16 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:149.04 GB) (Free:58.04 GB) NTFS

Available physical RAM: 1259.19 MB
Total physical RAM: 2046.43 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0F550F54)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLSL.job => C:\Users\vasudeva\AppData\Roaming\DLSL.exe <==== ATTENTION
Task: C:\Windows\Tasks\GCMIBS.job => C:\Users\vasudeva\AppData\Roaming\GCMIBS.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\vasudeva\Desktop" je 496 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vyosek]

Zdravim

StopZila odinstalujte, pouzijem na to bezplatne nastroje

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[vava8]

tady jsou logy


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-12-2014
Ran by vasudeva at 2014-12-13 10:19:03
Running from C:\Users\vasudeva\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3683556855-2863975626-802348343-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Audition 1.0 (HKLM\...\{81E76DE9-BBCB-449C-91BB-6E4E5436D496}) (Version: 1.0 - Adobe Systems)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Convert MOV to AVI 1.0 (HKLM\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
innoApp (HKLM\...\innoApp) (Version: 2014.12.12.162056 - innoApp) <==== ATTENTION
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 cs) (HKLM\...\Mozilla Firefox 34.0.5 (x86 cs)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NEF to JPG (HKLM\...\{13D87B39-2A3B-4675-A0D9-B8B01EA2F8E3}_is1) (Version: - neftojpg.com)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

23-11-2014 11:19:57 Scheduled Checkpoint
03-12-2014 09:12:34 Scheduled Checkpoint
10-12-2014 18:47:05 Scheduled Checkpoint
12-12-2014 20:33:14 Installed STOPzilla

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 05:17 - 2014-12-12 21:34 - 00000071 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1E84DCB8-8C84-4436-A108-209A65086823} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask
Task: {2D77B0CB-DE07-4328-9B79-0B88B2F20C73} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent
Task: {4C8291B9-489F-4CFC-A6D3-1650200676B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {513E1432-6FA8-4A6A-AE64-1A1846830842} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector
Task: {56F59500-C4D1-4720-859F-13B4998AA792} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask
Task: {600CBAC8-F824-4925-BE23-69B0D808CBB9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater
Task: {70F85AB3-66C5-44E8-A831-6008BE83AE72} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator
Task: {860C4463-DC21-4E8E-9A74-C3F1D5192E63} - System32\Tasks\GCMIBS => C:\Users\vasudeva\AppData\Roaming\GCMIBS.exe [2014-12-12] (no) <==== ATTENTION
Task: {99768757-32DC-4E02-BE1E-2FE4783695EE} - System32\Tasks\Microsoft\Windows\WS\License Validation
Task: {9D6A227D-5EB8-4BB7-A641-8EA99B0BB4D1} - System32\Tasks\AdobeAAMUpdater-1.0-vnd-vasudeva => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {B3372BD3-2521-4D32-B92D-87377630C5BF} - System32\Tasks\DLSL => C:\Users\vasudeva\AppData\Roaming\DLSL.exe [2014-12-12] (no) <==== ATTENTION
Task: {C1B42443-D341-4046-B4A2-DC06832295A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {D6EBC4E6-AC20-492C-B592-A78D60D7CE35} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver
Task: {DBFBC176-B2E9-4CE7-A18A-DC29B3C3AC58} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\WatTask => C:\Windows Activation Technologies\wat.exe [2006-04-21] ()
Task: {DF2D6074-8317-4050-890F-116E54CFAAD9} - System32\Tasks\Microsoft\Windows\Autochk\Proxy

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLSL.job => C:\Users\vasudeva\AppData\Roaming\DLSL.exe <==== ATTENTION
Task: C:\Windows\Tasks\GCMIBS.job => C:\Users\vasudeva\AppData\Roaming\GCMIBS.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-12-12 17:22 - 2014-12-12 21:17 - 00523544 _____ () C:\Program Files\innoApp\updateinnoApp.exe
2014-01-05 06:12 - 2014-12-11 09:47 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



HKU\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Classes\exefile: <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3683556855-2863975626-802348343-500 - Administrator - Disabled)
Guest (S-1-5-21-3683556855-2863975626-802348343-501 - Limited - Disabled)
vasudeva (S-1-5-21-3683556855-2863975626-802348343-1001 - Administrator - Enabled) => C:\Users\vasudeva

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Řadič velkokapacitního paměťového zařízení
Description: Řadič velkokapacitního paměťového zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/12/2014 09:48:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 34.0.5.5443, časové razítko: 0x5475dd5d
Název chybujícího modulu: mozalloc.dll, verze: 34.0.5.5443, časové razítko: 0x5475d664
Kód výjimky: 0x80000003
Posun chyby: 0x00001425
ID chybujícího procesu: 0xbb4
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5

Error: (12/12/2014 09:04:52 PM) (Source: MsiInstaller) (EventID: 11309) (User: vnd)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.

Error: (12/12/2014 09:00:16 PM) (Source: MsiInstaller) (EventID: 11309) (User: vnd)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.

Error: (12/12/2014 08:59:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 34.0.5.5443, časové razítko: 0x5475dd5d
Název chybujícího modulu: mozalloc.dll, verze: 34.0.5.5443, časové razítko: 0x5475d664
Kód výjimky: 0x80000003
Posun chyby: 0x00001425
ID chybujícího procesu: 0xf30
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3
Úplný název chybujícího balíčku: plugin-container.exe4
ID aplikace související s chybujícím balíčkem: plugin-container.exe5

Error: (12/09/2014 08:59:34 PM) (Source: MsiInstaller) (EventID: 1024) (User: vnd)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-7A8C40011010} produktu Adobe Reader XI (11.0.09) - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/09/2014 08:41:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 33.1.0.5423 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e9c

Čas spuštění: 01d013e802490d45

Čas ukončení: 16

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: 6a6ac910-7fdb-11e4-b010-001d72cd4584

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (12/07/2014 01:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SettingSyncHost.exe, verze: 6.2.9200.16384, časové razítko: 0x50109982
Název chybujícího modulu: SLCHook.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x50848ad4
Kód výjimky: 0xc0000005
Posun chyby: 0x72c5321e
ID chybujícího procesu: 0x13c0
Čas spuštění chybující aplikace: 0xSettingSyncHost.exe0
Cesta k chybující aplikaci: SettingSyncHost.exe1
Cesta k chybujícímu modulu: SettingSyncHost.exe2
ID zprávy: SettingSyncHost.exe3
Úplný název chybujícího balíčku: SettingSyncHost.exe4
ID aplikace související s chybujícím balíčkem: SettingSyncHost.exe5

Error: (11/27/2014 08:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vnd)
Description: Aplikaci windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/27/2014 08:01:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vnd)
Description: Aplikaci windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/27/2014 08:00:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vnd)
Description: Aplikaci windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se nepovedlo aktivovat, protože došlo k chybě: -2147009284. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (12/13/2014 10:05:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Definition Update for Windows Defender - KB2267602 (Definition 1.189.2026.0).

Error: (12/13/2014 09:25:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba szkgfs neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/12/2014 11:44:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/12/2014 09:34:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba szkgfs neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/12/2014 09:34:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba szkgfs neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (12/12/2014 09:23:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth Driver Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/12/2014 09:23:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WindowsMangerProtect Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/11/2014 08:08:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/10/2014 09:48:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/10/2014 07:07:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:04:09 PM, ‎12/‎10/‎2014) bylo neočekávané.


Microsoft Office Sessions:
=========================
Error: (12/12/2014 09:48:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425bb401d0164c7795a2b8C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll49c5b510-8240-11e4-b011-001d72cd4584

Error: (12/12/2014 09:04:52 PM) (Source: MsiInstaller) (EventID: 11309) (User: vnd)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/12/2014 09:00:16 PM) (Source: MsiInstaller) (EventID: 11309) (User: vnd)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/12/2014 08:59:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425f3001d01641d494a3e5C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll6c42d3aa-8239-11e4-b011-001d72cd4584

Error: (12/09/2014 08:59:34 PM) (Source: MsiInstaller) (EventID: 1024) (User: vnd)
Description: Adobe Reader XI (11.0.09) - Czech{AC76BA86-7AD7-0000-2550-7A8C40011010}1625(NULL)(NULL)(NULL)

Error: (12/09/2014 08:41:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe33.1.0.5423e9c01d013e802490d4516C:\Program Files\Mozilla Firefox\firefox.exe6a6ac910-7fdb-11e4-b010-001d72cd4584

Error: (12/07/2014 01:23:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SettingSyncHost.exe6.2.9200.1638450109982SLCHook.dll_unloaded0.0.0.050848ad4c000000572c5321e13c001d01218a852f8daC:\Windows\System32\SettingSyncHost.exeSLCHook.dlle9d8ff41-7e0b-11e4-b00f-001d72cd4584

Error: (11/27/2014 08:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vnd)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2147009284

Error: (11/27/2014 08:01:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vnd)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2147009284

Error: (11/27/2014 08:00:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vnd)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2147009284


CodeIntegrity Errors:
===================================
Date: 2014-12-13 09:24:00.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-12-10 19:06:45.579
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-12-09 20:39:49.474
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-12-04 09:24:06.006
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-12-03 09:32:01.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-12-02 09:35:58.549
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-11-27 13:48:40.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-11-19 13:20:11.375
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-11-17 20:36:04.269
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.

Date: 2014-11-04 19:51:31.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\shell32.dll with signing level Unsigned while the system requires signing level Windows or better to load.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5470 @ 1.60GHz
Percentage of memory in use: 38%
Total physical RAM: 2046.43 MB
Available physical RAM: 1259.19 MB
Total Pagefile: 2430.43 MB
Available Pagefile: 1508.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1833.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.7 GB) (Free:71.16 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:149.04 GB) (Free:58.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0F550F54)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================









Zoek.exe v5.0.0.0 Updated 29-11-2014
Tool run by vasudeva on so 13. 12. 2014 at 11:05:31,70.
Microsoft Windows 8 Pro 6.2.9200 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\vasudeva\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13. 12. 2014 11:08:07 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\CorelDRAW Graphics Suite X7 x64 deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EF352CC-AFCC-4E22-BA2-472055BFD39F} deleted successfully
HKEY_USERS\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71240067-60FA-4D38-976F-8AC277F96ADE} deleted successfully
HKEY_USERS\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{969301D5-E6C5-4C20-9B42-781786475A6} deleted successfully
HKEY_USERS\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A24FED09-AB5E-4371-86AD-C51F62BFA0BC} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{59e47ef9-5163-4e82-9c17-3d6f63dda496} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59e47ef9-5163-4e82-9c17-3d6f63dda496} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update innoApp deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update innoApp deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\prefs.js:
user_pref("browser.search.defaultenginename", "Mapy.cz");

Added to C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default\prefs.js:

Added to C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default

user.js not found
---- Lines innoApp removed from prefs.js ----
user_pref("extensions.innoApp.aul", "1418465171410");
user_pref("extensions.innoApp.irl", true);
user_pref("extensions.innoApp.is", "fmxqtcz");
user_pref("extensions.innoApp.ug", "054D0D92-5DB9-4FD7-AC44-DCC66E158B40");
---- Lines quick_start removed from prefs.js ----
user_pref("extensions.quick_start.enable_search1", false);
user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
---- Lines smartbar removed from prefs.js ----
user_pref("smartbar.machineId", "63DTIBF+HJ66ABRSBEVLB8KFM490OJ2+BUS70IVWZ4KYLVTYWRMOQXRZ0PZ0GIRSIKNECYTXASSYP2XP4SVOQW");
---- FireFox user.js and prefs.js backups ----

prefs_201413.12._1130_.backup

ProfilePath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default

user.js not found
---- FireFox user.js and prefs.js backups ----


==== Deleting Files \ Folders ======================

C:\PROGRA~2\CorelDRAW Graphics Suite X7 x64 not found
C:\Windows\tasks\DLSL.job deleted
C:\Windows\system32\tasks\DLSL deleted
C:\Windows\tasks\GCMIBS.job deleted
C:\Windows\system32\tasks\GCMIBS deleted
C:\Windows\System32\drivers\{d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw.sys deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Users\vasudeva\AppData\Roaming\DLSL.exe deleted
C:\Users\vasudeva\AppData\Roaming\GCMIBS.exe deleted
"C:\Users\vasudeva\AppData\Roaming\DLSL" deleted
"C:\Users\vasudeva\AppData\Roaming\GCMIBS" deleted
"C:\Program Files\innoApp\updateinnoApp.exe" deleted
"C:\Program Files\innoApp\bin\innoApp.BrowserAdapter.exe" deleted
"C:\Program Files\innoApp\bin\innoApp.expext.exe" deleted
"C:\Program Files\innoApp\bin\innoApp.expextdll.dll" deleted
"C:\Program Files\innoApp\bin\innoApp.PurBrowse.exe" deleted
"C:\Program Files\innoApp\bin\utilinnoApp.exe" deleted
"C:\Program Files\innoApp\bin\{d8d147c6-9a7e-4967-99b1-99bc4358c405}.dll" deleted
"C:\Program Files\innoApp" not deleted
"C:\Program Files\innoApp\bin" not deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default
- Undetermined - {7b92ebda-59e4-4459-a904-440931a40b95}
- innoApp 1.0.1 - %ProfilePath%\extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi

ProfilePath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default
- innoApp 1.0.1 - %ProfilePath%\extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

Profilepath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default
9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
CBFE3156904AB2D1A097F5E74A6C62F3 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin


==== Fake Chromium Profiles Check ======================

[vava8]

pardon ještě asi toto

# AdwCleaner v4.105 - Report created 13/12/2014 at 11:00:47
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 8 Pro (32 bits)
# Username : vasudeva - VND
# Running from : C:\Users\vasudeva\Downloads\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : WindowsMangerProtect
Service Deleted : IHProtect Service
[#] Service Deleted : {7b92ebda-59e4-4459-a904-440931a40b95}Gw

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Users\vasudeva\AppData\Local\globalUpdate
Folder Deleted : C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\faststartff@gmail.com
File Deleted : C:\END
File Deleted : C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
File Deleted : C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\user.js
File Deleted : C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default\user.js
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\vasudeva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\vasudeva\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKCU\Software\Mozilla\Extends
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\TornTv Downloader

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("CT3289075.UserID", "UN11200770426495118");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("CT3289075.fullUserID", "UN11200770426495118.IN.20140106222820");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("CT3289075.installerVersion", "1.8.1.4");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("CT3289075.toolbarInstallDate", "06-01-2014 22:28:21");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("CT3289075.versionFromInstaller", "10.23.0.722");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("CT3289075.xpeMode", "1");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "omiga-plus");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155");
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.enable_search1", false);
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[5c9pjj07.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "63DTIBF+HJ66ABRSBEVLB8KFM490OJ2+BUS70IVWZ4KYLVTYWRMOQXRZ0PZ0GIRSIKNECYTXASSYP2XP4SVOQW");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [6098 octets] - [13/12/2014 10:58:10]
AdwCleaner[S0].txt - [5632 octets] - [13/12/2014 11:00:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5692 octets] ##########


# AdwCleaner v4.105 - Report created 13/12/2014 at 10:58:10
# Updated 08/12/2014 by Xplode
# Database : 2014-12-12.1 [Live]
# Operating System : Windows 8 Pro (32 bits)
# Username : vasudeva - VND
# Running from : C:\Users\vasudeva\Downloads\adwcleaner_4.105.exe
# Option : Scan

***** [ Services ] *****

Service Found : WindowsMangerProtect
Service Found : IHProtect Service
Service Found : {7b92ebda-59e4-4459-a904-440931a40b95}Gw

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\omiga-plus.xml
File Found : C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
File Found : C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\user.js
File Found : C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\gesn0cb2.default\user.js
Folder Found : C:\Program Files\globalUpdate
Folder Found : C:\ProgramData\WindowsMangerProtect
Folder Found : C:\Users\vasudeva\AppData\Local\globalUpdate
Folder Found : C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\faststartff@gmail.com

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - "C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://isearch.omiga-plus.com/?type=sc&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Smartbar
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Mozilla\Extends
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\omiga-plusSoftware
Key Found : HKLM\SOFTWARE\SupDp
Key Found : HKLM\SOFTWARE\supWindowsMangerProtect
Key Found : HKLM\SOFTWARE\TornTv Downloader
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155&q={searchTerms}
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155&q={searchTerms}

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[5c9pjj07.default] - Line Found : user_pref("CT3289075.UserID", "UN11200770426495118");
[5c9pjj07.default] - Line Found : user_pref("CT3289075.fullUserID", "UN11200770426495118.IN.20140106222820");
[5c9pjj07.default] - Line Found : user_pref("CT3289075.installerVersion", "1.8.1.4");
[5c9pjj07.default] - Line Found : user_pref("CT3289075.toolbarInstallDate", "06-01-2014 22:28:21");
[5c9pjj07.default] - Line Found : user_pref("CT3289075.versionFromInstaller", "10.23.0.722");
[5c9pjj07.default] - Line Found : user_pref("CT3289075.xpeMode", "1");
[5c9pjj07.default] - Line Found : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[5c9pjj07.default] - Line Found : user_pref("browser.search.selectedEngine", "omiga-plus");
[5c9pjj07.default] - Line Found : user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hp&ts=1418414682&from=ild&uid=WDCXWD3200BEVT-22ZCT0_WD-WXE708E4915549155");
[5c9pjj07.default] - Line Found : user_pref("extensions.quick_start.enable_search1", false);
[5c9pjj07.default] - Line Found : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[5c9pjj07.default] - Line Found : user_pref("smartbar.machineId", "63DTIBF+HJ66ABRSBEVLB8KFM490OJ2+BUS70IVWZ4KYLVTYWRMOQXRZ0PZ0GIRSIKNECYTXASSYP2XP4SVOQW");

-\\ Google Chrome v


*************************

AdwCleaner[R0].txt - [5958 octets] - [13/12/2014 10:58:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6018 octets] ##########

[vyosek]

Super, poprosim o novy log z FRST

[vava8]

tady je nový log
.......... trochu mně zaráží že na vašich stránkách na mně vyskakují reklamy jako že jsem vyhrál a mám nevyzvednutou cenu, na prohnuté televize a spouští se nové okno s nějakou online hrou
Má to tak být, nebo jsem při tom čištění špatně zametl a nebo bylo něco nalepené na koště?
Když otevřu nové okno třeba se seznamem, tak je to OK
Ten blbej prohlížeč je pryč to je super....... vše běží rychleji


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2014
Ran by vasudeva (administrator) on VND on 13-12-2014 15:35:19
Running from C:\Users\vasudeva\Desktop
Loaded Profile: vasudeva (Available profiles: vasudeva)
Platform: Microsoft Windows 8 Pro (X86) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\sppsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(BitTorrent Inc.) C:\Users\vasudeva\AppData\Roaming\uTorrent\uTorrent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_235.exe
(forum.viry.cz) C:\Users\vasudeva\Desktop\FRST-OlderVersion\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SBRegRebootCleaner] => "C:\Program Files\STOPzilla!\sbrc.exe"
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\...\Run: [uTorrent] => C:\Users\vasudeva\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-12-02] (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3683556855-2863975626-802348343-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Mapy.cz
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: innoApp 1.0.1 - C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi [2014-12-12]

Chrome:
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1680088 2013-10-28] (Broadcom Corporation.)
R2 SLSvc; C:\Windows\sppsvc.exe [10240 2012-08-25] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13864 2012-07-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [24576 2012-07-26] (Microsoft Corporation)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [175320 2013-10-28] (Broadcom Corporation.)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [144600 2013-10-28] (Broadcom Corporation.)
R3 netwlv32; C:\Windows\system32\DRIVERS\netwlv32.sys [6637056 2012-06-02] (Intel Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S1 {d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw; system32\drivers\{d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 15:35 - 2014-12-13 15:35 - 00000000 ____D () C:\Users\vasudeva\Desktop\FRST-OlderVersion
2014-12-13 11:39 - 2014-12-13 11:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-13 11:08 - 2014-12-13 11:53 - 00012008 _____ () C:\zoek-results.log
2014-12-13 11:05 - 2014-12-13 11:30 - 00000000 ____D () C:\zoek_backup
2014-12-13 10:58 - 2014-12-13 11:00 - 00000000 ____D () C:\AdwCleaner
2014-12-13 10:56 - 2014-12-13 10:56 - 01295360 _____ () C:\Users\vasudeva\Desktop\zoek.exe
2014-12-13 10:52 - 2014-12-13 10:53 - 02166272 _____ () C:\Users\vasudeva\Desktop\adwcleaner_4.105.exe
2014-12-13 10:17 - 2014-12-13 15:35 - 00006368 _____ () C:\Users\vasudeva\Desktop\FRST.txt
2014-12-13 10:16 - 2014-12-13 15:35 - 00000000 ____D () C:\FRST
2014-12-13 10:14 - 2014-12-13 15:35 - 01111552 _____ (Farbar) C:\Users\vasudeva\Desktop\FRST.exe
2014-12-13 10:11 - 2014-12-13 10:11 - 00112107 _____ (forum.viry.cz) C:\Users\vasudeva\Downloads\VerzeOS.exe
2014-12-13 10:05 - 2014-12-13 10:05 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-12-13 09:25 - 2014-12-13 11:53 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-83132.txt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-81791.txt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-81697.txt
2014-12-13 09:25 - 2014-12-13 09:25 - 00000117 _____ () C:\Windows\system32\netcfg-81463.txt
2014-12-12 23:44 - 2014-12-12 23:44 - 00000117 _____ () C:\Windows\system32\netcfg-189490124.txt
2014-12-12 21:49 - 2014-12-12 21:49 - 00000117 _____ () C:\Windows\system32\netcfg-182562993.txt
2014-12-12 21:49 - 2014-12-12 21:49 - 00000117 _____ () C:\Windows\system32\netcfg-182561730.txt
2014-12-12 21:22 - 2014-12-12 21:23 - 00707664 _____ (iS3, Inc.) C:\Users\vasudeva\Downloads\SZSetup_AID10121_AV.exe
2014-12-12 21:07 - 2014-12-13 09:31 - 00000000 ____D () C:\Program Files\STab
2014-12-12 21:07 - 2014-12-12 21:07 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2014-12-12 20:59 - 2014-12-12 20:59 - 00466456 _____ () C:\Users\vasudeva\Downloads\bruteens_2003_2009_any_sets_Full(1).exe
2014-12-12 20:53 - 2014-12-12 20:53 - 00466456 _____ () C:\Users\vasudeva\Downloads\bruteens_2003_2009_any_sets_Full.exe
2014-12-12 20:33 - 2014-12-13 09:30 - 00000000 ____D () C:\Users\vasudeva\Downloads\Godzilla (2014) [1080p]
2014-12-12 10:00 - 2014-12-12 10:04 - 54401068 _____ () C:\Users\vasudeva\Downloads\100907-221914.WAV
2014-12-12 09:38 - 2014-12-12 09:38 - 00000117 _____ () C:\Windows\system32\netcfg-138730285.txt
2014-12-12 09:38 - 2014-12-12 09:38 - 00000117 _____ () C:\Windows\system32\netcfg-138729380.txt
2014-12-11 08:10 - 2014-12-11 08:10 - 00000117 _____ () C:\Windows\system32\netcfg-47031774.txt
2014-12-11 08:10 - 2014-12-11 08:10 - 00000117 _____ () C:\Windows\system32\netcfg-47029902.txt
2014-12-10 19:08 - 2014-12-10 19:08 - 00000117 _____ () C:\Windows\system32\netcfg-101681.txt
2014-12-10 19:07 - 2014-12-10 19:07 - 00000117 _____ () C:\Windows\system32\netcfg-40560.txt
2014-12-10 19:04 - 2014-12-10 19:04 - 00000117 _____ () C:\Windows\system32\netcfg-80683841.txt
2014-12-10 19:04 - 2014-12-10 19:04 - 00000117 _____ () C:\Windows\system32\netcfg-80682781.txt
2014-12-09 23:07 - 2014-12-09 23:07 - 00000000 ____D () C:\Users\vasudeva\Documents\Adobe Scripts
2014-12-09 20:40 - 2014-12-09 20:40 - 00000117 _____ () C:\Windows\system32\netcfg-65941.txt
2014-12-09 20:40 - 2014-12-09 20:40 - 00000117 _____ () C:\Windows\system32\netcfg-45692.txt
2014-12-09 17:47 - 2014-12-09 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-462207936.txt
2014-12-09 17:47 - 2014-12-09 17:47 - 00000117 _____ () C:\Windows\system32\netcfg-462207843.txt
2014-12-09 08:39 - 2014-12-09 08:39 - 00000117 _____ () C:\Windows\system32\netcfg-429347199.txt
2014-12-09 08:39 - 2014-12-09 08:39 - 00000117 _____ () C:\Windows\system32\netcfg-429347090.txt
2014-12-08 09:26 - 2014-12-08 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-345767792.txt
2014-12-08 09:26 - 2014-12-08 09:26 - 00000117 _____ () C:\Windows\system32\netcfg-345766076.txt
2014-12-07 20:11 - 2014-12-07 20:11 - 03747323 _____ () C:\Users\vasudeva\Downloads\RQMONEY_v23.ZIP
2014-12-07 20:11 - 2014-12-07 20:11 - 00000000 ____D () C:\Users\vasudeva\Downloads\RQMONEY_v23
2014-12-07 18:15 - 2014-12-07 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-291070175.txt
2014-12-07 18:15 - 2014-12-07 18:15 - 00000117 _____ () C:\Windows\system32\netcfg-291067507.txt
2014-12-07 14:46 - 2014-12-07 14:46 - 00000117 _____ () C:\Windows\system32\netcfg-278541719.txt
2014-12-07 14:46 - 2014-12-07 14:46 - 00000117 _____ () C:\Windows\system32\netcfg-278541610.txt
2014-12-07 09:23 - 2014-12-07 09:23 - 00000117 _____ () C:\Windows\system32\netcfg-259161871.txt
2014-12-07 09:23 - 2014-12-07 09:23 - 00000117 _____ () C:\Windows\system32\netcfg-259161543.txt
2014-12-06 09:45 - 2014-12-06 09:45 - 00000117 _____ () C:\Windows\system32\netcfg-174086835.txt
2014-12-06 09:45 - 2014-12-06 09:45 - 00000117 _____ () C:\Windows\system32\netcfg-174086741.txt
2014-12-05 09:07 - 2014-12-05 09:07 - 00000117 _____ () C:\Windows\system32\netcfg-85404806.txt
2014-12-05 09:07 - 2014-12-05 09:07 - 00000117 _____ () C:\Windows\system32\netcfg-85404681.txt
2014-12-04 20:14 - 2014-12-04 20:14 - 00000117 _____ () C:\Windows\system32\netcfg-39045225.txt
2014-12-04 20:14 - 2014-12-04 20:14 - 00000117 _____ () C:\Windows\system32\netcfg-39045006.txt
2014-12-04 09:24 - 2014-12-04 09:24 - 00000117 _____ () C:\Windows\system32\netcfg-60684.txt
2014-12-04 09:24 - 2014-12-04 09:24 - 00000117 _____ () C:\Windows\system32\netcfg-38579.txt
2014-12-04 09:21 - 2014-12-04 09:21 - 00000117 _____ () C:\Windows\system32\netcfg-85799317.txt
2014-12-04 09:21 - 2014-12-04 09:21 - 00000117 _____ () C:\Windows\system32\netcfg-85799036.txt
2014-12-03 19:46 - 2014-12-03 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-36881444.txt
2014-12-03 19:46 - 2014-12-03 19:46 - 00000117 _____ () C:\Windows\system32\netcfg-36880461.txt
2014-12-03 09:36 - 2014-12-03 09:36 - 00000117 _____ () C:\Windows\system32\netcfg-289007.txt
2014-12-03 09:32 - 2014-12-03 09:32 - 00000117 _____ () C:\Windows\system32\netcfg-38017.txt
2014-12-03 08:52 - 2014-12-03 08:52 - 00000117 _____ () C:\Windows\system32\netcfg-83833283.txt
2014-12-03 08:52 - 2014-12-03 08:52 - 00000117 _____ () C:\Windows\system32\netcfg-83833190.txt
2014-12-02 09:47 - 2014-12-02 09:47 - 00000816 _____ () C:\Users\vasudeva\Desktop\µTorrent.lnk
2014-12-02 09:47 - 2014-12-02 09:47 - 00000796 _____ () C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-12-02 09:47 - 2014-12-02 09:47 - 00000117 _____ () C:\Windows\system32\netcfg-710085.txt
2014-12-02 09:36 - 2014-12-02 09:36 - 00000117 _____ () C:\Windows\system32\netcfg-38454.txt
2014-11-27 20:21 - 2014-11-27 20:21 - 00000117 _____ () C:\Windows\system32\netcfg-23605837.txt
2014-11-27 20:21 - 2014-11-27 20:21 - 00000117 _____ () C:\Windows\system32\netcfg-23603715.txt
2014-11-27 20:14 - 2014-11-27 20:14 - 00000117 _____ () C:\Windows\system32\netcfg-23186506.txt
2014-11-27 20:12 - 2014-11-27 20:12 - 00000117 _____ () C:\Windows\system32\netcfg-23036714.txt
2014-11-27 19:47 - 2014-11-27 19:47 - 00000725 _____ () C:\Windows\setupact.log
2014-11-27 19:47 - 2014-11-27 19:47 - 00000117 _____ () C:\Windows\system32\netcfg-21528855.txt
2014-11-27 19:47 - 2014-11-27 19:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-11-27 19:47 - 2014-11-27 19:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-27 19:14 - 2014-11-27 19:14 - 00000117 _____ () C:\Windows\system32\netcfg-19559498.txt
2014-11-27 18:28 - 2014-11-27 18:28 - 00000000 ____D () C:\Users\vasudeva\Downloads\GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-plná-verze
2014-11-27 18:27 - 2014-12-02 09:48 - 06137356 _____ () C:\Users\vasudeva\Downloads\GPS-Navigace-Sygic-Aura-V11.2.6-Android-CZ-plná-verze.rar
2014-11-27 17:25 - 2014-11-27 17:25 - 00000117 _____ () C:\Windows\system32\netcfg-13026348.txt
2014-11-27 17:00 - 2014-11-27 17:00 - 00000000 ____D () C:\Users\vasudeva\Downloads\Aura_Sygic+Mapy_14.3.2_R-118658_CZSK_Android_27.6.2014
2014-11-27 16:46 - 2014-11-27 16:46 - 00000117 _____ () C:\Windows\system32\netcfg-10678642.txt
2014-11-27 16:46 - 2014-11-27 16:46 - 00000117 _____ () C:\Windows\system32\netcfg-10672168.txt
2014-11-27 16:45 - 2014-11-27 16:45 - 00000117 _____ () C:\Windows\system32\netcfg-10666084.txt
2014-11-27 16:13 - 2014-11-27 16:20 - 230328071 _____ () C:\Users\vasudeva\Downloads\Aura_Sygic+Mapy_14.3.2_R-118658_CZSK_Android_27.6.2014.rar
2014-11-27 15:44 - 2014-11-27 15:44 - 00000117 _____ () C:\Windows\system32\netcfg-6953229.txt
2014-11-27 15:31 - 2014-11-27 15:31 - 00000117 _____ () C:\Windows\system32\netcfg-6190821.txt
2014-11-27 15:05 - 2014-11-27 15:05 - 00000156 _____ () C:\Windows\system32\netcfg-4605648.txt
2014-11-27 14:00 - 2014-11-27 14:00 - 00000117 _____ () C:\Windows\system32\netcfg-740427.txt
2014-11-27 13:49 - 2014-11-27 13:49 - 00000117 _____ () C:\Windows\system32\netcfg-50637.txt
2014-11-25 11:26 - 2014-11-25 11:26 - 00000117 _____ () C:\Windows\system32\netcfg-511622360.txt
2014-11-25 11:26 - 2014-11-25 11:26 - 00000117 _____ () C:\Windows\system32\netcfg-511620613.txt
2014-11-24 13:05 - 2014-11-24 13:05 - 00000117 _____ () C:\Windows\system32\netcfg-431130181.txt
2014-11-24 13:01 - 2014-11-24 13:01 - 00000117 _____ () C:\Windows\system32\netcfg-430924681.txt
2014-11-24 12:51 - 2014-11-24 12:51 - 00000117 _____ () C:\Windows\system32\netcfg-430318633.txt
2014-11-24 12:51 - 2014-11-24 12:51 - 00000117 _____ () C:\Windows\system32\netcfg-430310100.txt
2014-11-24 11:30 - 2014-11-24 11:30 - 00000117 _____ () C:\Windows\system32\netcfg-425445786.txt
2014-11-24 11:30 - 2014-11-24 11:30 - 00000117 _____ () C:\Windows\system32\netcfg-425444881.txt
2014-11-23 20:33 - 2014-11-23 20:34 - 00000117 _____ () C:\Windows\system32\netcfg-371642913.txt
2014-11-23 20:33 - 2014-11-23 20:33 - 00000117 _____ () C:\Windows\system32\netcfg-371623038.txt
2014-11-23 20:03 - 2014-11-23 20:03 - 02347384 _____ (ESET) C:\Users\vasudeva\Downloads\esetsmartinstaller_csy.exe
2014-11-23 11:32 - 2014-11-23 11:32 - 00000117 _____ () C:\Windows\system32\netcfg-339140931.txt
2014-11-23 11:32 - 2014-11-23 11:32 - 00000117 _____ () C:\Windows\system32\netcfg-339137733.txt
2014-11-23 11:32 - 2014-11-23 11:32 - 00000117 _____ () C:\Windows\system32\netcfg-339131493.txt
2014-11-23 11:29 - 2014-11-23 11:29 - 00000117 _____ () C:\Windows\system32\netcfg-338967100.txt
2014-11-19 19:02 - 2014-11-19 19:02 - 00000000 ____D () C:\Users\vasudeva\Downloads\vasudev
2014-11-19 17:06 - 2014-11-19 17:26 - 350311710 _____ () C:\Users\vasudeva\Downloads\vasudev.zip
2014-11-19 13:21 - 2014-11-19 13:21 - 00000117 _____ () C:\Windows\system32\netcfg-67096.txt
2014-11-19 13:20 - 2014-11-19 13:20 - 00000117 _____ () C:\Windows\system32\netcfg-38594.txt
2014-11-19 13:13 - 2014-11-19 13:13 - 00000117 _____ () C:\Windows\system32\netcfg-146278034.txt
2014-11-19 13:13 - 2014-11-19 13:13 - 00000117 _____ () C:\Windows\system32\netcfg-146277972.txt
2014-11-18 22:22 - 2014-11-18 22:22 - 00000117 _____ () C:\Windows\system32\netcfg-92788068.txt
2014-11-18 22:22 - 2014-11-18 22:22 - 00000117 _____ () C:\Windows\system32\netcfg-92787865.txt
2014-11-18 07:28 - 2014-11-18 07:28 - 00000117 _____ () C:\Windows\system32\netcfg-39180930.txt
2014-11-18 07:28 - 2014-11-18 07:28 - 00000117 _____ () C:\Windows\system32\netcfg-39180852.txt
2014-11-17 20:37 - 2014-11-17 20:37 - 00000117 _____ () C:\Windows\system32\netcfg-123630.txt
2014-11-17 20:36 - 2014-11-17 20:36 - 00000117 _____ () C:\Windows\system32\netcfg-49046.txt
2014-11-17 20:35 - 2014-12-13 11:52 - 00013774 _____ () C:\Windows\PFRO.log
2014-11-14 07:13 - 2014-12-13 11:12 - 00163881 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 18:07 - 2014-11-13 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-771306773.txt
2014-11-13 18:07 - 2014-11-13 18:07 - 00000117 _____ () C:\Windows\system32\netcfg-771306695.txt
2014-11-13 09:04 - 2014-11-13 09:04 - 00000117 _____ () C:\Windows\system32\netcfg-738737227.txt
2014-11-13 09:04 - 2014-11-13 09:04 - 00000117 _____ () C:\Windows\system32\netcfg-738737134.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 15:32 - 2014-10-16 08:20 - 00000000 ____D () C:\Users\vasudeva\AppData\Roaming\uTorrent
2014-12-13 15:30 - 2014-04-04 19:53 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-13 15:02 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\system32\sru
2014-12-13 11:52 - 2012-07-26 07:04 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-13 11:35 - 2014-01-03 05:15 - 00000000 ____D () C:\Users\vasudeva\AppData\Local\Google
2014-12-13 11:31 - 2012-07-26 05:17 - 00000194 _____ () C:\Windows\win.ini
2014-12-13 11:30 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\system32\GroupPolicy
2014-12-13 11:00 - 2014-01-05 06:12 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-13 11:00 - 2014-01-03 04:51 - 00001128 _____ () C:\Users\vasudeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-13 09:35 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-13 09:31 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-12-13 09:23 - 2014-01-05 06:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-12 21:04 - 2014-01-03 05:15 - 00000000 ____D () C:\Program Files\Google
2014-12-12 13:24 - 2014-10-22 20:41 - 00000000 ____D () C:\Users\vasudeva\Desktop\plakát
2014-12-12 09:51 - 2014-01-03 17:41 - 00000000 ____D () C:\Users\vasudeva\AppData\Local\Adobe
2014-12-11 09:47 - 2014-01-05 06:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-09 21:00 - 2014-01-03 17:42 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-08 09:36 - 2014-01-03 04:51 - 00000000 ____D () C:\Users\vasudeva\AppData\Roaming\Adobe
2014-12-08 09:36 - 2012-07-26 05:43 - 00000000 ___RD () C:\Users\Public
2014-12-07 18:28 - 2014-01-03 04:52 - 01626896 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 19:58 - 2014-01-03 20:04 - 00000000 ____D () C:\Users\vasudeva\AppData\Roaming\vlc
2014-11-27 15:04 - 2012-07-26 07:53 - 00000000 ____D () C:\Windows\system32\NDF

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-13 09:35




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:148.7 GB) (Free:77.04 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:149.04 GB) (Free:58.04 GB) NTFS

Available physical RAM: 1225.67 MB
Total physical RAM: 2046.43 MB
Percentage of memory in use: 40%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 0F550F54)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\vasudeva\Desktop" je 500 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[vava8]

tak ne, oprava....... vyskakuje mi to na všech webovkách. Co teď prosím ?

[vyosek]

Nazebojte, odpalime rucne

Odinstalujte ten STOPzilla!

Chtelo by to nejaky antivir, treba Avast Free

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
  HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
  HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
  HKLM\...\Run: [SBRegRebootCleaner] => "C:\Program Files\STOPzilla!\sbrc.exe"
  HKU\S-1-5-21-3683556855-2863975626-802348343-1001\...\Run: [uTorrent] => C:\Users\vasudeva\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-12-02] (BitTorrent Inc.)
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-3683556855-2863975626-802348343-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  
  FF Extension: innoApp 1.0.1 - C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi [2014-12-12]
  
  S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
  S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
  S1 {d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw; system32\drivers\{d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw.sys [X]
  
  2014-12-13 15:35 - 2014-12-13 15:35 - 00000000 ____D () C:\Users\vasudeva\Desktop\FRST-OlderVersion
  2014-12-13 11:39 - 2014-12-13 11:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
  2014-12-13 11:08 - 2014-12-13 11:53 - 00012008 _____ () C:\zoek-results.log
  2014-12-13 11:05 - 2014-12-13 11:30 - 00000000 ____D () C:\zoek_backup
  2014-12-13 10:58 - 2014-12-13 11:00 - 00000000 ____D () C:\AdwCleaner
  2014-12-13 10:56 - 2014-12-13 10:56 - 01295360 _____ () C:\Users\vasudeva\Desktop\zoek.exe
  2014-12-13 10:52 - 2014-12-13 10:53 - 02166272 _____ () C:\Users\vasudeva\Desktop\adwcleaner_4.105.exe
  2014-12-13 10:17 - 2014-12-13 15:35 - 00006368 _____ () C:\Users\vasudeva\Desktop\FRST.txt
  2014-12-13 10:11 - 2014-12-13 10:11 - 00112107 _____ (forum.viry.cz) C:\Users\vasudeva\Downloads\VerzeOS.exe
  2014-12-12 21:22 - 2014-12-12 21:23 - 00707664 _____ (iS3, Inc.) C:\Users\vasudeva\Downloads\SZSetup_AID10121_AV.exe
  2014-12-12 21:07 - 2014-12-13 09:31 - 00000000 ____D () C:\Program Files\STab
  2014-12-12 21:07 - 2014-12-12 21:07 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
  
  Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[vava8]

........ dobře, tady je fixlog.
Co se týká antiviru, známý říkal že windows defender bohatě stačí, ale jak je vidět na moje aktivity asi ne.....
myslíte že eset má nejvíc smysl?..... já nevím ptám se
mezitím mi běží eset online a našel v 70% cca 34 potencionálně nechtěných
díky moc

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-12-2014
Ran by vasudeva at 2014-12-13 17:43:54 Run:1
Running from C:\Users\vasudeva\Desktop
Loaded Profile: vasudeva (Available profiles: vasudeva)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [SBRegRebootCleaner] => "C:\Program Files\STOPzilla!\sbrc.exe"
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\...\Run: [uTorrent] => C:\Users\vasudeva\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-12-02] (BitTorrent Inc.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

FF Extension: innoApp 1.0.1 - C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi [2014-12-12]

S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
S1 SBRE; \SystemRoot\system32\drivers\SBREDrv.sys [X]
S1 {d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw; system32\drivers\{d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw.sys [X]

2014-12-13 15:35 - 2014-12-13 15:35 - 00000000 ____D () C:\Users\vasudeva\Desktop\FRST-OlderVersion
2014-12-13 11:39 - 2014-12-13 11:05 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-13 11:08 - 2014-12-13 11:53 - 00012008 _____ () C:\zoek-results.log
2014-12-13 11:05 - 2014-12-13 11:30 - 00000000 ____D () C:\zoek_backup
2014-12-13 10:58 - 2014-12-13 11:00 - 00000000 ____D () C:\AdwCleaner
2014-12-13 10:56 - 2014-12-13 10:56 - 01295360 _____ () C:\Users\vasudeva\Desktop\zoek.exe
2014-12-13 10:52 - 2014-12-13 10:53 - 02166272 _____ () C:\Users\vasudeva\Desktop\adwcleaner_4.105.exe
2014-12-13 10:17 - 2014-12-13 15:35 - 00006368 _____ () C:\Users\vasudeva\Desktop\FRST.txt
2014-12-13 10:11 - 2014-12-13 10:11 - 00112107 _____ (forum.viry.cz) C:\Users\vasudeva\Downloads\VerzeOS.exe
2014-12-12 21:22 - 2014-12-12 21:23 - 00707664 _____ (iS3, Inc.) C:\Users\vasudeva\Downloads\SZSetup_AID10121_AV.exe
2014-12-12 21:07 - 2014-12-13 09:31 - 00000000 ____D () C:\Program Files\STab
2014-12-12 21:07 - 2014-12-12 21:07 - 00000000 ____D () C:\ProgramData\IHProtectUpDate

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Hosts:
EmptyTemp:
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SBRegRebootCleaner => value deleted successfully.
HKU\S-1-5-21-3683556855-2863975626-802348343-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3683556855-2863975626-802348343-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\vasudeva\AppData\Roaming\Mozilla\Firefox\Profiles\5c9pjj07.default\Extensions\{7b92ebda-59e4-4459-a904-440931a40b95}.xpi => Moved successfully.
sbapifs => Service deleted successfully.
SBRE => Service deleted successfully.
{d8d147c6-9a7e-4967-99b1-99bc4358c405}Gw => Service deleted successfully.
C:\Users\vasudeva\Desktop\FRST-OlderVersion => Moved successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\vasudeva\Desktop\zoek.exe => Moved successfully.
C:\Users\vasudeva\Desktop\adwcleaner_4.105.exe => Moved successfully.
"C:\Users\vasudeva\Desktop\FRST.txt" => File/Directory not found.
C:\Users\vasudeva\Downloads\VerzeOS.exe => Moved successfully.
C:\Users\vasudeva\Downloads\SZSetup_AID10121_AV.exe => Moved successfully.
C:\Program Files\STab => Moved successfully.
C:\ProgramData\IHProtectUpDate => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 73.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Rekl bych, ze je najde v karantene AdwCleaneru a FRST, pripadne Zoeku. Ale log z nej rad uvidim

ESET je vhodny, ale je placeny, zalezi na Vas, jestli do nej chcete investovat. Avastem urcite nic nezkazite...

[vava8]

super, zdá se že je čisto eset ani avast nic nehlásí, zdá se že vše běží jak má...díky moc
tady jsou soubory z esetu .......hm tak nejsou ale jak jste říkal byli v karanténě toho zoeku
dokonce je i vymazáno? adw,zoek atd..... jen frst zůstal.... super

Jestli to je vše, díky moc, všude vás doporučuju
mějte se good luck do novýho roku
vava

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[vava8]

..... mám otázku.......... pravděpodobně v průběhu čištění byl vyčištěn i koš..... bohužel obsahoval i celkem podstatná data, která nebyla zatím roztříděna.
Je nějaká šance je získat zpět?
Díky

[vyosek]

Booooze, dalsi clovicek co ma z Kose mezistanici - Kos je na bordel, ne na odkladani

Nooo jestli je vytahnem zpatky, to nevim - zkuste Recuvu http://www.stahuj.centrum.cz/utility_a_ ... at/recuva/

[vava8]

...... dobrý dobrý, myslím, že většinu se potdařilo dostat zpět. I spoustu pro mně nesrozumitelných souborů. Prosím jak je mám obnovit do nového adresáře, nerad bych vskřísil nějaké zbytečné zbytky. Děkuji