VIRY.CZ

ahoj, prosím o pomoc, japonské alebo aké znaky na lište, čo je to a čo s tým? dik

http://www.imageupload.co.uk/images/201 ... ozilla.jpg

Zdravim

Dejte na uvod log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

diky, ale mc afee mi nedovoli stiahnut ten launcher, vzdy ho hodi do karanteny, ze trojan :-/

Antivir na chvilku vypněte, je to falešná detekce

dakujem za pomoc, kopirujem sem ten log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015
Ran by zago (administrator) on PESHOZAGO on 12-01-2015 15:59:29
Running from C:\Users\zago\Desktop
Loaded Profile: zago (Available profiles: zago)
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(forum.viry.cz) C:\Users\zago\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\MountPoints2: {fd3a79f0-9634-11e3-be77-9cb654f1d86f} - "G:\Setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {D384A386-6E00-449C-9237-A3883FF0CA8D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {D384A386-6E00-449C-9237-A3883FF0CA8D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-2778095838-2121644172-1127516117-1001 -> {D384A386-6E00-449C-9237-A3883FF0CA8D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 88.212.8.8 88.212.8.88

FireFox:
========
FF ProfilePath: C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default
FF Homepage: www.google.sk
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: DownloadHelper - C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-11-26]
FF Extension: Adblock Plus - C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-10-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-10-29]
FF HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (Disk Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]
CHR Extension: (YouTube) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Hľadať v Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (SiteAdvisor) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-07]
CHR Extension: (Peňaženka Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR Extension: (Gmail) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0219221420480844mcinstcleanup; C:\WINDOWS\TEMP\021922~1.EXE [836168 2014-03-13] (McAfee, Inc.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-11-09] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-18] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 netn150ma; C:\Windows\system32\DRIVERS\netn150ma.sys [1576080 2012-08-01] (Realtek Semiconductor Corporation )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 15:59 - 2015-01-12 15:59 - 00019695 _____ () C:\Users\zago\Desktop\FRST.txt
2015-01-12 15:59 - 2015-01-12 15:59 - 00000000 ____D () C:\FRST
2015-01-12 15:58 - 2015-01-12 15:58 - 00112640 _____ (forum.viry.cz) C:\Users\zago\Desktop\FRSTLauncher.exe
2015-01-12 12:36 - 2015-01-12 12:36 - 02124288 _____ (Farbar) C:\Users\zago\Desktop\FRST64.exe
2015-01-12 06:35 - 2015-01-12 06:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-11 22:05 - 2015-01-11 22:05 - 00000000 ____D () C:\Users\zago\Desktop\clanky
2015-01-05 16:43 - 2015-01-05 16:43 - 00000000 ___SH () C:\DkHyperbootSync
2015-01-05 16:22 - 2015-01-05 16:22 - 00000770 _____ () C:\Users\Public\Desktop\Football Manager 2015.lnk
2015-01-05 16:19 - 2015-01-12 15:56 - 00593698 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-05 16:14 - 2015-01-05 16:14 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-01-05 16:14 - 2015-01-05 16:14 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-05 16:14 - 2015-01-05 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-05 16:14 - 2015-01-05 16:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-05 16:05 - 2015-01-05 16:05 - 04765152 _____ (Piriform Ltd) C:\Users\zago\Downloads\ccsetup411.exe
2014-12-29 22:19 - 2014-12-29 23:12 - 00000000 ____D () C:\Users\zago\Desktop\integrácia
2014-12-27 22:49 - 2014-12-27 22:49 - 00000000 ____D () C:\Users\zago\Downloads\G1341
2014-12-27 16:52 - 2014-12-27 16:52 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-27 16:52 - 2014-12-27 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-27 16:52 - 2014-12-27 16:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 10:28 - 2014-12-20 15:41 - 00000000 ____D () C:\Users\zago\Desktop\Videa na video
2014-12-16 11:06 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-16 11:06 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-16 09:20 - 2014-12-16 09:20 - 07699024 _____ (TeamViewer GmbH) C:\Users\zago\Downloads\TeamViewer_Setup_cs.exe
2014-12-16 09:20 - 2014-12-16 09:20 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-12-16 09:20 - 2014-12-16 09:20 - 00001054 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2014-12-16 09:19 - 2014-12-16 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-12-16 09:19 - 2014-12-16 09:19 - 00000000 ____D () C:\Program Files\McAfee Security Scan

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-12 15:29 - 2014-11-28 09:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-12 15:17 - 2014-06-03 17:54 - 00000964 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 13:42 - 2013-12-31 15:25 - 00000000 ____D () C:\ProgramData\Origin
2015-01-12 13:42 - 2013-12-31 15:25 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-12 13:04 - 2014-11-24 13:04 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{36D98CFE-4161-46E3-B346-B1D1713E25D3}
2015-01-12 12:58 - 2014-01-02 08:22 - 00000000 ____D () C:\Users\zago\AppData\Roaming\vlc
2015-01-12 09:41 - 2014-11-11 14:23 - 00150528 ___SH () C:\Users\zago\Desktop\Thumbs.db
2015-01-12 09:41 - 2014-01-20 09:49 - 00000000 ____D () C:\Users\zago\Desktop\Originals
2015-01-12 09:41 - 2014-01-05 20:19 - 00000000 ____D () C:\Users\zago\AppData\Roaming\PhotoScape
2015-01-12 09:40 - 2014-12-10 20:16 - 00025600 ____H () C:\Users\zago\Desktop\photothumb.db
2015-01-12 07:07 - 2013-12-31 15:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2778095838-2121644172-1127516117-1001
2015-01-12 06:26 - 2014-06-03 17:54 - 00000960 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-11 22:08 - 2014-09-24 06:35 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-10 16:47 - 2014-11-23 19:35 - 00037376 ___SH () C:\Users\zago\Downloads\Thumbs.db
2015-01-10 16:46 - 2014-01-01 15:36 - 00000000 ____D () C:\Filmy
2015-01-10 16:37 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-07 18:00 - 2014-06-18 16:13 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForzago
2015-01-07 18:00 - 2014-06-18 16:13 - 00000348 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForzago.job
2015-01-07 18:00 - 2014-01-01 17:51 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-07 18:00 - 2014-01-01 17:50 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-06 19:42 - 2014-07-09 18:57 - 00000000 ____D () C:\Users\zago\AppData\Roaming\Audacity
2015-01-05 19:00 - 2014-10-29 21:32 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-05 16:30 - 2013-12-31 16:55 - 00000000 ____D () C:\Users\zago\Documents\Sports Interactive
2015-01-05 16:30 - 2013-12-31 16:55 - 00000000 ____D () C:\Users\zago\AppData\Local\Sports Interactive
2015-01-05 16:30 - 2013-12-31 16:55 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive
2015-01-05 16:18 - 2014-01-04 16:52 - 00000000 ____D () C:\hry
2015-01-05 16:17 - 2014-02-18 21:40 - 00000000 ____D () C:\Users\zago\AppData\Roaming\DAEMON Tools Lite
2015-01-05 16:17 - 2013-12-31 16:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-05 16:16 - 2014-11-09 15:36 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-05 16:12 - 2014-11-09 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-05 16:12 - 2014-03-02 09:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-05 16:12 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-05 16:12 - 2013-08-22 15:44 - 00491760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-05 16:12 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-05 16:11 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-18 09:13 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-16 09:21 - 2014-01-13 14:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-12-16 09:19 - 2014-12-11 23:15 - 00001954 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-12-16 09:19 - 2014-12-11 23:15 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-16 09:19 - 2014-01-13 14:17 - 00000000 ____D () C:\Users\zago\AppData\Roaming\TeamViewer

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-05 16:23

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:1847.81 GB) (Free:1650.99 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:13.29 GB) (Free:1.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (CDROM) (Total:1.08 GB) (Free:0 GB) CDFS

Available physical RAM: 4458.07 MB
Total physical RAM: 8133.17 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 1863 GB) (Disk ID: 52CB7798)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 32D709BE)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=73)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForzago.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: McAfee Anti-Virus a Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus a Anti-Spyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\zago\Desktop" je 2644 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Po spusteni probehne stazeni databaze
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

ahoj, tak tu su logy z adw cleaner a pod tym zoek.. co nam to povedalo?

# AdwCleaner v4.107 - Report created 12/01/2015 at 18:28:45
# Updated 07/01/2015 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : zago - PESHOZAGO
# Running from : C:\Users\zago\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
Folder Deleted : C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Folder Deleted : C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKCU\Software\Softonic

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v34.0.5 (x86 cs)

-\\ Google Chrome v39.0.2171.95

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [1329 octets] - [12/01/2015 18:22:19]
AdwCleaner[S0].txt - [1218 octets] - [12/01/2015 18:28:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1278 octets] ##########

Zoek.exe v5.0.0.0 Updated 09-January-2015
Tool run by zago on po 12.01.2015 at 18:35:29,83.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\zago\Downloads\zoek\zoek.exe.com [Scan all users] [Script inserted]

==== System Restore Info ======================

12.1.2015 18:36:25 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\stinger deleted successfully
C:\Users\zago\AppData\Roaming\pyramidak deleted successfully
C:\Users\zago\AppData\Local\Adobe deleted successfully
C:\Users\zago\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\SearchScopes\{D384A386-6E00-449C-9237-A3883FF0CA8D} deleted successfully
HKEY_USERS\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default\prefs.js:
user_pref("browser.startup.homepage", "www.google.sk");

Added to C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\SopCast deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\zago\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [23.11.2014 16:43]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 11:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- Undetermined - {4ED1F68A-5463-4931-9384-8FFF5ED91D92}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default
424899266BA430CCE5DDB6C1B4BE1B99 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll - Shockwave Flash

==== Chromium Look ======================

Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]

SiteAdvisor - zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.bing.com?pc=HPDTDFJS"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zago\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\zago\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\zago\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\zago\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\zago\AppData\Local\Mozilla\Firefox\Profiles\9qom2tk5.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=136 folders=52 41763674 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\zago\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\zago\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on po 12.01.2015 at 18:53:22,77 ======================

Ze se nam to hezky procistilo

Dejte novy log z FRST a docistime

no ja neviem, či sa prečistilo

každopádne, včera som zapol mozillu a tie znaky (aj keď v inej forme), tam boli znova. síce sa to už deje zriedkavejšie, ale stále asi sú. tu je frst a addition

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015 01
Ran by zago (administrator) on PESHOZAGO on 16-01-2015 09:26:16
Running from C:\Users\zago\Desktop\FRST-OlderVersion
Loaded Profiles: zago (Available profiles: zago)
Platform: Windows 8.1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\MountPoints2: {fd3a79f0-9634-11e3-be77-9cb654f1d86f} - "G:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2778095838-2121644172-1127516117-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 88.212.8.8 88.212.8.88

FireFox:
========
FF ProfilePath: C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Extension: Adblock Plus - C:\Users\zago\AppData\Roaming\Mozilla\Firefox\Profiles\9qom2tk5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2014-10-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-10-29]
FF HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-12]
CHR Extension: (Dokumenty Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]
CHR Extension: (YouTube) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]
CHR Extension: (Hľadať v Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]
CHR Extension: (Tabuľky Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-12]
CHR Extension: (SiteAdvisor) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-11-07]
CHR Extension: (Peňaženka Google) - C:\Users\zago\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-14]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154320 2014-12-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-18] (Electronic Arts)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-11-09] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-18] (Disc Soft Ltd)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
S3 netn150ma; C:\Windows\system32\DRIVERS\netn150ma.sys [1576080 2012-08-01] (Realtek Semiconductor Corporation )
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 21:00 - 2015-01-15 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-15 09:02 - 2015-01-15 20:55 - 00000448 _____ () C:\WINDOWS\setupact.log
2015-01-15 09:02 - 2015-01-15 09:02 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-14 20:48 - 2015-01-14 20:48 - 00058345 _____ () C:\Users\zago\Downloads\Cruel-Intentions(0000071995).srt
2015-01-14 20:40 - 2015-01-16 09:26 - 00000000 ____D () C:\Users\zago\Desktop\FRST-OlderVersion
2015-01-14 11:01 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 11:01 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 11:01 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 11:01 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 11:01 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 11:01 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 11:01 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 11:01 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 11:01 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 11:01 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 11:01 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 11:01 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 11:01 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 11:01 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 11:01 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 11:01 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 11:01 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 11:01 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 11:01 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 11:01 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 11:01 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 11:01 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 11:01 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 11:01 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-14 11:01 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-14 10:10 - 2015-01-14 10:53 - 733339648 _____ () C:\Users\zago\Downloads\Cruel-Intentions[1999]DvDrip[Eng]-Stealthmaster.avi
2015-01-12 18:51 - 2014-02-13 23:59 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-12 18:36 - 2015-01-12 18:53 - 00008327 _____ () C:\zoek-results.log
2015-01-12 18:35 - 2015-01-12 18:48 - 00000000 ____D () C:\zoek_backup
2015-01-12 18:33 - 2015-01-12 18:36 - 00000000 ____D () C:\Users\zago\Downloads\zoek
2015-01-12 18:33 - 2015-01-12 18:33 - 00001358 _____ () C:\Users\zago\Desktop\AdwCleaner[S0].txt
2015-01-12 18:30 - 2015-01-15 20:55 - 00003452 _____ () C:\WINDOWS\PFRO.log
2015-01-12 18:22 - 2015-01-12 18:28 - 00000000 ____D () C:\AdwCleaner
2015-01-12 18:20 - 2015-01-12 18:20 - 04279080 _____ () C:\Users\zago\Downloads\zoek.rar
2015-01-12 18:20 - 2015-01-12 18:20 - 02191360 _____ () C:\Users\zago\Desktop\adwcleaner_4.107.exe
2015-01-12 18:20 - 2015-01-12 18:20 - 00000000 _____ () C:\Users\zago\Downloads\zoek.exe
2015-01-12 16:03 - 2015-01-12 16:03 - 00008156 _____ () C:\Users\zago\Desktop\Addition.rar
2015-01-12 16:00 - 2015-01-14 21:22 - 00001025 _____ () C:\Users\zago\Desktop\Addition.txt
2015-01-12 15:59 - 2015-01-16 09:26 - 00000000 ____D () C:\FRST
2015-01-12 15:59 - 2015-01-14 21:18 - 00028406 _____ () C:\Users\zago\Desktop\FRST.txt
2015-01-12 12:36 - 2015-01-14 20:40 - 02125312 _____ (Farbar) C:\Users\zago\Desktop\FRST64.exe
2015-01-11 22:05 - 2015-01-13 17:16 - 00000000 ____D () C:\Users\zago\Desktop\clanky
2015-01-05 16:22 - 2015-01-05 16:22 - 00000770 _____ () C:\Users\Public\Desktop\Football Manager 2015.lnk
2015-01-05 16:19 - 2015-01-16 09:25 - 01203822 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-05 16:14 - 2015-01-05 16:14 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-01-05 16:14 - 2015-01-05 16:14 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-01-05 16:14 - 2015-01-05 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-01-05 16:14 - 2015-01-05 16:14 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-05 16:05 - 2015-01-05 16:05 - 04765152 _____ (Piriform Ltd) C:\Users\zago\Downloads\ccsetup411.exe
2014-12-29 22:19 - 2014-12-29 23:12 - 00000000 ____D () C:\Users\zago\Desktop\integrácia
2014-12-27 22:49 - 2014-12-27 22:49 - 00000000 ____D () C:\Users\zago\Downloads\G1341
2014-12-27 16:52 - 2014-12-27 16:52 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-27 16:52 - 2014-12-27 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-27 16:52 - 2014-12-27 16:52 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 10:28 - 2014-12-20 15:41 - 00000000 ____D () C:\Users\zago\Desktop\Videa na video

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-16 09:25 - 2014-06-03 17:54 - 00000960 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-16 09:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-15 21:01 - 2014-09-24 06:35 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-15 20:55 - 2014-11-09 15:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 20:55 - 2014-10-29 21:32 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-15 20:55 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-15 20:54 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-15 20:29 - 2014-11-28 09:02 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-15 20:19 - 2013-12-31 15:01 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2778095838-2121644172-1127516117-1001
2015-01-15 20:17 - 2014-06-03 17:54 - 00000964 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 15:38 - 2014-11-24 13:04 - 00003970 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{36D98CFE-4161-46E3-B346-B1D1713E25D3}
2015-01-15 14:57 - 2013-12-31 15:25 - 00000000 ____D () C:\ProgramData\Origin
2015-01-15 14:57 - 2013-12-31 15:25 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-15 09:19 - 2014-06-03 17:55 - 00002222 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-15 09:02 - 2014-06-18 16:13 - 00000348 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForzago.job
2015-01-14 22:56 - 2014-01-02 08:22 - 00000000 ____D () C:\Users\zago\AppData\Roaming\vlc
2015-01-14 20:05 - 2014-06-18 16:13 - 00003160 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForzago
2015-01-14 20:05 - 2014-01-01 17:51 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-01-14 20:05 - 2014-01-01 17:50 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-14 13:14 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-14 13:13 - 2014-01-15 13:36 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 13:09 - 2014-01-15 13:36 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 19:29 - 2014-11-28 09:02 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-13 17:16 - 2014-07-09 18:57 - 00000000 ____D () C:\Users\zago\AppData\Roaming\Audacity
2015-01-12 22:03 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-12 18:31 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-12 09:41 - 2014-11-11 14:23 - 00150528 ___SH () C:\Users\zago\Desktop\Thumbs.db
2015-01-12 09:41 - 2014-01-20 09:49 - 00000000 ____D () C:\Users\zago\Desktop\Originals
2015-01-12 09:41 - 2014-01-05 20:19 - 00000000 ____D () C:\Users\zago\AppData\Roaming\PhotoScape
2015-01-12 09:40 - 2014-12-10 20:16 - 00025600 ____H () C:\Users\zago\Desktop\photothumb.db
2015-01-10 16:47 - 2014-11-23 19:35 - 00037376 ___SH () C:\Users\zago\Downloads\Thumbs.db
2015-01-10 16:46 - 2014-01-01 15:36 - 00000000 ____D () C:\Filmy
2015-01-06 01:08 - 2014-09-24 09:25 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-06 01:08 - 2014-09-24 09:25 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-05 16:30 - 2013-12-31 16:55 - 00000000 ____D () C:\Users\zago\Documents\Sports Interactive
2015-01-05 16:30 - 2013-12-31 16:55 - 00000000 ____D () C:\Users\zago\AppData\Local\Sports Interactive
2015-01-05 16:30 - 2013-12-31 16:55 - 00000000 ____D () C:\Users\Public\Documents\Sports Interactive
2015-01-05 16:18 - 2014-01-04 16:52 - 00000000 ____D () C:\hry
2015-01-05 16:17 - 2014-02-18 21:40 - 00000000 ____D () C:\Users\zago\AppData\Roaming\DAEMON Tools Lite
2015-01-05 16:17 - 2013-12-31 16:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-05 16:16 - 2014-11-09 15:36 - 00000000 ___DC () C:\WINDOWS\Panther
2015-01-05 16:12 - 2014-03-02 09:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-05 16:12 - 2013-08-22 15:44 - 00491760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-15 19:26

==================== End Of Log ============================

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\MountPoints2: {fd3a79f0-9634-11e3-be77-9cb654f1d86f} - "G:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS	
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

2015-01-14 20:40 - 2015-01-16 09:26 - 00000000 ____D () C:\Users\zago\Desktop\FRST-OlderVersion
2015-01-12 18:51 - 2014-02-13 23:59 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-12 18:36 - 2015-01-12 18:53 - 00008327 _____ () C:\zoek-results.log
2015-01-12 18:35 - 2015-01-12 18:48 - 00000000 ____D () C:\zoek_backup
2015-01-12 18:33 - 2015-01-12 18:36 - 00000000 ____D () C:\Users\zago\Downloads\zoek
2015-01-12 18:33 - 2015-01-12 18:33 - 00001358 _____ () C:\Users\zago\Desktop\AdwCleaner[S0].txt
2015-01-12 18:30 - 2015-01-15 20:55 - 00003452 _____ () C:\WINDOWS\PFRO.log
2015-01-12 18:22 - 2015-01-12 18:28 - 00000000 ____D () C:\AdwCleaner
2015-01-12 18:20 - 2015-01-12 18:20 - 04279080 _____ () C:\Users\zago\Downloads\zoek.rar
2015-01-12 18:20 - 2015-01-12 18:20 - 02191360 _____ () C:\Users\zago\Desktop\adwcleaner_4.107.exe
2015-01-12 18:20 - 2015-01-12 18:20 - 00000000 _____ () C:\Users\zago\Downloads\zoek.exe
2015-01-12 16:03 - 2015-01-12 16:03 - 00008156 _____ () C:\Users\zago\Desktop\Addition.rar
2015-01-12 16:00 - 2015-01-14 21:22 - 00001025 _____ () C:\Users\zago\Desktop\Addition.txt
2015-01-12 15:59 - 2015-01-14 21:18 - 00028406 _____ () C:\Users\zago\Desktop\FRST.txt

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForzago.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Hosts:
EmptyTemp:
Reboot:
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

hotovo, tento fix mi zmazal vsetky textove dokumenty, ktore predtym frst vytvoril (addition a tak:) aspon vycistena plocha heeh.. tu je fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-01-2015
Ran by zago at 2015-01-18 08:44:02 Run:1
Running from C:\Users\zago\Desktop
Loaded Profiles: zago (Available profiles: zago)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\...\MountPoints2: {fd3a79f0-9634-11e3-be77-9cb654f1d86f} - "G:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path

2015-01-14 20:40 - 2015-01-16 09:26 - 00000000 ____D () C:\Users\zago\Desktop\FRST-OlderVersion
2015-01-12 18:51 - 2014-02-13 23:59 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2015-01-12 18:36 - 2015-01-12 18:53 - 00008327 _____ () C:\zoek-results.log
2015-01-12 18:35 - 2015-01-12 18:48 - 00000000 ____D () C:\zoek_backup
2015-01-12 18:33 - 2015-01-12 18:36 - 00000000 ____D () C:\Users\zago\Downloads\zoek
2015-01-12 18:33 - 2015-01-12 18:33 - 00001358 _____ () C:\Users\zago\Desktop\AdwCleaner[S0].txt
2015-01-12 18:30 - 2015-01-15 20:55 - 00003452 _____ () C:\WINDOWS\PFRO.log
2015-01-12 18:22 - 2015-01-12 18:28 - 00000000 ____D () C:\AdwCleaner
2015-01-12 18:20 - 2015-01-12 18:20 - 04279080 _____ () C:\Users\zago\Downloads\zoek.rar
2015-01-12 18:20 - 2015-01-12 18:20 - 02191360 _____ () C:\Users\zago\Desktop\adwcleaner_4.107.exe
2015-01-12 18:20 - 2015-01-12 18:20 - 00000000 _____ () C:\Users\zago\Downloads\zoek.exe
2015-01-12 16:03 - 2015-01-12 16:03 - 00008156 _____ () C:\Users\zago\Desktop\Addition.rar
2015-01-12 16:00 - 2015-01-14 21:22 - 00001025 _____ () C:\Users\zago\Desktop\Addition.txt
2015-01-12 15:59 - 2015-01-14 21:18 - 00028406 _____ () C:\Users\zago\Desktop\FRST.txt

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForzago.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value deleted successfully.
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fd3a79f0-9634-11e3-be77-9cb654f1d86f}" => Key deleted successfully.
HKCR\CLSID\{fd3a79f0-9634-11e3-be77-9cb654f1d86f} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2778095838-2121644172-1127516117-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho" => Key deleted successfully.
C:\Users\zago\Desktop\FRST-OlderVersion => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\zago\Downloads\zoek => Moved successfully.
C:\Users\zago\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\WINDOWS\PFRO.log => Moved successfully.
C:\AdwCleaner => Moved successfully.
"C:\Users\zago\Downloads\zoek.rar" => File/Directory not found.
C:\Users\zago\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Users\zago\Downloads\zoek.exe => Moved successfully.
C:\Users\zago\Desktop\Addition.rar => Moved successfully.
C:\Users\zago\Desktop\Addition.txt => Moved successfully.
C:\Users\zago\Desktop\FRST.txt => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\HPCeeScheduleForzago.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 830.4 MB temporary data.

The system needed a reboot.

==== End of Fixlog 08:45:34 ====

Ty logy bychom stejne mazali, uklizeli...

Jak se chova PC, muzem uklidit po vsech utilitach???

žiaľ, stále tie znaky mám. spravím vám screenshot? raz sú hore na lište úplne a znemožnia mi klikanie na záložky, potom sú vpravo namiesto vyhľadávacieho riadku google a raz len v malom počte zavadzajú. a inokedy nie sú vôbec

Je tento problem jen ve Firefoxu???

asi áno, iné prehliadače nepoužívam, chrome iba na pár minút denne, ale tam si to nepamätám. môžem skúsiť prejsť na test dlhšie naň, alebo ideme rovno riešiť firefox?

VIRY.CZ

je to vírus?

je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?

Re: je to vírus?