FRST log, plné PC reklam

[Cizap]

Ahoj, dobrý den, brácha dal mámě jeho notebook a ta nějakym způsobem do něj dostala svinstvo, který pořád vyskakuje. Všim jsem si, že to ani nemá antivir. Posílám log z FRST + Addition a chci se zeptat, když už to ten antivir teď nemá, mám ho nainstalovat hned nebo až mi zde přítomní dobří profesionálové pomohou s očistou? (nic kromě čištění na notebooku dělat nebudu do tý doby než to bude OK). Předem díky za další vyhnutí se formátu



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015
Ran by monika (administrator) on OKAYOKAY-PC on 12-01-2015 17:16:03
Running from C:\Users\okay\Desktop
Loaded Profile: monika (Available profiles: UpdatusUser & monika)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\ProgramData\Trusted Publisher\GS_Booster\GS_Booster.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-15] (Facebook Inc.)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\okay\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\okay\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_Plugin.exe [855216 2014-12-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\MountPoints2: {20d73094-08d4-11e4-bea3-0c8bfda71d62} - "F:\AutoRun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~2\GS_BOO~1\ASSIST~2.DLL => C:\Program Files (x86)\GS_Booster\Assistant_x64.dll [4210176 2014-10-15] ()
AppInit_DLLs-x32: c:\progra~2\gs_boo~1\assist~1.dll => c:\Program Files (x86)\GS_Booster\Assistant.dll [4296192 2014-10-15] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... 3DHPNTDFJS
SearchScopes: HKLM -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {16D6C0D2-9AF7-4B79-9FDA-3EBADBB0FBAE} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {216DACCE-AA58-4BD8-BF97-26DB465DD909} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {52984663-9A5C-45EA-B2DF-4296ECADB55C} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {56164DD0-178A-4969-A77E-0D18A5F86C70} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {577A65F0-2F16-4369-A07C-CD25195EFD1A} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {6DA0421E-3DAC-4A6D-A91F-C2158AE1FA80} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {9A84988C-B53D-41D6-AC5D-B36188C0C7FA} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {BC3CB74A-EBB9-4DDC-B6ED-538C6536650F} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {FEB813F7-A936-4DE7-9431-E18B6764BC16} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.x64.dll ()
BHO: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.x64.dll ()
BHO-x32: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.dll ()
BHO-x32: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.dll ()
Toolbar: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default
FF Homepage: hxxp://search.gboxapp.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3557792768-1499479723-1793385996-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\okay\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3557792768-1499479723-1793385996-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\okay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: duollarkeepere - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\cWfG8A@E.edu [2015-01-11]
FF Extension: adssya - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\Ht@pvvd.net [2015-01-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-08]
CHR Extension: (Disk Google) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-08]
CHR Extension: (YouTube) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-08]
CHR Extension: (Taskforce) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbfnafnalfjconpgenohfidcaeibkoc [2015-01-11]
CHR Extension: (Skype Click to Call) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-08-06]
CHR Extension: (Peněženka Google) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Gmail) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-08]
CHR Extension: (dollARkeEpErr) - C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej\ [2014-04-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 4d349a54; c:\Program Files (x86)\GS_Booster\AssistantSvc.dll [174928 2014-10-15] () [File not signed]
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-08-11] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2014-01-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-08-11] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-01] (Motorola Solutions, Inc.)
S3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2014-01-12] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-08-11] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3610592 2014-01-28] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows (R) Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-19] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 17:16 - 2015-01-12 17:16 - 00022014 _____ () C:\Users\okay\Desktop\FRST.txt
2015-01-12 17:15 - 2015-01-12 17:16 - 00000000 ____D () C:\FRST
2015-01-12 17:11 - 2015-01-12 17:11 - 00000000 ____D () C:\Users\okay\Downloads\2eczu
2015-01-12 17:09 - 2015-01-12 17:09 - 00112640 _____ (forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe
2015-01-12 17:08 - 2015-01-12 17:09 - 02124288 _____ (Farbar) C:\Users\okay\Desktop\FRST64.exe
2015-01-11 12:15 - 2015-01-11 12:16 - 00000000 ____D () C:\ProgramData\7sAvue
2015-01-11 11:56 - 2015-01-11 11:56 - 00000000 ____D () C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej
2015-01-09 18:41 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\RRegUlarDeoalus
2015-01-09 18:41 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\IsaveR
2014-12-24 21:10 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\7save
2014-12-24 21:09 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\takeoorLeavve
2014-12-19 17:51 - 2015-01-06 15:38 - 00000970 _____ () C:\WINDOWS\setupact.log
2014-12-19 17:51 - 2014-12-19 17:51 - 00000000 __SHD () C:\Users\okay\AppData\Local\EmieBrowserModeList
2014-12-19 17:51 - 2014-12-19 17:51 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-12-19 17:07 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\shoppi
2014-12-19 17:06 - 2014-12-19 17:52 - 00000000 ____D () C:\ProgramData\adsy
2014-12-19 04:25 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-19 04:25 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-19 04:24 - 2014-12-19 04:24 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-12-19 04:24 - 2014-12-19 04:24 - 00000600 _____ () C:\WINDOWS\PFRO.log
2014-12-19 04:22 - 2014-12-19 04:22 - 00000000 ____D () C:\WINDOWS\system32\appraiser

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 17:14 - 2014-06-30 10:51 - 00000000 ____D () C:\Users\okay\AppData\Roaming\vlc
2015-01-12 17:02 - 2014-01-15 22:23 - 00000000 ____D () C:\Users\okay\AppData\Roaming\Skype
2015-01-12 17:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-01-12 17:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-12 16:33 - 2014-04-02 14:10 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-12 16:23 - 2014-08-24 18:48 - 01386325 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-12 16:20 - 2014-01-15 22:15 - 00000948 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job
2015-01-12 16:18 - 2014-04-08 07:02 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-11 20:11 - 2013-12-14 08:13 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3557792768-1499479723-1793385996-1002
2015-01-11 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-11 12:16 - 2014-10-15 07:28 - 00000000 ____D () C:\ProgramData\9204fb8caea7c8c7
2015-01-09 22:20 - 2014-01-15 22:15 - 00000926 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job
2014-12-31 12:14 - 2014-04-16 09:33 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-30 11:18 - 2014-04-08 07:02 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-24 21:03 - 2014-10-15 07:28 - 00000000 ____D () C:\Program Files (x86)\GOSAve
2014-12-24 11:38 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 17:51 - 2014-02-11 22:21 - 00000000 ____D () C:\Users\okay\Documents\Youcam
2014-12-19 17:07 - 2014-11-28 21:37 - 00000000 ____D () C:\ProgramData\RoboSaver
2014-12-19 17:07 - 2014-11-05 14:29 - 00000000 ____D () C:\ProgramData\FindBestDeal
2014-12-19 17:07 - 2014-10-29 10:03 - 00000000 ____D () C:\ProgramData\SaverExtension
2014-12-19 17:07 - 2014-10-22 16:47 - 00000000 ____D () C:\ProgramData\BitSaavuer
2014-12-19 12:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-19 04:26 - 2014-10-15 07:29 - 00000502 ____H () C:\WINDOWS\Tasks\GS_Booster-S-576482620.job
2014-12-19 04:24 - 2014-04-28 23:25 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-12-19 04:24 - 2014-04-01 08:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-19 04:24 - 2014-03-27 19:03 - 00065536 _____ () C:\WINDOWS\system32\Ikeext.etl
2014-12-19 04:24 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-19 04:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-19 04:22 - 2014-07-10 15:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-19 04:22 - 2014-01-16 20:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-19 04:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-19 04:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-19 04:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-19 04:19 - 2014-01-16 20:54 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GS_Booster-S-576482620.job => c:\programdata\trusted publisher\gs_booster\GS_Booster.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\okay\OneDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\okay\Desktop" je 65124 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[altrok]

Zdravim

Pokud nepouzivate, odinstalujte Seznam Software. Je aktivni Windows Defender (byt srovnavacimi testy neprochazi s nejlepsimi vysledky). Po docisteni ho muzete nahradit napr. avastem.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[Cizap]

Zde:

# AdwCleaner v4.107 - Report created 12/01/2015 at 18:11:52
# Updated 07/01/2015 by Xplode
# Database : 2014-12-21.4 [Local]
# Operating System : Windows 8.1 (64 bits)
# Username : monika - OKAYOKAY-PC
# Running from : C:\Users\okay\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : 4d349a54

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\BlockIt Ad remover
Folder Deleted : C:\ProgramData\Isaver
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\GoSave
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\BitSaavuer
Folder Deleted : C:\ProgramData\FindBestDeal
Folder Deleted : C:\ProgramData\RoboSaver
Folder Deleted : C:\ProgramData\RRegUlarDeoalus
Folder Deleted : C:\ProgramData\SaverExtension
Folder Deleted : C:\ProgramData\9204fb8caea7c8c7
Folder Deleted : C:\Program Files (x86)\GS_Booster
Folder Deleted : C:\Program Files (x86)\GoSave
Folder Deleted : C:\Users\okay\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\okay\AppData\Local\torch
Folder Deleted : C:\Users\okay\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

***** [ Scheduled Tasks ] *****

Task Deleted : GS_Booster-S-576482620

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Classes\P5b6401f5_5685_4d60_8085_8041fc66c750_.P5b6401f5_5685_4d60_8085_8041fc66c750_
Key Deleted : HKLM\SOFTWARE\Classes\P5b6401f5_5685_4d60_8085_8041fc66c750_.P5b6401f5_5685_4d60_8085_8041fc66c750_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pb34b1359_ceeb_4175_9d3e_f30c37c58957_.Pb34b1359_ceeb_4175_9d3e_f30c37c58957_
Key Deleted : HKLM\SOFTWARE\Classes\Pb34b1359_ceeb_4175_9d3e_f30c37c58957_.Pb34b1359_ceeb_4175_9d3e_f30c37c58957_.9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-576482620
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{4d349a54}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2c9b5db1-23a4-4783-9fc8-cfc6d6fdc667}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3b449e52-8bd3-45e5-9cab-cd601d4504bf}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3ddcb9c0-8db8-408d-8f9e-0db0701f22d5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5b6401f5-5685-4d60-8085-8041fc66c750}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7617bb65-7dca-4cf8-b37b-e3aca03ab471}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{abb91c07-56ab-4673-ad22-795f6612e1e6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b34b1359-ceeb-4175-9d3e-f30c37c58957}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2c9b5db1-23a4-4783-9fc8-cfc6d6fdc667}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3b449e52-8bd3-45e5-9cab-cd601d4504bf}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ddcb9c0-8db8-408d-8f9e-0db0701f22d5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7617bb65-7dca-4cf8-b37b-e3aca03ab471}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{abb91c07-56ab-4673-ad22-795f6612e1e6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2c9b5db1-23a4-4783-9fc8-cfc6d6fdc667}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3b449e52-8bd3-45e5-9cab-cd601d4504bf}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3ddcb9c0-8db8-408d-8f9e-0db0701f22d5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7617bb65-7dca-4cf8-b37b-e3aca03ab471}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{abb91c07-56ab-4673-ad22-795f6612e1e6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2c9b5db1-23a4-4783-9fc8-cfc6d6fdc667}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3b449e52-8bd3-45e5-9cab-cd601d4504bf}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3ddcb9c0-8db8-408d-8f9e-0db0701f22d5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5b6401f5-5685-4d60-8085-8041fc66c750}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7617bb65-7dca-4cf8-b37b-e3aca03ab471}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{abb91c07-56ab-4673-ad22-795f6612e1e6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b34b1359-ceeb-4175-9d3e-f30c37c58957}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2c9b5db1-23a4-4783-9fc8-cfc6d6fdc667}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3b449e52-8bd3-45e5-9cab-cd601d4504bf}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3ddcb9c0-8db8-408d-8f9e-0db0701f22d5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5b6401f5-5685-4d60-8085-8041fc66c750}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7617bb65-7dca-4cf8-b37b-e3aca03ab471}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{abb91c07-56ab-4673-ad22-795f6612e1e6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{b34b1359-ceeb-4175-9d3e-f30c37c58957}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\GS_Booster
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F1422DAA-0829-09A1-7536-73936CAB8FFA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\gs_boo~1\assist~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\GS_BOO~1\ASSIST~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [First Home Page]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[2jgflush.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
[2jgflush.default\prefs.js] - Line Deleted : user_pref("extensions.43y5dsYwO21kc0V4.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\[...]
[2jgflush.default\prefs.js] - Line Deleted : user_pref("extensions.5LrJE7VPADD5W5uu.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[2jgflush.default\prefs.js] - Line Deleted : user_pref("extensions.bDWtwQsihWhhRA9z.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[2jgflush.default\prefs.js] - Line Deleted : user_pref("extensions.kDyxZyFs36LZSghZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[2jgflush.default\prefs.js] - Line Deleted : user_pref("extensions.uaAFSZRHjwMDQiiZ.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[2jgflush.default\prefs.js] - Line Deleted : user_pref("extensions.yuJyxs9t0Y8BwHnW.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]

-\\ Google Chrome v37.0.2062.124

[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://search.gboxapp.com/
[C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://search.gboxapp.com/

-\\ Comodo Dragon v


*************************

AdwCleaner[R0].txt - [11175 octets] - [12/01/2015 18:09:56]
AdwCleaner[S0].txt - [10056 octets] - [12/01/2015 18:11:52]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10117 octets] ##########

[altrok]

Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Cizap]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015
Ran by monika (administrator) on OKAYOKAY-PC on 12-01-2015 19:15:29
Running from C:\Users\okay\Desktop
Loaded Profile: monika (Available profiles: UpdatusUser & monika)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-15] (Facebook Inc.)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\MountPoints2: {20d73094-08d4-11e4-bea3-0c8bfda71d62} - "F:\AutoRun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {FEB813F7-A936-4DE7-9431-E18B6764BC16} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.x64.dll ()
BHO: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.x64.dll ()
BHO-x32: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.dll ()
BHO-x32: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.dll ()
Toolbar: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3557792768-1499479723-1793385996-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\okay\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3557792768-1499479723-1793385996-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\okay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: duollarkeepere - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\cWfG8A@E.edu [2015-01-11]
FF Extension: adssya - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\Ht@pvvd.net [2015-01-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-08]
CHR Extension: (Disk Google) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-08]
CHR Extension: (YouTube) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-08]
CHR Extension: (Taskforce) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbfnafnalfjconpgenohfidcaeibkoc [2015-01-11]
CHR Extension: (Peněženka Google) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Gmail) - C:\Users\okay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-08]
CHR Extension: (dollARkeEpErr) - C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej\ [2014-04-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-05-28] (Intel)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-08-11] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2014-01-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-08-11] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-08] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-21] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2014-01-08] (Intel® Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-08-01] (Motorola Solutions, Inc.)
S3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [113096 2014-01-12] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-08-11] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3610592 2014-01-28] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew02.sys [3648480 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-04-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-11] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [206744 2013-05-28] (Windows (R) Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-12] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 18:14 - 2015-01-12 18:14 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-01-12 18:09 - 2015-01-12 18:12 - 00000000 ____D () C:\AdwCleaner
2015-01-12 18:08 - 2015-01-12 18:08 - 02191360 _____ () C:\Users\okay\Desktop\adwcleaner_4.107.exe
2015-01-12 17:23 - 2015-01-12 17:23 - 00006574 _____ () C:\Users\okay\Desktop\Addition.rar
2015-01-12 17:16 - 2015-01-12 19:16 - 00019144 _____ () C:\Users\okay\Desktop\FRST.txt
2015-01-12 17:15 - 2015-01-12 19:15 - 00000000 ____D () C:\FRST
2015-01-12 17:11 - 2015-01-12 17:11 - 00000000 ____D () C:\Users\okay\Downloads\2eczu
2015-01-12 17:09 - 2015-01-12 17:09 - 00112640 _____ (forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe
2015-01-12 17:08 - 2015-01-12 17:09 - 02124288 _____ (Farbar) C:\Users\okay\Desktop\FRST64.exe
2015-01-11 12:15 - 2015-01-11 12:16 - 00000000 ____D () C:\ProgramData\7sAvue
2015-01-11 11:56 - 2015-01-11 11:56 - 00000000 ____D () C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej
2014-12-24 21:10 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\7save
2014-12-24 21:09 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\takeoorLeavve
2014-12-19 17:51 - 2015-01-06 15:38 - 00000970 _____ () C:\WINDOWS\setupact.log
2014-12-19 17:51 - 2014-12-19 17:51 - 00000000 __SHD () C:\Users\okay\AppData\Local\EmieBrowserModeList
2014-12-19 17:51 - 2014-12-19 17:51 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-12-19 17:07 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\shoppi
2014-12-19 17:06 - 2014-12-19 17:52 - 00000000 ____D () C:\ProgramData\adsy
2014-12-19 04:25 - 2014-11-26 22:10 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-19 04:25 - 2014-11-26 22:10 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-19 04:24 - 2015-01-12 18:13 - 00001864 _____ () C:\WINDOWS\PFRO.log
2014-12-19 04:22 - 2014-12-19 04:22 - 00000000 ____D () C:\WINDOWS\system32\appraiser

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-12 19:14 - 2014-01-15 22:23 - 00000000 ____D () C:\Users\okay\AppData\Roaming\Skype
2015-01-12 19:06 - 2014-08-24 18:48 - 01447420 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-12 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-12 18:33 - 2014-04-02 14:10 - 00000914 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-12 18:18 - 2014-04-08 07:02 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-12 18:14 - 2014-04-28 23:25 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-01-12 18:14 - 2014-04-08 07:02 - 00000968 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-12 18:13 - 2014-03-27 19:03 - 00065536 _____ () C:\WINDOWS\system32\Ikeext.etl
2015-01-12 18:13 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-12 18:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-12 18:06 - 2014-02-15 19:08 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-01-12 18:06 - 2014-02-15 19:07 - 00000000 ____D () C:\Users\okay\AppData\Roaming\Seznam.cz
2015-01-12 17:14 - 2014-06-30 10:51 - 00000000 ____D () C:\Users\okay\AppData\Roaming\vlc
2015-01-12 17:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-01-12 16:20 - 2014-01-15 22:15 - 00000948 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job
2015-01-11 20:11 - 2013-12-14 08:13 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3557792768-1499479723-1793385996-1002
2015-01-11 20:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-09 22:20 - 2014-01-15 22:15 - 00000926 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job
2014-12-31 12:14 - 2014-04-16 09:33 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-24 11:38 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 17:51 - 2014-02-11 22:21 - 00000000 ____D () C:\Users\okay\Documents\Youcam
2014-12-19 12:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-19 04:24 - 2014-04-01 08:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-19 04:22 - 2014-07-10 15:32 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-19 04:22 - 2014-01-16 20:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-19 04:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-19 04:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-19 04:22 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-19 04:19 - 2014-01-16 20:54 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\okay\AppData\Local\Temp\Quarantine.exe
C:\Users\okay\AppData\Local\Temp\sqlite3.dll
C:\Users\okay\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-12 18:24




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows) (Fixed) (Total:909.95 GB) (Free:789.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:20.01 GB) (Free:1.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 5901.42 MB
Total physical RAM: 7962.15 MB
Percentage of memory in use: 25%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 931.5 GB) (Disk ID: 9524F76F)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\okay\OneDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\okay\Desktop" je 65127 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[altrok]

Velikost plochy by nemela presahovat 200 MB. Snizuje se pak start i samotny chod celeho PC.

Pokud nepouzivate, odinstalujte Skype Click to Call

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
  HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-15] (Facebook Inc.)
  HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\MountPoints2: {20d73094-08d4-11e4-bea3-0c8bfda71d62} - "F:\AutoRun.exe" 
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  SearchScopes: HKLM -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
  SearchScopes: HKLM-x32 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
  SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {FEB813F7-A936-4DE7-9431-E18B6764BC16} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
  BHO: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.x64.dll ()
  BHO: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.x64.dll ()
  BHO-x32: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.dll ()
  BHO-x32: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.dll ()
  Toolbar: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
  
  FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
  FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
  FF Extension: duollarkeepere - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\cWfG8A@E.edu [2015-01-11]
  FF Extension: adssya - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\Ht@pvvd.net [2015-01-11]
  CHR dev: Chrome dev build detected! <======= ATTENTION
  CHR Extension: (dollARkeEpErr) - C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej\ [2014-04-08]
  
  2015-01-12 18:14 - 2015-01-12 18:14 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
  2015-01-12 18:09 - 2015-01-12 18:12 - 00000000 ____D () C:\AdwCleaner
  2015-01-12 18:08 - 2015-01-12 18:08 - 02191360 _____ () C:\Users\okay\Desktop\adwcleaner_4.107.exe
  2015-01-12 17:23 - 2015-01-12 17:23 - 00006574 _____ () C:\Users\okay\Desktop\Addition.rar
  2015-01-12 17:16 - 2015-01-12 19:16 - 00019144 _____ () C:\Users\okay\Desktop\FRST.txt
  2015-01-12 17:09 - 2015-01-12 17:09 - 00112640 _____ (forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe
  2015-01-11 12:15 - 2015-01-11 12:16 - 00000000 ____D () C:\ProgramData\7sAvue
  2015-01-11 11:56 - 2015-01-11 11:56 - 00000000 ____D () C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej
  2014-12-24 21:10 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\7save
  2014-12-24 21:09 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\takeoorLeavve
  2014-12-19 17:07 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\shoppi
  2014-12-19 17:06 - 2014-12-19 17:52 - 00000000 ____D () C:\ProgramData\adsy
  2015-01-12 18:06 - 2014-02-15 19:08 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
  2015-01-12 18:06 - 2014-02-15 19:07 - 00000000 ____D () C:\Users\okay\AppData\Roaming\Seznam.cz
  
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  C:\ProgramData\7sAvue
  C:\ProgramData\Shoppi
  Hosts:
  EmptyTemp:
  End
  

[Cizap]

Tak vypadá to že plochu jsem již vyřešil (ale až po fixu) a log je zde:


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-01-2015
Ran by monika at 2015-01-12 19:56:14 Run:1
Running from C:\Users\okay\Desktop
Loaded Profile: monika (Available profiles: UpdatusUser & monika)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\Run: [Facebook Update] => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-15] (Facebook Inc.)
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\...\MountPoints2: {20d73094-08d4-11e4-bea3-0c8bfda71d62} - "F:\AutoRun.exe"
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKLM -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {956D519B-84FA-4151-A8C3-A759375AAF4D} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> {FEB813F7-A936-4DE7-9431-E18B6764BC16} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.x64.dll ()
BHO: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.x64.dll ()
BHO-x32: 7sAvue -> {05addbf4-7c84-43e8-8912-3689590313de} -> C:\ProgramData\7sAvue\TWRIFP1758I5fy.dll ()
BHO-x32: Shoppi -> {8e9eb9cf-6c62-4695-9111-fa615d92a80e} -> C:\ProgramData\Shoppi\UoZSpYfs0uXNFm.dll ()
Toolbar: HKU\S-1-5-21-3557792768-1499479723-1793385996-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Extension: duollarkeepere - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\cWfG8A@E.edu [2015-01-11]
FF Extension: adssya - C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\Ht@pvvd.net [2015-01-11]
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (dollARkeEpErr) - C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej\ [2014-04-08]

2015-01-12 18:14 - 2015-01-12 18:14 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-01-12 18:09 - 2015-01-12 18:12 - 00000000 ____D () C:\AdwCleaner
2015-01-12 18:08 - 2015-01-12 18:08 - 02191360 _____ () C:\Users\okay\Desktop\adwcleaner_4.107.exe
2015-01-12 17:23 - 2015-01-12 17:23 - 00006574 _____ () C:\Users\okay\Desktop\Addition.rar
2015-01-12 17:16 - 2015-01-12 19:16 - 00019144 _____ () C:\Users\okay\Desktop\FRST.txt
2015-01-12 17:09 - 2015-01-12 17:09 - 00112640 _____ (forum.viry.cz) C:\Users\okay\Desktop\FRSTLauncher.exe
2015-01-11 12:15 - 2015-01-11 12:16 - 00000000 ____D () C:\ProgramData\7sAvue
2015-01-11 11:56 - 2015-01-11 11:56 - 00000000 ____D () C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej
2014-12-24 21:10 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\7save
2014-12-24 21:09 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\takeoorLeavve
2014-12-19 17:07 - 2015-01-11 11:57 - 00000000 ____D () C:\ProgramData\shoppi
2014-12-19 17:06 - 2014-12-19 17:52 - 00000000 ____D () C:\ProgramData\adsy
2015-01-12 18:06 - 2014-02-15 19:08 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-01-12 18:06 - 2014-02-15 19:07 - 00000000 ____D () C:\Users\okay\AppData\Roaming\Seznam.cz

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job => C:\Users\okay\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\ProgramData\7sAvue
C:\ProgramData\Shoppi
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value deleted successfully.
"HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{20d73094-08d4-11e4-bea3-0c8bfda71d62}" => Key deleted successfully.
HKCR\CLSID\{20d73094-08d4-11e4-bea3-0c8bfda71d62} => Key not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{956D519B-84FA-4151-A8C3-A759375AAF4D}" => Key deleted successfully.
HKCR\CLSID\{956D519B-84FA-4151-A8C3-A759375AAF4D} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{956D519B-84FA-4151-A8C3-A759375AAF4D}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{956D519B-84FA-4151-A8C3-A759375AAF4D} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{956D519B-84FA-4151-A8C3-A759375AAF4D}" => Key deleted successfully.
HKCR\CLSID\{956D519B-84FA-4151-A8C3-A759375AAF4D} => Key not found.
"HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FEB813F7-A936-4DE7-9431-E18B6764BC16}" => Key deleted successfully.
HKCR\CLSID\{FEB813F7-A936-4DE7-9431-E18B6764BC16} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05addbf4-7c84-43e8-8912-3689590313de}" => Key deleted successfully.
"HKCR\CLSID\{05addbf4-7c84-43e8-8912-3689590313de}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8e9eb9cf-6c62-4695-9111-fa615d92a80e}" => Key deleted successfully.
"HKCR\CLSID\{8e9eb9cf-6c62-4695-9111-fa615d92a80e}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05addbf4-7c84-43e8-8912-3689590313de}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{05addbf4-7c84-43e8-8912-3689590313de}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8e9eb9cf-6c62-4695-9111-fa615d92a80e}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{8e9eb9cf-6c62-4695-9111-fa615d92a80e}" => Key deleted successfully.
HKU\S-1-5-21-3557792768-1499479723-1793385996-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\cWfG8A@E.edu => Moved successfully.
C:\Users\okay\AppData\Roaming\Mozilla\Firefox\Profiles\2jgflush.default\Extensions\Ht@pvvd.net => Moved successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej\ => Moved successfully.
C:\WINDOWS\system32\WPRO_41_2001woem.tmp => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\okay\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Users\okay\Desktop\Addition.rar => Moved successfully.
"C:\Users\okay\Desktop\FRST.txt" => File/Directory not found.
C:\Users\okay\Desktop\FRSTLauncher.exe => Moved successfully.
C:\ProgramData\7sAvue => Moved successfully.
"C:\ProgramData\dnfdcefcemollgffhncagcgolcodkpej" => File/Directory not found.
C:\ProgramData\7save => Moved successfully.
C:\ProgramData\takeoorLeavve => Moved successfully.
C:\ProgramData\shoppi => Moved successfully.
C:\ProgramData\adsy => Moved successfully.
C:\Program Files (x86)\Seznam.cz => Moved successfully.
C:\Users\okay\AppData\Roaming\Seznam.cz => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002Core.job => Moved successfully.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3557792768-1499479723-1793385996-1002UA.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\ProgramData\7sAvue" => File/Directory not found.
"C:\ProgramData\Shoppi" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 759.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 19:56:25 ====

[altrok]

Ted by se melo pocitaci znacne ulevit... Otestujte, jak se pocitac chova (reklamy, prohlizec) a pripadne uklidime

[Cizap]

o 100 % lepší nedělá to nic nekalého (a že to každej druhej klik dělalo) domovský prohlížeč jak má být a nenapadá mě nic co by bylo špatně...myslim že uklidit a hotovo. A velice děkuji za pomoc

[altrok]

To rad slysim, takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[Cizap]

Provedeno ještě jeden dotaz bych měl. V ovládacích panelech nemůžu najít windows deffender a v program files nemužu najít odinstalaci ve složce windows deffender chtěl bych to vyměnit za ten avast mužu to najít někde jinde? Nebo až nainstaluju avast tak mě to nechá vybrat?

[altrok]

Nainstalujte avast a pak Windows Defender trvale vypnete - http://windows.microsoft.com/cs-cz/wind ... =windows-7

[Cizap]

Dobře děkuju. To je vše. Ještě jednou díky a hezký večer

[altrok]

Nemate zac, rad jsem pomohl


Mejte se a treba zase nekdy