VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Čínské znaky v prohlížeči

https://forum.viry.cz:443/viewtopic.php?t=143358

Stránka 1 z 2

Čínské znaky v prohlížeči

Napsal: 04 bře 2015 16:31
od jirass
Zdravím, chtěl bych se zeptat, zdali byste mi nemohlo poradit, co to mám za havěť v PC. Opakovaně se mi v prohlížeči ukazují "čínské znaky" a nemohu se jich natrvalo zbavit.
Objeví se většinou až v průběhu užívání prohlížeče... cca 30 minut po jeho zapnutí. Po nějaké době zase zmizí. Pokud ne, tak prohlížeč vypínám a zapínám znovu. Poté se už většinou neukážou. Nevím ale, co to je.. a docela mi to vrtá hlavou.

Přidávám obrázek.

Předem děkuji za pomoc.

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 17:42
od Rudy
Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 18:00
od jirass
Při načtení stránky ke stažení FRSTLauncheru se zobrazí chyba, zřejmě je už nefunkční.

http://vyosek.tym.cz/pro_usery/FRSTLauncher.exe

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 19:04
od Rudy
Staáhněte odtud: http://www.bleepingcomputer.com/downloa ... scan-tool/ .

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 19:15
od jirass
Tak tady to je:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015
Ran by Jiraskovci (administrator) on JIRASKOVCI-PC on 04-03-2015 19:09:52
Running from C:\Users\Jiraskovci\Desktop
Loaded Profiles: UpdatusUser & Jiraskovci (Available profiles: UpdatusUser & Jiraskovci & Klárka a Lukášek & Tom(ík))
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Egis Technology Inc. ) C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Facebook) C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Akamai Technologies, Inc.) C:\Users\Jiraskovci\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Jiraskovci\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2011-01-05] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [3151000 2011-10-12] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [266496 2011-06-17] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [POPUPTV] => C:\Program Files (x86)\ASUS\PopupTV\ExpressTV.exe [692224 2010-03-19] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Family Tree Builder Update] => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2525184 2013-05-07] (MyHeritage)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\RunOnce: [!BingBar] => "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3565497031-381306618-626766917-1000\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-3565497031-381306618-626766917-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Facebook Update] => C:\Users\Jiraskovci\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-12-01] (Facebook Inc.)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466144 2014-11-27] (Sony)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jiraskovci\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1099608 2013-03-07] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27648 2014-03-31] ()
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [AppGraffiti] => "C:\PROGRA~2\APPGRA~1\AppGraffiti.exe"
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833024 2014-03-31] (ZONER software)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\RunOnce: [Adobe Speed Launcher] => 1425475764
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\MountPoints2: {aea8142b-121a-11e2-b739-dc0ea10699e5} - E:\Startme.exe
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\MountPoints2: {b8f62a9a-1d24-11e2-ae61-dc0ea10699e5} - E:\Startme.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [226920 2011-03-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [193128 2011-03-30] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\Jiraskovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\Jiraskovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskhost .lnk
ShortcutTarget: taskhost .lnk -> C:\ProgramData\VLC media player\VLC media player\22.22.22.22\taskhost.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-3565497031-381306618-626766917-1004\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}
URLSearchHook: HKU\S-1-5-21-3565497031-381306618-626766917-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3565497031-381306618-626766917-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3565497031-381306618-626766917-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {010e44c0-8bda-476c-9cee-e7a8c632e840} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {010e44c0-8bda-476c-9cee-e7a8c632e840} - No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default
FF DefaultSearchUrl: \\Program Files (x86)
FF Homepage: hxxp://www.google.cz/
FF Keyword.URL: https://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3565497031-381306618-626766917-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-3565497031-381306618-626766917-1001: facebook.com/fbDesktopPlugin -> C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\Extensions\artur.dubovoy@gmail.com [2015-02-16]
FF Extension: Garmin Communicator - C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-11-26]
FF Extension: AutoSlideshow - C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\Extensions\{9d29971a-bf52-4769-98d4-d4bc2ec4fa20} [2012-08-03]
FF Extension: DownloadHelper - C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-02-14]
FF Extension: Flash and Video Download - C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-01]
FF Extension: Greasemonkey - C:\Users\Jiraskovci\AppData\Roaming\Mozilla\Firefox\Profiles\uxw5kiyn.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-01]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-09-08]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-03-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-30]
FF HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1420908880&from=amt&uid=TOSHIBAXMK7559GSXP_71I6S95XSXX71I6S95XS
CHR StartupUrls: Default -> "https://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> https://www.google.com/complete/search? ... earchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Skype Toolbars) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bandzone.cz MP3 Download) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\adicpanjnjbpmhpcamgmihddcifhhceg [2015-02-13]
CHR Extension: (YouTube) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-20]
CHR Extension: (Google Search) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-20]
CHR Extension: (SiteAdvisor) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-02-20]
CHR Extension: (Avast Online Security) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-05]
CHR Extension: (Google Wallet) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-11-24]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - http://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-30]
CHR HKLM-x32\...\Chrome\Extension: [jinhmcmpnjkjciebbipoojdnnbmjilog] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [odbbfaealmlpnodchplhdomkgpdkeeal] - C:\Program Files (x86)\RebateInformer\Chrome\rebateinformer_c.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2012-05-26] (Adobe Systems) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-30] (Avast Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2013-02-25] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185176 2013-03-07] (Garmin Ltd or its subsidiaries)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4700824 2011-10-12] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [193352 2012-03-16] (Solid Documents, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AdobeActiveFileMonitor9.0; E:\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [X]
S2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AF9035BDA; C:\Windows\System32\Drivers\AF9035BDA.sys [492008 2009-07-16] (AfaTech )
S3 ASUSVRC64; C:\Windows\System32\DRIVERS\AsusVRC64.sys [23424 2008-10-13] (ASUSTeK COMPUTER INC.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-30] ()
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2014-11-30] (ESET)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-30] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 19:09 - 2015-03-04 19:10 - 00035657 _____ () C:\Users\Jiraskovci\Desktop\FRST.txt
2015-03-04 19:08 - 2015-03-04 19:08 - 02093056 _____ (Farbar) C:\Users\Jiraskovci\Desktop\FRST64.exe
2015-03-04 17:56 - 2015-03-04 19:09 - 00000000 ____D () C:\FRST
2015-03-01 19:08 - 2015-03-01 19:08 - 00146358 _____ () C:\Users\Jiraskovci\Downloads\download(15)
2015-03-01 19:08 - 2015-03-01 19:08 - 00108858 _____ () C:\Users\Jiraskovci\Downloads\download(10)
2015-03-01 19:08 - 2015-03-01 19:08 - 00104946 _____ () C:\Users\Jiraskovci\Downloads\download(13)
2015-03-01 19:08 - 2015-03-01 19:08 - 00104787 _____ () C:\Users\Jiraskovci\Downloads\download(12)
2015-03-01 19:08 - 2015-03-01 19:08 - 00104499 _____ () C:\Users\Jiraskovci\Downloads\download(11)
2015-03-01 19:08 - 2015-03-01 19:08 - 00103653 _____ () C:\Users\Jiraskovci\Downloads\download(14)
2015-03-01 19:08 - 2015-03-01 19:08 - 00102756 _____ () C:\Users\Jiraskovci\Downloads\download(9)
2015-03-01 19:08 - 2015-03-01 19:08 - 00099113 _____ () C:\Users\Jiraskovci\Downloads\download(8)
2015-03-01 19:07 - 2015-03-01 19:07 - 00110353 _____ () C:\Users\Jiraskovci\Downloads\download(1)
2015-03-01 19:07 - 2015-03-01 19:07 - 00106705 _____ () C:\Users\Jiraskovci\Downloads\download(4)
2015-03-01 19:07 - 2015-03-01 19:07 - 00104164 _____ () C:\Users\Jiraskovci\Downloads\download
2015-03-01 19:07 - 2015-03-01 19:07 - 00103124 _____ () C:\Users\Jiraskovci\Downloads\download(5)
2015-03-01 19:07 - 2015-03-01 19:07 - 00103106 _____ () C:\Users\Jiraskovci\Downloads\download(2)
2015-03-01 19:07 - 2015-03-01 19:07 - 00102524 _____ () C:\Users\Jiraskovci\Downloads\download(7)
2015-03-01 19:07 - 2015-03-01 19:07 - 00102255 _____ () C:\Users\Jiraskovci\Downloads\download(3)
2015-03-01 19:07 - 2015-03-01 19:07 - 00101613 _____ () C:\Users\Jiraskovci\Downloads\download(6)
2015-03-01 18:22 - 2015-03-01 21:59 - 00011637 _____ () C:\Users\Jiraskovci\Desktop\Seznam maturitní četby - Jirásko V..xlsx
2015-02-23 17:48 - 2015-02-23 17:48 - 00000000 ____D () C:\Users\Jiraskovci\Desktop\Filozofický slovník
2015-02-23 17:30 - 2015-02-23 17:39 - 154513150 _____ () C:\Users\Jiraskovci\Downloads\Filozofický-slovník.zip
2015-02-22 12:12 - 2015-02-22 12:15 - 00000000 ____D () C:\Users\Jiraskovci\Documents\Rodokmen
2015-02-17 18:34 - 2015-02-17 18:34 - 03778803 _____ () C:\Users\Jiraskovci\Downloads\zemak- Mcho.pptx
2015-02-17 18:33 - 2015-02-17 18:33 - 00316854 _____ () C:\Users\Jiraskovci\Downloads\Obyvatelstvo(1).odt
2015-02-17 18:10 - 2015-02-17 18:10 - 00316854 _____ () C:\Users\Jiraskovci\Downloads\Obyvatelstvo.odt
2015-02-16 19:51 - 2015-02-16 19:51 - 01055659 _____ () C:\Users\Jiraskovci\Downloads\HRAD-statni-hymna-cr.zip
2015-02-16 17:52 - 2015-02-16 17:52 - 00803174 _____ () C:\Users\Jiraskovci\Downloads\British literature.pptx
2015-02-15 20:07 - 2015-02-15 20:07 - 00000000 ____D () C:\Users\Klárka a Lukášek\AppData\Roaming\WinRAR
2015-02-15 19:28 - 2015-02-15 19:28 - 00000000 ____D () C:\Users\Klárka a Lukášek\Desktop\Vítání občánků Fandík
2015-02-14 12:59 - 2015-02-14 12:59 - 00000000 ____D () C:\Users\Jiraskovci\dwhelper
2015-02-12 17:23 - 2015-02-12 17:23 - 04978688 _____ () C:\Users\Jiraskovci\Downloads\ciselniky.xls
2015-02-05 17:19 - 2015-02-05 17:19 - 00003276 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3565497031-381306618-626766917-1001

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 18:54 - 2012-04-15 13:45 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-04 18:40 - 2012-02-18 20:26 - 00000948 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001UA.job
2015-03-04 18:40 - 2012-02-18 20:26 - 00000926 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001Core.job
2015-03-04 17:27 - 2012-02-20 16:40 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-04 16:31 - 2012-05-19 09:14 - 04005376 ___SH () C:\Users\Jiraskovci\Desktop\Thumbs.db
2015-03-04 14:35 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-04 14:35 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-04 14:31 - 2011-10-10 02:28 - 01871159 _____ () C:\Windows\WindowsUpdate.log
2015-03-04 14:28 - 2012-01-31 23:13 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-04 14:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-04 14:27 - 2009-07-14 05:51 - 00269736 _____ () C:\Windows\setupact.log
2015-03-03 22:31 - 2014-11-30 01:30 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-23 19:24 - 2012-12-14 23:15 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-21 10:06 - 2012-02-20 16:40 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-19 20:52 - 2015-01-04 18:37 - 00000975 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-02-15 19:32 - 2015-01-21 18:15 - 00000000 ____D () C:\Users\Klárka a Lukášek\AppData\Local\CrashDumps
2015-02-15 19:27 - 2014-04-26 09:22 - 00004630 __RSH () C:\Users\Klárka a Lukášek\ntuser.pol
2015-02-15 19:27 - 2012-02-14 21:28 - 00000000 ____D () C:\Users\Klárka a Lukášek
2015-02-14 12:59 - 2012-01-31 21:56 - 00000000 ____D () C:\Users\Jiraskovci
2015-02-12 10:15 - 2014-06-07 18:52 - 00000000 ____D () C:\Users\Jiraskovci\AppData\Local\CrashDumps
2015-02-05 21:54 - 2012-04-15 13:45 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 21:54 - 2012-04-15 13:45 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 21:54 - 2011-09-08 12:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 17:22 - 2012-02-20 16:40 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 17:22 - 2012-02-20 16:40 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 17:22 - 2012-02-20 16:40 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 20:20 - 2010-11-21 04:47 - 00149078 _____ () C:\Windows\PFRO.log

==================== Files in the root of some directories =======

2012-04-22 22:17 - 2013-04-05 00:17 - 0007605 _____ () C:\Users\Jiraskovci\AppData\Local\Resmon.ResmonCfg
2012-02-01 21:15 - 2012-02-06 18:16 - 0001243 _____ () C:\ProgramData\hpzinstall.log
2012-02-10 22:52 - 2012-02-10 22:52 - 0000032 _____ () C:\ProgramData\Temp.log

Files to move or delete:
====================
C:\Users\Jiraskovci\PremiereElements_9_Content_ALL_LS15.exe


Some content of TEMP:
====================
C:\Users\Jiraskovci\AppData\Local\Temp\7pm6qy8j.dll
C:\Users\Jiraskovci\AppData\Local\Temp\app.exe
C:\Users\Jiraskovci\AppData\Local\Temp\CDmage.exe
C:\Users\Jiraskovci\AppData\Local\Temp\COMAP.EXE
C:\Users\Jiraskovci\AppData\Local\Temp\contentDATs.exe
C:\Users\Jiraskovci\AppData\Local\Temp\DaleSearchTB.exe
C:\Users\Jiraskovci\AppData\Local\Temp\DivXInstaller.exe
C:\Users\Jiraskovci\AppData\Local\Temp\DivXSetup.exe
C:\Users\Jiraskovci\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Jiraskovci\AppData\Local\Temp\FreemakeVideoDownloader_3.5.0.4.exe
C:\Users\Jiraskovci\AppData\Local\Temp\installhelper.dll
C:\Users\Jiraskovci\AppData\Local\Temp\Mp3EncInst.exe
C:\Users\Jiraskovci\AppData\Local\Temp\mp3enckv.dll
C:\Users\Jiraskovci\AppData\Local\Temp\MyHeritage_Version_7_0_0_7124_Size_36956048.exe
C:\Users\Jiraskovci\AppData\Local\Temp\MyHeritage_Version_7_0_0_7128_Size_37008752.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pcspeedup.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pyl1267.tmp.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pyl656.tmp.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pyl7F2D.tmp.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pylB0F6.tmp.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pylD6CF.tmp.exe
C:\Users\Jiraskovci\AppData\Local\Temp\pylEF8C.tmp.exe
C:\Users\Jiraskovci\AppData\Local\Temp\Quarantine.exe
C:\Users\Jiraskovci\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Jiraskovci\AppData\Local\Temp\SimBundD.exe
C:\Users\Jiraskovci\AppData\Local\Temp\sqlite3.dll
C:\Users\Jiraskovci\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Jiraskovci\AppData\Local\Temp\tmp2413.exe
C:\Users\Jiraskovci\AppData\Local\Temp\tmp926D.exe
C:\Users\Jiraskovci\AppData\Local\Temp\tmpBE7A.exe
C:\Users\Jiraskovci\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Jiraskovci\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Jiraskovci\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\Klárka a Lukášek\AppData\Local\Temp\COMAP.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-24 17:45

==================== End Of Log ============================

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 20:33
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Users\Jiraskovci\AppData\Local\Akamai
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [!BingBar] => "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
C:\Program Files (x86)\Microsoft\BingBar
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jiraskovci\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\MountPoints2: {aea8142b-121a-11e2-b739-dc0ea10699e5} - E:\Startme.exe
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\MountPoints2: {b8f62a9a-1d24-11e2-ae61-dc0ea10699e5} - E:\Startme.exe
GroupPolicyUsers\S-1-5-21-3565497031-381306618-626766917-1004\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3565497031-381306618-626766917-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {010e44c0-8bda-476c-9cee-e7a8c632e840} -> No File
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Toolbar: HKLM-x32 - No Name - {010e44c0-8bda-476c-9cee-e7a8c632e840} - No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-3565497031-381306618-626766917-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-3565497031-381306618-626766917-1001: facebook.com/fbDesktopPlugin -> C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp& ... X71I6S95XS
CHR Plugin: (Skype Toolbars) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001Core.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jiraskovci\PremiereElements_9_Content_ALL_LS15.exe
C:\Users\Jiraskovci\AppData\Local\Temp
Task: {3B205212-3C22-41C7-A2EE-A3BB47897879} - System32\Tasks\{3EE18074-A110-4AB2-8E10-1FDC1724C009} => pcalua.exe -a C:\Users\Jiraskovci\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=amt <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\Users\Jiraskovci\Downloads\DivX.Web.Player.Installer__8420_il15620.exe:typelib
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem
zkopírujte.

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 21:00
od jirass
Tak zde to je:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-03-2015 01
Ran by Jiraskovci at 2015-03-04 20:51:25 Run:1
Running from C:\Users\Jiraskovci\Desktop
Loaded Profiles: UpdatusUser & Jiraskovci (Available profiles: UpdatusUser & Jiraskovci & Klárka a Lukášek & Tom(ík))
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\Jiraskovci\AppData\Local\Akamai
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [!BingBar] => "C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
C:\Program Files (x86)\Microsoft\BingBar
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Jiraskovci\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\MountPoints2: {aea8142b-121a-11e2-b739-dc0ea10699e5} - E:\Startme.exe
HKU\S-1-5-21-3565497031-381306618-626766917-1001\...\MountPoints2: {b8f62a9a-1d24-11e2-ae61-dc0ea10699e5} - E:\Startme.exe
GroupPolicyUsers\S-1-5-21-3565497031-381306618-626766917-1004\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3565497031-381306618-626766917-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {010e44c0-8bda-476c-9cee-e7a8c632e840} -> No File
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Toolbar: HKLM-x32 - No Name - {010e44c0-8bda-476c-9cee-e7a8c632e840} - No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin HKU\S-1-5-21-3565497031-381306618-626766917-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-3565497031-381306618-626766917-1001: facebook.com/fbDesktopPlugin -> C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp& ... X71I6S95XS
CHR Plugin: (Skype Toolbars) - C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [Not Found]
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001Core.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Jiraskovci\PremiereElements_9_Content_ALL_LS15.exe
C:\Users\Jiraskovci\AppData\Local\Temp
Task: {3B205212-3C22-41C7-A2EE-A3BB47897879} - System32\Tasks\{3EE18074-A110-4AB2-8E10-1FDC1724C009} => pcalua.exe -a C:\Users\Jiraskovci\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=amt <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\Users\Jiraskovci\Downloads\DivX.Web.Player.Installer__8420_il15620.exe:typelib
End
*****************


"C:\Users\Jiraskovci\AppData\Local\Akamai" directory move:

Could not move "C:\Users\Jiraskovci\AppData\Local\Akamai" directory. => Scheduled to move on reboot.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\!BingBar => value deleted successfully.
C:\Program Files (x86)\Microsoft\BingBar => Moved successfully.
HKU\S-1-5-21-3565497031-381306618-626766917-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value deleted successfully.
"HKU\S-1-5-21-3565497031-381306618-626766917-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aea8142b-121a-11e2-b739-dc0ea10699e5}" => Key deleted successfully.
HKCR\CLSID\{aea8142b-121a-11e2-b739-dc0ea10699e5} => Key not found.
"HKU\S-1-5-21-3565497031-381306618-626766917-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b8f62a9a-1d24-11e2-ae61-dc0ea10699e5}" => Key deleted successfully.
HKCR\CLSID\{b8f62a9a-1d24-11e2-ae61-dc0ea10699e5} => Key not found.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-3565497031-381306618-626766917-1004\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3565497031-381306618-626766917-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{010e44c0-8bda-476c-9cee-e7a8c632e840}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{010e44c0-8bda-476c-9cee-e7a8c632e840} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{010e44c0-8bda-476c-9cee-e7a8c632e840} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{010e44c0-8bda-476c-9cee-e7a8c632e840} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{eec0f710-38b5-4aba-99bf-ec87564a4e13} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{eec0f710-38b5-4aba-99bf-ec87564a4e13}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => Key not found.
"HKCR\PROTOCOLS\Handler\skype4com" => Key deleted successfully.
HKCR\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKU\S-1-5-21-3565497031-381306618-626766917-1001\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => Key deleted successfully.
C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
"HKU\S-1-5-21-3565497031-381306618-626766917-1001\Software\MozillaPlugins\facebook.com/fbDesktopPlugin" => Key deleted successfully.
C:\Users\Jiraskovci\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll => Moved successfully.
Chrome HomePage deleted successfully.
C:\Users\Jiraskovci\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll not found.
C:\Users\Jiraskovci\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3565497031-381306618-626766917-1001Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Users\Jiraskovci\PremiereElements_9_Content_ALL_LS15.exe => Moved successfully.

"C:\Users\Jiraskovci\AppData\Local\Temp" directory move:

Could not move "C:\Users\Jiraskovci\AppData\Local\Temp" directory. => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B205212-3C22-41C7-A2EE-A3BB47897879}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B205212-3C22-41C7-A2EE-A3BB47897879}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3EE18074-A110-4AB2-8E10-1FDC1724C009} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3EE18074-A110-4AB2-8E10-1FDC1724C009}" => Key deleted successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
C:\Users\Jiraskovci\Downloads\DivX.Web.Player.Installer__8420_il15620.exe => ":typelib" ADS removed successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-04 20:58:39)<=

C:\Users\Jiraskovci\AppData\Local\Akamai => Is moved successfully.
C:\Users\Jiraskovci\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 20:58:39 ====

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 21:38
od Rudy
Smazáno. Nastala nějaká změna?

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 21:55
od jirass
Děkuji, prozatím se nic neukázalo - což doufám vydrží.. :-) Ještě jednou díky.

Jirass

Re: Čínské znaky v prohlížeči

Napsal: 04 bře 2015 22:35
od Rudy
Rádo se stalo! :)

Re: Čínské znaky v prohlížeči

Napsal: 05 bře 2015 15:17
od jirass
Mohu se ještě zeptat... mám také problém se službou skype. Ve chvíli, kdy tuto aplikaci instaluji mi vyběhne tato chyba: Instalace skype selhala; kód 1601.
Služba Windows instalátor není dostupná.

Když jsem to zapínal přes CMD, tak mi to hlásí: Služba Instalační služba systému Windows nelze spustit

Pokud jsem dal zobrazit nápovědu - příkazem NET HELPmsg 3534 - zobrazí se: Služba neoznámila chybu.

Re: Čínské znaky v prohlížeči

Napsal: 05 bře 2015 18:52
od Rudy
Zeptat se můžtete, ale já vám k tomu řeknu jen to, že to nemá nic spolčného s malware. Patrně problém instalátoru. :)

Re: Čínské znaky v prohlížeči

Napsal: 05 bře 2015 19:12
od jirass
A myslíte, že bych zde mohl najít někoho, kdo tomuto problému rozumí a mohl by mi s ním pomoci?
Já se domnívám, že to může být způsobeno nějakým virem, který nějakým způsobem znemožnil fci instalátoru. Nevím, zdali tato teorie není uplná blbost...Pravdou je, že už nějaký čas mi instalátor nefunguje a obávám se, že je to právě důsledkem naistalování nějaké havěti do pc.

Děkuji za případnou pomoc.

Jirass

Re: Čínské znaky v prohlížeči

Napsal: 05 bře 2015 19:21
od Rudy
Spíš to zkuste tady: http://www.skype-forum.cz/ .

Re: Čínské znaky v prohlížeči

Napsal: 05 bře 2015 19:23
od jirass
OK, díky.

J.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz