VIRY.CZ

Zdravím. Volali mi z komerční banky, že mám zavirovaný pc, tak ho začínám čistit. Proto prosím o kontrolu logu. Díky

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:53:20, on 18. 3. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
C:\Users\Martina\Desktop\hijackthis.exe
C:\windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Philips Device Listener] "C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe"
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN23L510P405PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [UycuBinqa] regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10212 bytes

Zdravim

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Martina (administrator) on IDEA-PC on 30-03-2015 14:19:26
Running from C:\Users\Martina\Desktop
Loaded Profiles: Martina (Available profiles: Martina)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Martina\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-11] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Google Update] => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-04] (Google Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [UycuBinqa] => regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\Autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {8341029c-197f-11e3-be96-2cd05a349e8e} - "I:\Setup.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2012-07-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID= ... M%3DIE8SRC
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.10.1 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1443460809-2058308057-2046692019-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Martina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1443460809-2058308057-2046692019-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Martina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: Seznam lištička - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-06-04]
FF Extension: Adblock Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-23]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-23]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-23]
CHR Extension: (Google Search) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-23]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 14:19 - 2015-03-30 14:20 - 00018654 _____ () C:\Users\Martina\Desktop\FRST.txt
2015-03-30 14:16 - 2015-03-30 14:19 - 00000000 ____D () C:\FRST
2015-03-30 14:15 - 2015-03-30 14:15 - 00112640 _____ (forum.viry.cz) C:\Users\Martina\Desktop\FRSTLauncher.exe
2015-03-30 14:12 - 2015-03-30 14:13 - 02095616 _____ (Farbar) C:\Users\Martina\Desktop\FRST64.exe
2015-03-18 11:46 - 2015-03-18 11:50 - 78239989 _____ () C:\Users\Martina\Downloads\Voice-of-Anarcho-Pacifism.rar
2015-03-17 22:36 - 2015-03-17 22:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Desktop\hijackthis.exe
2015-03-17 21:19 - 2015-03-17 21:57 - 678480153 _____ () C:\Users\Martina\Downloads\Svědek---Garde-à-vue-1981,-CZ.mp4
2015-03-17 21:16 - 2015-03-02 01:52 - 00078963 _____ () C:\Users\Martina\Downloads\Relatos.salvajes.2014.srt
2015-03-17 21:11 - 2015-03-02 01:55 - 996499053 _____ () C:\Users\Martina\Downloads\Relatos.salvajes.2014.mkv
2015-03-17 20:53 - 2015-03-17 20:53 - 00000000 ____D () C:\Users\Martina\Downloads\Omar [2013] HDRip XviD[Arabic]-SaM[ETRG]
2015-03-17 19:28 - 2015-03-17 20:09 - 730707968 _____ () C:\Users\Martina\Downloads\Reprise-(2006)-Norwegian-LiMiTED.DVDSCR.XViD-HLS-.avi
2015-03-17 16:58 - 2015-03-17 18:36 - 908431388 _____ () C:\Users\Martina\Downloads\Slib---Obietnica-2014,-CZ-tit.avi
2015-03-17 12:48 - 2015-03-17 13:23 - 628068472 _____ () C:\Users\Martina\Downloads\Ouija-(2014)-dvd-rip-hundub.mp4
2015-03-12 23:53 - 2015-03-12 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 17:26 - 2015-03-03 18:59 - 857419832 _____ () C:\Users\Martina\Downloads\La-Isla-Minima-vložené-titulky-cz-novinka-2014.avi
2015-03-02 20:31 - 2015-03-02 22:48 - 1207289856 _____ () C:\Users\Martina\Downloads\Soudce---The-Judge-2014-cz.avi
2015-02-28 21:04 - 2015-02-28 21:49 - 805647591 _____ () C:\Users\Martina\Downloads\Loose-Change---2nd-Edition-(CZ-SUB)-(2006).rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 14:20 - 2013-11-26 21:58 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\BitTorrent
2015-03-30 14:02 - 2013-08-13 22:28 - 01865108 _____ () C:\windows\WindowsUpdate.log
2015-03-30 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2015-03-30 13:55 - 2015-02-04 20:52 - 00000986 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job
2015-03-30 13:36 - 2014-07-08 19:36 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-30 13:04 - 2013-06-19 09:07 - 14801920 ___SH () C:\Users\Martina\Desktop\Thumbs.db
2015-03-30 12:57 - 2013-09-23 23:06 - 00002447 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2015-03-30 12:52 - 2013-02-08 13:38 - 00808320 _____ () C:\windows\system32\perfh005.dat
2015-03-30 12:52 - 2013-02-08 13:38 - 00173326 _____ () C:\windows\system32\perfc005.dat
2015-03-30 12:52 - 2012-07-26 09:28 - 00005426 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-17 23:08 - 2013-06-22 19:03 - 00006847 _____ () C:\Users\Martina\Desktop\Nový textový dokument.txt
2015-03-17 22:43 - 2014-07-01 11:07 - 00000000 ____D () C:\Program Files (x86)\SavePass
2015-03-17 22:33 - 2013-06-22 19:10 - 00001107 _____ () C:\Users\Martina\Desktop\filmy.txt
2015-03-17 22:22 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-17 22:22 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-17 22:05 - 2014-07-01 11:05 - 00000000 ____D () C:\Program Files (x86)\GoforFiles Updater
2015-03-17 21:18 - 2013-08-10 17:04 - 00000000 ____D () C:\Users\Martina\Desktop\Složky
2015-03-17 14:04 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-03-14 18:29 - 2014-07-02 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-14 10:55 - 2015-02-04 20:52 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job
2015-03-12 23:28 - 2013-06-19 22:29 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2015-03-03 15:17 - 2013-06-26 22:38 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-03-02 23:23 - 2014-02-24 20:03 - 00000000 ____D () C:\Users\Martina\Downloads\Subs

==================== Files in the root of some directories =======

2013-10-03 23:20 - 2013-10-03 23:20 - 0003584 _____ () C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-18 12:15 - 2013-06-18 12:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-02-08 12:58 - 2013-02-08 12:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Martina\Desktop" je 75328 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

# AdwCleaner v4.200 - Log vytvooen 30/03/2015 v 14:41:26
# Aktualizováno 29/03/2015 by Xplode
# Databáze : 2015-03-29.1 [Server]
# Operaení system : Windows 8 (x64)
# Uživatelské jméno : Martina - IDEA-PC
# Spuštino z : C:\Users\Martina\Desktop\adwcleaner_4.200.exe
# Nastavení : Eištiní

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player
Složka Smazáno : C:\Program Files (x86)\SavePass
Složka Smazáno : C:\Program Files (x86)\GoforFiles Updater
Složka Smazáno : C:\Program Files (x86)\SuperAdBlocker.com
Složka Smazáno : C:\Users\Martina\AppData\Roaming\SuperAdBlocker.com
Složka Smazáno : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Soubor Smazáno : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
Soubor Smazáno : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíe Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíe Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c7b52c7d-f18a-4f09-98b3-d162503c779d}
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fd01194b-5db3-4b6e-bd5f-d28ddb3c118f}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c7b52c7d-f18a-4f09-98b3-d162503c779d}
Klíe Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fd01194b-5db3-4b6e-bd5f-d28ddb3c118f}
Klíe Smazáno : HKCU\Software\Conduit
Klíe Smazáno : HKCU\Software\GlobalUpdate
Klíe Smazáno : HKCU\Software\AppDataLow\Software\SavePass
Klíe Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíe Smazáno : HKLM\SOFTWARE\SavePass
Klíe Smazáno : HKLM\SOFTWARE\SuperAdBlocker.com
Klíe Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SavePass

***** [ Prohlížeee ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v36.0.1 (x86 cs)


-\\ Google Chrome v


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R2].txt - [5026 bytu] - [30/03/2015 14:36:28]
AdwCleaner[S2].txt - [4158 bytu] - [30/03/2015 14:41:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [4216 bytu] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Zoek.exe v5.0.0.0 Updated 29-March-2015
Tool run by Martina on po 30. 03. 2015 at 15:39:18,85.
Microsoft Windows 8 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Martina\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30. 3. 2015 15:58:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Amazon deleted successfully
C:\PROGRA~2\johnsadventures.com deleted successfully
C:\PROGRA~2\TyphoonTools deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Symantec deleted successfully
C:\Users\Martina\AppData\Roaming\Philips deleted successfully
C:\Users\Martina\AppData\Local\GHISLER deleted successfully
C:\Users\Martina\AppData\Local\johnsadventures.com deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{173373CC-D0D9-4CED-8DB1-F984BD382B} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1A5EB0BD-B2B3-46A6-9042-4D15C1E1C335} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1CDE02F9-F5-457D-8C8E-74E6716F81F9} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D43130F-FD80-4F32-9ACA-B88FD02837BD} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2197E05B-354E-44CE-8557-C06B337343FC} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21C3EBFC-F145-48B8-9377-4F742FAF303E} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22C22ED-173A-443B-ADF8-127654DCB8F2} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{240E6B99-7902-45EE-AA37-E28312DEC257} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2AF914C4-DBDD-4F76-BB1D-C17B8D32345B} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31E22F71-4447-4CAB-898D-C856F9F07BA6} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{359D3FB-F2AA-4C8D-82FB-B1786D2CFF33} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{367B5EF1-F4BE-419A-B980-23635646967} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48CD3F08-804-4A4A-AB3A-6C2AAE0B231} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5446EB6-A6FF-446F-AD2D-F24EED168D49} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{579C118E-B443-4F4A-877D-C7E825B83A5} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58F962A9-665E-4CEB-8854-ED9E55A84777} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{611E5290-E07E-45D3-8E15-3359DC5C9739} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64288808-BD42-4AA7-9D9E-ED59AD42CE45} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6777F716-9DAB-4F14-9CD4-5124B37D9915} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B26C87-E8A5-44C8-BA8E-14474DFAD4BA} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{693EBC52-F88-4C09-8C90-80BB4035FC7A} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C5D9222-D661-4641-9E6A-8D4E19220BF} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FFD91B7-27B0-4083-85FA-D54BA5DA8D63} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71B3A3B5-3F22-4664-8AA-6899638B6510} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{773F09C4-F4BE-46BA-BF77-4DD9BD2691CB} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C21A579-B494-4B9B-94CE-4368DFD8F75F} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81C3174F-CDBF-48BD-AF13-C160D921F7DD} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{836EEC89-EBF-475C-AAD-4ABA5FAD3526} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83A091D3-1FA8-4586-BC36-CF781C15B192} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86B03C5E-9F75-45CA-B6CA-D7862AAB4633} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A1F2A6B-869-4097-8B2B-C9B29D4FF5FB} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A54AB54-BF66-4063-9B6F-23FC4EEBD784} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D7DF0B3-B262-42F6-98E3-A8FA1EAAF4B6} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EBC46BB-F23F-4FF0-8CC3-A4C0466AB979} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91750A35-1FF2-4FDC-8479-1E3FC8125B3E} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93DC7D3A-C4D0-4518-9A23-54159C6D97E} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A02B1EA3-4DFE-42D8-B955-50F7B1476FA} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A602F19-1E5C-4868-B95C-4CA94721552C} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6E7288F-A6BF-41B0-8EB4-BCD645B5EBB} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B685F684-7137-4498-9C79-254461887EB1} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B9594D0D-647F-4411-81E4-D2D2BAE0A0C9} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c7b52c7d-f18a-4f09-98b3-d162503c779d} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CE46C7AD-8D1B-4A32-A430-B05297DE5CA} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF53DDFD-B291-4EB6-AEA5-3ADD9E2021} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7D179B8-49A-443D-A765-DEEACF3B9F7C} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFB7B760-98A0-4068-A1F8-356AAA285748} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D837A7-1AE4-4D59-81D4-DBE5880B525} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E460B381-E7C8-43C9-BF90-B2EE99B873C7} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E55D2957-319B-42C1-8240-AB6486AC8ECB} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBF0171E-16BF-42FF-A269-3A16C93E2A81} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F5954F1B-DEAE-4683-AB78-1BD8D866F36F} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB91AC5C-69D6-43EE-B919-67CA879A15EB} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fd01194b-5db3-4b6e-bd5f-d28ddb3c118f} deleted successfully
HKEY_USERS\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFAE4182-D3B4-42C5-A399-79DABBD0BBF8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.seznam.cz/");

Added to C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Amazon not found
C:\PROGRA~2\johnsadventures.com not found
C:\PROGRA~2\TyphoonTools not found
C:\PROGRA~3\{F0489EF2-D393-4114-85BA-A94D71D89543} deleted
C:\Users\Martina\Downloads\StartDownload.exe deleted
C:\windows\SysNative\Tasks\RegCure Pro deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
user_pref("network.proxy.type", 4);

==== Firefox Extensions ======================

ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Martina\AppData\Roaming\Philips-Songbird\Profiles\qxqlp484.default
- Artwork Extras - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com
- CD Rip Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com
- AAC Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com
- H.264 Video Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com
- MP3 Encoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com
- MPEG-4 Video Decoding Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com
- File association - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com
- Philips GoGear Device Manager - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com
- gonzo - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com
- Fornecedor da pesquisa de metadados Gracenote - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com
- Czech cs Language Pack - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-cs@songbirdnest.com
- mashTape - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com
- MSC Device Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com
- MTP Device Support - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com
- Philips addon manager - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com
- Philips Branding - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com
- LikeMusic - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com
- Philips auto msc-mtp switch - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com
- Philips Promotions - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com
- Philips Skin - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com
- Philips UI - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com
- Purple Rain - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com
- Windows Media Playback - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
98137411B9C632095F919E2CE70B288A - C:\Users\Martina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update
C62322C77D1AAB77B1CF1130FCC3673A - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash
0C0C5C207121C7A78414A8250E8E099A - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director
D7324EB1EDCB8990F8522DE0311359E9 - C:\windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
3A57A288F098188E92C6B0309CBC50B2 - C:\windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\Guest\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Guest\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted
Fake profile C:\Users\Martina\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\Martina\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================



==== Chromium Fix ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.abradio.cz_0.localstorage-journal deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSE1"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=MSE1"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{28DBDC09-CD74-4291-80D1-789ACD6F9883} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"
{6BC336E0-0860-4AFD-B849-E13CABFBD077} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"
{764482F2-C192-4032-B5B2-7848E6928461} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{8C35819E-0D88-4E0F-8946-73D1764A9500} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"

==== Reset Google Chrome ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Default\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Default User\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Martina\Desktop\BitTorrent.lnk - C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Martina\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner.exe
C:\Users\Martina\Desktop\Cyberlink Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Martina\Desktop\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Martina\Desktop\IrfanView.lnk - C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Users\Martina\Desktop\Jpeg Resampler 2010.lnk - C:\Program Files (x86)\JpegResampler2010\JpegResampler.exe
C:\Users\Martina\Desktop\mafia2 – zástupce.lnk -
C:\Users\Martina\Desktop\Total Commander.lnk - C:\totalcmd\TOTALCMD.EXE

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\7-PDF Maker.lnk - C:\Program Files (x86)\7-PDF\7-PDF Maker\7pG.exe
C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Users\Public\Desktop\ATLAS.ti.lnk - C:\Program Files (x86)\Scientific Software\ATLASti\Program\atlasti.exe
C:\Users\Public\Desktop\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\Users\Public\Desktop\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Public\Desktop\Diablo III.lnk - C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
C:\Users\Public\Desktop\DOSBox 0.74.lnk - C:\Program Files (x86)\DOSBox-0.74\DOSBox.exe -userconf
C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\Public\Desktop\HP Deskjet 3050A J611 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exe -Start UDCDevicePage
C:\Users\Public\Desktop\HP ePrintCenter - HP Deskjet 3050A J611 series.lnk - C:\Program Files (x86)\HP\HP Deskjet 3050A J611 series\ePrintCenterShortcut.url
C:\Users\Public\Desktop\HP Photo Creations.lnk - C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
C:\Users\Public\Desktop\Intel AppUp(SM) center.lnk - C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe --domain F0399437-FD0C-4A48-B101-F0314A6172E4
C:\Users\Public\Desktop\LayOut 2015.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\LayOut\LayOut.exe
C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVDLaunchPolicy.exe
C:\Users\Public\Desktop\Lenovo YouCam.lnk - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe
C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Public\Desktop\OneKey Recovery.lnk - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\OneKey Recovery.exe
C:\Users\Public\Desktop\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Public\Desktop\Philips Songbird.lnk - C:\Program Files (x86)\Philips\Philips Songbird\Philips-Songbird.exe
C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Public\Desktop\RollerCoaster Tycoon 2.lnk - C:\Program Files (x86)\Infogrames\RollerCoaster Tycoon 2\rct2.exe
C:\Users\Public\Desktop\SketchUp 2015.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\SketchUp.exe
C:\Users\Public\Desktop\Skype.lnk - C:\windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe
C:\Users\Public\Desktop\Spustit hru The Witcher 2 (CZ).lnk - C:\Program Files (x86)\The Witcher 2 (CZ)\launcher.exe
C:\Users\Public\Desktop\Style Builder 2015.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\Style Builder\Style Builder.exe
C:\Users\Public\Desktop\The Sims™ 3 Without Launcher.lnk -
C:\Users\Public\Desktop\The Sims™ 3.lnk -
C:\Users\Public\Desktop\UserGuide.lnk - C:\Program Files (x86)\Lenovo\UserGuide\UserGuide.exe
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Users\Public\Desktop\Zakoupit spotřební materiál - HP Deskjet 3050A J611 series.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2GoExpress.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Nápověda.lnk -
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Soubor Readme.lnk - C:\Program Files (x86)\Lenovo\Power2Go\Language\Csy\Readme.htm

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk - C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Battle.net Account Management.lnk - C:\Program Files (x86)\Diablo III\BattlenetAccount.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Blizzard Technical Support.lnk - C:\Program Files (x86)\Diablo III\TechSupport.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III - Manual.lnk - C:\Program Files (x86)\Diablo III\Manual.url
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III\Diablo III.lnk - C:\Program Files (x86)\Diablo III\Diablo III Launcher.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015\LayOut.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\LayOut\LayOut.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015\SketchUp.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\SketchUp.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015\Style Builder.lnk - C:\Program Files (x86)\SketchUp\SketchUp 2015\Style Builder\Style Builder.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent Sync.lnk - C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk - C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BS.Player FREE.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Philips Songbird.lnk - C:\Program Files (x86)\Philips\Philips Songbird\Philips-Songbird.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BS.lnk - C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Libraries
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GOM.EXE.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe --remote-debugging-port=9223
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-003D-0000-1000-0000000FF1CE}\pptico.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-003D-0000-1000-0000000FF1CE}\wordicon.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Wordpad.lnk - C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

==== shortcuts After Repair ======================

C:\Users\Martina\Desktop\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U98X85T will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Martina\AppData\Local\Mozilla\Firefox\Profiles\u60ghvfv.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=8 folders=2 142341 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Martina\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Martina\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1U98X85T" not found

==== EOF on po 30. 03. 2015 at 16:25:46,12 ======================

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Martina (administrator) on IDEA-PC on 31-03-2015 19:56:16
Running from C:\Users\Martina\Desktop
Loaded Profiles: Martina (Available profiles: Martina)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Martina\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-11] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Google Update] => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-04] (Google Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [UycuBinqa] => regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\Autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {8341029c-197f-11e3-be96-2cd05a349e8e} - "I:\Setup.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2012-07-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchT ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.10.1 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1443460809-2058308057-2046692019-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Martina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1443460809-2058308057-2046692019-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Martina\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: Adblock Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-23]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-23]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-23]
CHR Extension: (Google Search) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-23]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-30]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 19:56 - 2015-03-31 19:56 - 00018286 _____ () C:\Users\Martina\Desktop\FRST.txt
2015-03-30 16:21 - 2015-03-30 16:21 - 00000336 _____ () C:\windows\PFRO.log
2015-03-30 16:16 - 2015-03-30 15:39 - 00024064 _____ () C:\windows\zoek-delete.exe
2015-03-30 15:58 - 2015-03-30 16:25 - 00034773 _____ () C:\zoek-results.log
2015-03-30 15:39 - 2015-03-30 16:14 - 00000000 ____D () C:\zoek_backup
2015-03-30 15:38 - 2015-03-30 15:38 - 01305600 _____ () C:\Users\Martina\Desktop\zoek.exe
2015-03-30 14:45 - 2015-03-30 15:51 - 625391726 _____ () C:\Users\Martina\Downloads\The-Little-Death-CZ-Titulky-Komedie,Austrálie,-2014.avi
2015-03-30 14:36 - 2015-03-30 14:41 - 00000000 ____D () C:\AdwCleaner
2015-03-30 14:33 - 2015-03-30 14:33 - 02208768 _____ () C:\Users\Martina\Desktop\adwcleaner_4.200.exe
2015-03-30 14:23 - 2015-03-30 14:23 - 00007379 _____ () C:\Users\Martina\Desktop\Addition.rar
2015-03-30 14:16 - 2015-03-31 19:56 - 00000000 ____D () C:\FRST
2015-03-30 14:15 - 2015-03-30 14:15 - 00112640 _____ (forum.viry.cz) C:\Users\Martina\Desktop\FRSTLauncher.exe
2015-03-30 14:12 - 2015-03-30 14:13 - 02095616 _____ (Farbar) C:\Users\Martina\Desktop\FRST64.exe
2015-03-18 11:46 - 2015-03-18 11:50 - 78239989 _____ () C:\Users\Martina\Downloads\Voice-of-Anarcho-Pacifism.rar
2015-03-17 22:36 - 2015-03-17 22:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Desktop\hijackthis.exe
2015-03-17 21:19 - 2015-03-17 21:57 - 678480153 _____ () C:\Users\Martina\Downloads\Svědek---Garde-à-vue-1981,-CZ.mp4
2015-03-17 21:16 - 2015-03-02 01:52 - 00078963 _____ () C:\Users\Martina\Downloads\Relatos.salvajes.2014.srt
2015-03-17 21:11 - 2015-03-02 01:55 - 996499053 _____ () C:\Users\Martina\Downloads\Relatos.salvajes.2014.mkv
2015-03-17 20:53 - 2015-03-17 20:53 - 00000000 ____D () C:\Users\Martina\Downloads\Omar [2013] HDRip XviD[Arabic]-SaM[ETRG]
2015-03-17 19:28 - 2015-03-17 20:09 - 730707968 _____ () C:\Users\Martina\Downloads\Reprise-(2006)-Norwegian-LiMiTED.DVDSCR.XViD-HLS-.avi
2015-03-17 16:58 - 2015-03-17 18:36 - 908431388 _____ () C:\Users\Martina\Downloads\Slib---Obietnica-2014,-CZ-tit.avi
2015-03-17 12:48 - 2015-03-17 13:23 - 628068472 _____ () C:\Users\Martina\Downloads\Ouija-(2014)-dvd-rip-hundub.mp4
2015-03-12 23:53 - 2015-03-12 23:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 17:26 - 2015-03-03 18:59 - 857419832 _____ () C:\Users\Martina\Downloads\La-Isla-Minima-vložené-titulky-cz-novinka-2014.avi
2015-03-02 20:31 - 2015-03-02 22:48 - 1207289856 _____ () C:\Users\Martina\Downloads\Soudce---The-Judge-2014-cz.avi

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-31 19:55 - 2015-02-04 20:52 - 00000986 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job
2015-03-31 19:52 - 2013-11-26 21:58 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\BitTorrent
2015-03-31 19:47 - 2013-06-22 19:10 - 00001147 _____ () C:\Users\Martina\Desktop\filmy.txt
2015-03-31 19:45 - 2013-02-08 13:38 - 00848736 _____ () C:\windows\system32\perfh005.dat
2015-03-31 19:45 - 2013-02-08 13:38 - 00185986 _____ () C:\windows\system32\perfc005.dat
2015-03-31 19:45 - 2012-07-26 09:28 - 00005426 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-31 19:44 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2015-03-30 19:36 - 2014-07-08 19:36 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-30 17:54 - 2013-08-13 22:28 - 01942567 _____ () C:\windows\WindowsUpdate.log
2015-03-30 16:36 - 2013-06-18 11:41 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1443460809-2058308057-2046692019-1001
2015-03-30 16:26 - 2013-09-23 23:06 - 00002474 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2015-03-30 16:22 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-30 16:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Martina\AppData\Local\Comodo
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2015-03-30 16:14 - 2014-07-01 11:06 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2015-03-30 16:14 - 2013-06-18 22:15 - 00000000 ____D () C:\Users\Martina\AppData\Local\Google
2015-03-30 16:13 - 2012-07-26 10:12 - 00000000 ___HD () C:\windows\system32\GroupPolicy
2015-03-30 16:13 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy
2015-03-30 14:22 - 2013-06-19 09:07 - 14801920 ___SH () C:\Users\Martina\Desktop\Thumbs.db
2015-03-17 23:08 - 2013-06-22 19:03 - 00006847 _____ () C:\Users\Martina\Desktop\Nový textový dokument.txt
2015-03-17 21:18 - 2013-08-10 17:04 - 00000000 ____D () C:\Users\Martina\Desktop\Složky
2015-03-17 14:04 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-03-14 18:29 - 2014-07-02 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-14 10:55 - 2015-02-04 20:52 - 00000934 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job
2015-03-12 23:28 - 2013-06-19 22:29 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2015-03-03 15:17 - 2013-06-26 22:38 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-03-02 23:23 - 2014-02-24 20:03 - 00000000 ____D () C:\Users\Martina\Downloads\Subs

==================== Files in the root of some directories =======

2013-10-03 23:20 - 2013-10-03 23:20 - 0003584 _____ () C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-18 12:15 - 2013-06-18 12:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-02-08 12:58 - 2013-02-08 12:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-30 15:45




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:3.96 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:0.09 GB) NTFS
Drive e: (My Data) (CDROM) (Total:4.28 GB) (Free:0 GB) UDF
Drive f: (Sims3EP04) (CDROM) (Total:4.95 GB) (Free:0 GB) UDF

Available physical RAM: 2769.32 MB
Total physical RAM: 3961.77 MB
Percentage of memory in use: 30%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: 487094B7)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Martina\Desktop" je 75332 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1442904 2015-02-11] (BitTorrent Inc.)
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Google Update] => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-04] (Google Inc.)
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [UycuBinqa] => regsvr32.exe "C:\ProgramData\UycuBinqa.dat"
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\Autorun.exe"
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {8341029c-197f-11e3-be96-2cd05a349e8e} - "I:\Setup.exe" 
  
  HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSE1
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
  Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
  
  FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]
  FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]
  
  S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
  S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
  S1 SABKUTIL; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.sys [X]
  S3 SABProcEnum; \??\C:\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys [X]
  
  C:\Program Files (x86)\SuperAdBlocker.com
  C:\ProgramData\UycuBinqa.dat
  2015-03-31 19:56 - 2015-03-31 19:56 - 00018286 _____ () C:\Users\Martina\Desktop\FRST.txt
  2015-03-30 16:21 - 2015-03-30 16:21 - 00000336 _____ () C:\windows\PFRO.log
  2015-03-30 16:16 - 2015-03-30 15:39 - 00024064 _____ () C:\windows\zoek-delete.exe
  2015-03-30 15:58 - 2015-03-30 16:25 - 00034773 _____ () C:\zoek-results.log
  2015-03-30 15:39 - 2015-03-30 16:14 - 00000000 ____D () C:\zoek_backup
  2015-03-30 15:38 - 2015-03-30 15:38 - 01305600 _____ () C:\Users\Martina\Desktop\zoek.exe
  2015-03-30 14:36 - 2015-03-30 14:41 - 00000000 ____D () C:\AdwCleaner
  2015-03-30 14:33 - 2015-03-30 14:33 - 02208768 _____ () C:\Users\Martina\Desktop\adwcleaner_4.200.exe
  2015-03-30 14:23 - 2015-03-30 14:23 - 00007379 _____ () C:\Users\Martina\Desktop\Addition.rar
  2015-03-30 14:15 - 2015-03-30 14:15 - 00112640 _____ (forum.viry.cz) C:\Users\Martina\Desktop\FRSTLauncher.exe
  2015-03-17 22:36 - 2015-03-17 22:36 - 00388608 _____ (Trend Micro Inc.) C:\Users\Martina\Desktop\hijackthis.exe
  
  Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
  Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
  
  AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Martina at 2015-04-04 13:18:38 Run:1
Running from C:\Users\Martina\Desktop
Loaded Profiles: Martina (Available profiles: Martina)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses
CreateRestorePoint

HKLM-x32...Run [UpdateP2GShortCut] = CProgram Files (x86)LenovoPower2GoMUITransferMUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM...PoliciesExplorer [NoControlPanel] 0
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [BitTorrent] = CUsersMartinaAppDataRoamingBitTorrentBitTorrent.exe [1442904 2015-02-11] (BitTorrent Inc.)
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [DAEMON Tools Lite] = CProgram Files (x86)DAEMON Tools LiteDTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [Google Update] = CUsersMartinaAppDataLocalGoogleUpdateGoogleUpdate.exe [107848 2015-02-04] (Google Inc.)
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [UycuBinqa] = regsvr32.exe CProgramDataUycuBinqa.dat
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...MountPoints2 {6a843982-84fe-11e3-bec9-2cd05a349e8e} - FAutorun.exe
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...MountPoints2 {8341029c-197f-11e3-be96-2cd05a349e8e} - ISetup.exe

HKUS-1-5-21-1443460809-2058308057-2046692019-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = httpwww.msn.compc=MSE1
SearchScopes HKU.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes HKUS-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes HKUS-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)
Handler-x32 skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2013-07-12] (Skype Technologies S.A.)

FF Extension Skype Click to Call - CProgram Files (x86)Mozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]
FF Extension Skype Click to Call - CProgram Files (x86)Mozilla Firefoxbrowserextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12]

S2 gupdate; CProgram Files (x86)GoogleUpdateGoogleUpdate.exe svc [X]
S3 gupdatem; CProgram Files (x86)GoogleUpdateGoogleUpdate.exe medsvc [X]
S1 SABKUTIL; CProgram Files (x86)SuperAdBlocker.comSuper Ad BlockerSABKUTIL.sys [X]
S3 SABProcEnum; CProgram Files (x86)SuperAdBlocker.comSuper Ad BlockerSABProcEnum.sys [X]

CProgram Files (x86)SuperAdBlocker.com
CProgramDataUycuBinqa.dat
2015-03-31 1956 - 2015-03-31 1956 - 00018286 _____ () CUsersMartinaDesktopFRST.txt
2015-03-30 1621 - 2015-03-30 1621 - 00000336 _____ () CwindowsPFRO.log
2015-03-30 1616 - 2015-03-30 1539 - 00024064 _____ () Cwindowszoek-delete.exe
2015-03-30 1558 - 2015-03-30 1625 - 00034773 _____ () Czoek-results.log
2015-03-30 1539 - 2015-03-30 1614 - 00000000 ____D () Czoek_backup
2015-03-30 1538 - 2015-03-30 1538 - 01305600 _____ () CUsersMartinaDesktopzoek.exe
2015-03-30 1436 - 2015-03-30 1441 - 00000000 ____D () CAdwCleaner
2015-03-30 1433 - 2015-03-30 1433 - 02208768 _____ () CUsersMartinaDesktopadwcleaner_4.200.exe
2015-03-30 1423 - 2015-03-30 1423 - 00007379 _____ () CUsersMartinaDesktopAddition.rar
2015-03-30 1415 - 2015-03-30 1415 - 00112640 _____ (forum.viry.cz) CUsersMartinaDesktopFRSTLauncher.exe
2015-03-17 2236 - 2015-03-17 2236 - 00388608 _____ (Trend Micro Inc.) CUsersMartinaDesktophijackthis.exe

Task CwindowsTasksAdobe Flash Player Updater.job = CwindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
Task CwindowsTasksGoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job = CUsersMartinaAppDataLocalGoogleUpdateGoogleUpdate.exe
Task CwindowsTasksGoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job = CUsersMartinaAppDataLocalGoogleUpdateGoogleUpdate.exe

AlternateDataStreams CProgramDataReprisewupeogjxldtlfudivq`qsp`26hfm

Hosts
EmptyTemp
Reboot
End
*****************

CloseProcesses => Error: No automatic fix found for this entry.
CreateRestorePoint => Error: No automatic fix found for this entry.
HKLM-x32...Run [UpdateP2GShortCut] = CProgram Files (x86)LenovoPower2GoMUITransferMUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.) => Error: No automatic fix found for this entry.
HKLM...PoliciesExplorer [NoControlPanel] 0 => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [BitTorrent] = CUsersMartinaAppDataRoamingBitTorrentBitTorrent.exe [1442904 2015-02-11] (BitTorrent Inc.) => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [DAEMON Tools Lite] = CProgram Files (x86)DAEMON Tools LiteDTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [Google Update] = CUsersMartinaAppDataLocalGoogleUpdateGoogleUpdate.exe [107848 2015-02-04] (Google Inc.) => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...Run [UycuBinqa] = regsvr32.exe CProgramDataUycuBinqa.dat => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...MountPoints2 {6a843982-84fe-11e3-bec9-2cd05a349e8e} - FAutorun.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001...MountPoints2 {8341029c-197f-11e3-be96-2cd05a349e8e} - ISetup.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-1443460809-2058308057-2046692019-1001SoftwareMicrosoftInternet ExplorerMain,Start Page = httpwww.msn.compc=MSE1 => Error: No automatic fix found for this entry.
SearchScopes HKU.DEFAULT - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
SearchScopes HKUS-1-5-19 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
SearchScopes HKUS-1-5-20 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = => Error: No automatic fix found for this entry.
Handler skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram Files (x86)SkypeToolbarsInternet Explorer x64skypeieplugin.dll [2013-07-12] (Skype Technologies S.A.) => Error: No automatic fix found for this entry.
Handler-x32 skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram Files (x86)SkypeToolbarsInternet Explorerskypeieplugin.dll [2013-07-12] (Skype Technologies S.A.) => Error: No automatic fix found for this entry.
FF Extension Skype Click to Call - CProgram Files (x86)Mozilla Firefoxextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12] => Error: No automatic fix found for this entry.
FF Extension Skype Click to Call - CProgram Files (x86)Mozilla Firefoxbrowserextensions{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-12] => Error: No automatic fix found for this entry.
gupdate => Service deleted successfully.
gupdatem => Service deleted successfully.
SABKUTIL => Service deleted successfully.
SABProcEnum => Service deleted successfully.
CProgram Files (x86)SuperAdBlocker.com => Error: No automatic fix found for this entry.
CProgramDataUycuBinqa.dat => Error: No automatic fix found for this entry.
"2015-03-31 1956 - 2015-03-31 1956 - 00018286 _____ () CUsersMartinaDesktopFRST.txt" => File/Directory not found.
"2015-03-30 1621 - 2015-03-30 1621 - 00000336 _____ () CwindowsPFRO.log" => File/Directory not found.
"2015-03-30 1616 - 2015-03-30 1539 - 00024064 _____ () Cwindowszoek-delete.exe" => File/Directory not found.
"2015-03-30 1558 - 2015-03-30 1625 - 00034773 _____ () Czoek-results.log" => File/Directory not found.
"2015-03-30 1539 - 2015-03-30 1614 - 00000000 ____D () Czoek_backup" => File/Directory not found.
"2015-03-30 1538 - 2015-03-30 1538 - 01305600 _____ () CUsersMartinaDesktopzoek.exe" => File/Directory not found.
"2015-03-30 1436 - 2015-03-30 1441 - 00000000 ____D () CAdwCleaner" => File/Directory not found.
"2015-03-30 1433 - 2015-03-30 1433 - 02208768 _____ () CUsersMartinaDesktopadwcleaner_4.200.exe" => File/Directory not found.
"2015-03-30 1423 - 2015-03-30 1423 - 00007379 _____ () CUsersMartinaDesktopAddition.rar" => File/Directory not found.
"2015-03-30 1415 - 2015-03-30 1415 - 00112640 _____ (forum.viry.cz) CUsersMartinaDesktopFRSTLauncher.exe" => File/Directory not found.
"2015-03-17 2236 - 2015-03-17 2236 - 00388608 _____ (Trend Micro Inc.) CUsersMartinaDesktophijackthis.exe" => File/Directory not found.
Task CwindowsTasksAdobe Flash Player Updater.job = CwindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe => Error: No automatic fix found for this entry.
Task CwindowsTasksGoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34.job = CUsersMartinaAppDataLocalGoogleUpdateGoogleUpdate.exe => Error: No automatic fix found for this entry.
Task CwindowsTasksGoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7.job = CUsersMartinaAppDataLocalGoogleUpdateGoogleUpdate.exe => Error: No automatic fix found for this entry.
AlternateDataStreams CProgramDataReprisewupeogjxldtlfudivq`qsp`26hfm => Error: No automatic fix found for this entry.
Hosts => Error: No automatic fix found for this entry.
EmptyTemp => Error: No automatic fix found for this entry.
Reboot => Error: No automatic fix found for this entry.

==== End of Fixlog 13:18:38 ====

Jak se chova PC??

Asi dobrý, mě to neblblo ani předtím, ale dělala jsem čistku kvůli tý bance. Takže by to mělo být už v pořádku?

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remote disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

tak děkuju mockrát! a mějte se hezky..