VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavlína at 2015-06-03 21:35:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 17 GB (22%) free of 77 GB
Total RAM: 766 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:30, on 3.6.2015
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\PROGRA~1\WEATHE~2\bar\2.bin\AppIntegrator.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe
C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Documents and Settings\Pavlína\Data aplikací\Microsoft\Networking\inet32upd.exe
C:\Program Files\SupTab\HpUI.exe
C:\Program Files\SupTab\Loader32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Pavlína\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Pavlína.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XX4MT1QD3Y
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp ... XX4MT1QD3Y
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/web/?typ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com/?type=hp ... XX4MT1QD3Y
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://istart.webssearches.com/web/?typ ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\2.bin\gcSrcAs.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Search Assistant BHO - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files\WeatherBlink\bar\2.bin\gcSrcAs.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O2 - BHO: Toolbar BHO - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbar.dll
O3 - Toolbar: WeatherBlink - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [WeatherBlink AppIntegrator 32-bit] C:\PROGRA~1\WEATHE~2\bar\2.bin\AppIntegrator.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WeatherBlink Search Scope Monitor] "C:\PROGRA~1\WEATHE~2\bar\2.bin\gcsrchmn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DoctorPC] C:\Program Files\Doctor PC\DoctorPC.exe true
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: conhost32.exe
O4 - Startup: conhost64.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: &Search - http://buttons.weatherblink.com/one-too ... 10406&cv=1
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IePlugin Services (IePluginServices) - Cherished Technololgy LIMITED - C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Update Rad Rater - Unknown owner - C:\Program Files\Rad Rater\updateRadRater.exe (file missing)
O23 - Service: WeatherBlinkService - Mindspark - C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbarsvc.exe

--
End of file - 8356 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\BFFOY.job - C:\Documents and Settings\Pavlna\Data aplikac\BFFOY.exe /infocmdline=k8zlvKUqD7x5PJWKGRDdjUTj/+hFoIl1B9l3I6khbTQqM/PKwrItYrHqxzgrjdfc08LfcUGRNXjp6T6jbE88uZ3DNB7BytYiisfZw5q5OouvUqvSpyUm/iyEW8b3EP5qBLIAJE5tVlFL9GzNa4V4FfN5+xdOipPt/gXISijz1cQ8Um192i8pm+WUi8icujOSjQI2HmK8erpctlZDLD0Uh8en73LlHlRUFxlMw6nU+a/b927GO/xyy4PryWcW2RP4yNjP0rabb1EIwU8Tk6id4xW/qwKR/sPuUdqav7aYwoapNU5o4lOOHGv862UuXKM197SHAAH7itWUKHkmZfwlk6JtSOfdDbOSqPG4v8QYi1CiOk7m5+majjetRaOowUdfXj/8xeDNkb7pBY+HkR6HcZxs96yUmz+GYcUr1JVMqJVgiYtH15AF27CdX5hy1A3gC6Wkd4VyGoTiu1/rps086MjC4CdGwQMa/d4oHZaiSs/2JS9dZKn04hal+Z63RsjL
C:\WINDOWS\tasks\BLIVMIF.job - C:\Documents and Settings\Pavlna\Data aplikac\BLIVMIF.exe /infocmdline=uIwUjlBLmlenfEqgce1ykGlrAW5uII954pcfiIjZEj3DhpwJQOAqYZIv180LwBQCU3GRRdNowpgqsypFcgmyu4VnX07rwZslXOZU0H8ior7m8R3EKnwQPhRU33H6olqdjoVCKIxzjlhH2RIFHge7Lqf+wGfzAkpy/nCWz77zDAR3fFlW/S4ZBxm7hj9CLzuWYQGE/Vca4sd3WA6nPFderqCm4WkARDElJu8QplaxaxYxiijpML0ZxQQhFsbIrW+sF8zxZ6ifhr6kS1ARD7DHg2gB23NNc+KnYPaX9MNRdfq1e731O4sBM3yQCA3PeLD6pCj8HTid3XTT2HyRs7iXRE/x/1aZ8/ccyRXr6EGnKX9GOYR46pWPdEOj47oKxphVPMOxBxjinbPFax/henNpeoHvnmIXAemUD5w6rOip9Gvu2xfWei5qHbo+e6xvcPcfedZWz+v24sgOt8ULLrf8qP38Vltfh7sLOXDnLAMInFzaeYX2zYAlQz+K9YUn8CLXqA5POcZgiGcz88A0D/owDv2EW28VYmjIYUpcNAfwwBd8A7nOqSIXtDw3Vqe0JeZHQr6Yp/Ves+OqMM8587Ryv2iCkwpevi6rrr9x9A4crcJfU6S+2xTNAyYBSdpWy9qW1vh9vSUNyhCrdLSjq0PfHww9PoW/hIZdMw4hjfXxM70=
C:\WINDOWS\tasks\BOAOQS.job - C:\Documents and Settings\Pavlna\Data aplikac\BOAOQS.exe /infocmdline=rJz1mXkqhv80RhnhI+djPl+t/NZxmaZUztFaGWI5f3IHPJcDs/74K5mibt4lL0du8Otpn8LOLBkIukg8S+Goyn2fy9rx4/hxwJ/11Gc/3ohBZsEVzTdSKKBIP0uOIn6FObKLnxMoLCz9/q+/mstjRT8BDqAcFLQdLd8cb1c84vUieaD8kKzEJlh87qiv0qnPpZY6D3TYP1SnexpkwsywNo2Dn0fJAgD1QyXxd28/SqGFxIjKpMc++GIYU3NeI+gZGl1oEtjNEwcO2bzVeDgfmPiIyyAUKxJbbdFaoUIjZUPrOs25R30LExZOTLqD3rqfTcwQgsmergArVKLh/ii0f1NTHH+pbJKYRmI0Z3IXE+PFkM7fBRepFuowuS6jvcR96L20KxyTs1tbGcEf9hmN52Jgtg+5KhWIzOFuYIA7wtYsg52NOPiIIZlAs6pL64yENO2y5A0sPXs6hVXE1Wy+yBVdhdkWcNSzACMkcQvscnKB9VXwLKzr1vGAyoeasb7e
C:\WINDOWS\tasks\BQHUM.job - C:\Documents and Settings\Pavlna\Data aplikac\BQHUM.exe /infocmdline=wU+9lX3YEpN+jlQPYAC+lATHhh/mp8HudSSRG0zvKrvSpxFzjdyxLP45gzvPG37gY/wwxYucbbuLfSbnhVEZw6ns4vRHWcOf9dxNCj74lpV801MXXEjYmtA4H3vZz25pxc7rMkvr711oY/M+6VuTnVCfLIJTVA2jlx2VXcn3nEMI+9dgI9+wLhgrXidvAYkBXWVR48d/7sL8l61V5gIPYd5hNwOwZroLOf+Brh9rbupqB8nae2Le19+rUeW3lM3Q/ovFNR2F0qIBeTDzYR1QU9u7T4JqNRcBWIXwTQgHjXrAmgJzvc/gG9NHuEbp3oRH80y4nt+y4V0t5j8R6eBy/RBGEAL84A7lADtPaY8zePqcc8IwXnH56sVMmDhv+gSgIGeXSJIOdD/nydKUQ7sewmbF1St6VeA11ZRg9lL+wwph9VPy63hoCsBCxiR5ouwu39fcK4rhK3Hmu93TFtC5cm1l1t8aXQS8UsmLsm/qNtY6aMuTj8wh2v7SAFMsjwi0
C:\WINDOWS\tasks\DoctorPC_Popup.job - C:\Program Files\Doctor PC\Splash.exe true
C:\WINDOWS\tasks\FKVHSDS.job - C:\Documents and Settings\Pavlna\Data aplikac\FKVHSDS.exe /infocmdline=JTjCyRPIEg5fz7Idk1TBs+mjMnu0NF7lV2ezVlDB8ag+rsVVsB7saGjFKynxzGi3bekrs4jV3XOUlK0XRzumswcjc3ZoSKjwbYJQjIO3PX/MdNfpoX39evATfqlJ0dlFMDic/5nDk1KIR6QSVYR8Gby77G6t3IH6OOoqMKoVN1lxw+RnTX9dXhtGiX5GZxvdy2MiPJnj7bMsa/viwPXqaXN3eq2qewsmhxng+XWbYsPYgJQphaUAHTi7lxXHUx5o1u1OP/ImgHi6lRY+Mo5DA7xiuIwMu9DpOlLo9ltXJf42ccKjrwRDPhSUSYw6oFJ+ULqphxaHMfHPHA+E3Pwj2aM5+qy9XDVatuKicAqej7J+sw3ELpL4d9hRLtCuKbeZ7a74VrKTss/5AACzt8Bi3QLo3q2zcvJUvArDZAVi+cj0AtkgWx7LM+o5vQk4sIhsT5xMDn+vTvccRqEBhZL6GsB8J94iR2W5jXZUZtnt9o97Yr7t8puZJ6kuPKA5V6VE
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\IPZCVMDS.job - C:\Documents and Settings\Pavlna\Data aplikac\IPZCVMDS.exe /infocmdline=iIVV5AqM51PFkjzeiY/ityPS15reZAKaRX4VjQiA2r+Vif0xE/tek3jfJPuMJYwkPwVUmeWJ6/UZyHiiLVzc9FKinciESqWsIAjYM2CjZ6FcC9ixuCoCFVD3hd1coXM5s1oyjRUDair/wqgxdEIRDQ73BnQiThZVwpEjcdHuJNI7j+aWoPtZJ2JURdvMThIJgryyPNJbyI3C917GjZ0am0p4gdykNxsJfiUT4XGEEulgI/ga8VDMqoAPvC4tmchoxtF8qqJvnv1YeHq222GgYdgATAA5Ly7XYi2evPBnuqRn9dMwPc2LNzLwGPf5UdT7nOdYKiEoJeqQhqm4odlqM65K6jqlSWHJchqLLDrk0cr/jMz1gFUoSbB/k7s3ju0RvbEotQiynC+73nK/oDLYfude9o58fybVxiJeezye1/ZqRA/bGM4kCp5ZySrk235C7FDRpHUWnCho7vOH2lJzZD8TmFMYjXWpjBRTm+OVRTGDvWKyrFJKwOQh3bRTX2ZusZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\WINDOWS\tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe
C:\WINDOWS\tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job - C:\WINDOWS\system32\xp_eos.exe -c
C:\WINDOWS\tasks\SDT.job - C:\Documents and Settings\Pavlna\Data aplikac\SDT.exe /infocmdline=cFarxy0zu1jgXAT1ge3JVkPuHnC/lepFjxWtoAu5PjVhy9cDLj2Q5pBkjdh7UK41qpCuqYvLadQEIhI40U1Qcee/lWt29EuTjaMugXduffN69oeMkYIojaGc/KybtpxrK5CQ4Kmi/E3mfuxDq2otESdjldMrk2l4/IyZ2uJ0SstVh2lIihcq35JlV73AhMHm+LkROn9j43aoBVaQtBK5Qptq0m5RVEi6m37sxYCr8axfm+u4T09P6VsPa8USG4cL4gnZsp4qy0hVK28rfhCFqvmu0McwNd/l60XzhaCAYouOGuqS7tP7UFNU4mR+FgVn7PFi5QbzSs+MclB2T3863U25eUdt7/vKWBQh3sU1qhJ2EQrfJD2SJ096RxW42kJVKxbX/W09EHDw/LXCaAljqd4VVncwfGbv6TBHrZvMWiXcmWx6HDKw1DEuGjvMUC3eZ3n+UbVMnUO4oHQmibZUeITtzVobF7i++JPX97j3o+GRh/hrr1VSTKwirPdbKFKv
C:\WINDOWS\tasks\YTVJIN.job - C:\Documents and Settings\Pavlna\Data aplikac\YTVJIN.exe /infocmdline=iG4oBdMdSoyfkqRdbbpUE6tmY/9w4IYb2lxgxq856qny9TqMwm0J9G5xanCJaWH6O9xVL6rgJhkn9Au8AXXqbJXfcTRLuU8TO/+OeO6rmyGAicOFe51G9C1EzsE8oVBPJ68v4O4HuTuHyu+HOC5o+dbNjBGb4nN1Z/OHjxW4hWfGMUMc4BM4FKnb4SZ1pDCs7DI/7kPkwa9qbxJvt+glQIy+dLeD46M8CRZcx/rS4tpD9sbXsrZFeCgw8Mz6MD4yb+Dcnk+qfBe71/pylqMn2E4g2fGQxVWYBb3yzgZD3x0MFhacquPX3yfG9iHOO/4pv2En9lkXEEd7mEFuu+wFoTGOwZY+XHpgd0G3PiufVcJuWWLuC0C8J4glXoMuVbQO0o0nrCXYZ1fMil1ryZ2sxBXg54Ox4Td/4eRzuTLve9hNoynnuyxdwCn4N8p97Db+OqujGzjz030pdppG6dfu6l4Ys1j0tDf6cABs3hMcPOfj4JwbkFn0JlCBwC5a+czY

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default

prefs.js - "Keyword.Enabled" - "true"
prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://home.tb.ask.com/index.jhtml?ptb= ... tAodOSEATQ"
prefs.js - "keyword.URL" - "http://search.tb.ask.com/search/GGmain. ... searchfor="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1214154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll


C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\extensions\
89ffxtbr@SafePCRepair_89.com
9pffxtbr@OnlineMapFinder_9p.com
staged
veggy@veggyAddon.com
{58e3c1c9-2dc1-4762-bd45-1df9da9d0820}
{6726b74d-ed76-7f21-e782-28d509370ade}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\searchplugins\
ask-search.xml
ask-web-search.xml
myplaycity.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files\SupTab\SupTab.dll [2014-12-03 515464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-17 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9b9dcae3-be34-424c-8d73-75e305a9e091}]
Search Assistant BHO - C:\Program Files\WeatherBlink\bar\2.bin\gcSrcAs.dll [2015-05-21 144968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-17 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc9051c2-8f55-479a-97a4-747980d9047f}]
Toolbar BHO - C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbar.dll [2015-05-21 1037896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f20de5e0-2a6e-4c54-985f-1cf59551ce39} - WeatherBlink - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll [2015-05-21 1037896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2006-10-19 1183656]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2006-10-19 1958800]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2006-10-17 87584]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"WeatherBlink AppIntegrator 32-bit"=C:\PROGRA~1\WEATHE~2\bar\2.bin\AppIntegrator.exe [2015-05-21 225864]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]
"WeatherBlink Search Scope Monitor"=C:\PROGRA~1\WEATHE~2\bar\2.bin\gcsrchmn.exe /m=2 /w /h []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DoctorPC"=C:\Program Files\Doctor PC\DoctorPC.exe true []
"Steam"=C:\Program Files\Steam\steam.exe [2015-06-02 2892992]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění
conhost32.exe
conhost64.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-12-15 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Counter-Strike 1.6 Standalone\launcher.exe"="C:\Program Files\Counter-Strike 1.6 Standalone\launcher.exe:*:Enabled:Creted by Martin.cz"
"C:\UDK\Fps Terminator\Binaries\Win32\UDK.exe"="C:\UDK\Fps Terminator\Binaries\Win32\UDK.exe:*:Enabled:UDK"
"C:\WarThunder\launcher.exe"="C:\WarThunder\launcher.exe:*:Enabled:War Thunder launcher"
"C:\WarThunder\bpreport.exe"="C:\WarThunder\bpreport.exe:*:Enabled:War Thunder Crash Reporter"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\bin\steamwebhelper.exe"="C:\Program Files\Steam\bin\steamwebhelper.exe:*:Enabled:Steam Web Helper"
"D:\team fortess2\steamapps\common\Team Fortress 2\hl2.exe"="D:\team fortess2\steamapps\common\Team Fortress 2\hl2.exe:*:Enabled:Team Fortress 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll

======List of files/folders created in the last 1 month======

2015-06-03 21:35:21 ----D---- C:\Program Files\trend micro
2015-06-03 21:35:20 ----D---- C:\rsit
2015-06-03 20:36:58 ----A---- C:\Boot.bak
2015-06-03 20:36:52 ----RASHD---- C:\cmdcons
2015-06-03 20:34:30 ----A---- C:\WINDOWS\zip.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\SWSC.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\SWREG.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\sed.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\PEV.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\NIRCMD.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\MBR.exe
2015-06-03 20:34:30 ----A---- C:\WINDOWS\grep.exe
2015-06-03 20:34:24 ----SD---- C:\ComboFix
2015-06-03 20:34:12 ----D---- C:\Qoobox
2015-06-03 20:33:54 ----D---- C:\WINDOWS\erdnt
2015-05-23 14:17:52 ----HD---- C:\WINDOWS\PIF
2015-05-17 10:33:37 ----D---- C:\Documents and Settings\Pavlína\Data aplikací\.minecraft
2015-05-17 10:32:19 ----D---- C:\Program Files\Common Files\Java
2015-05-17 10:27:34 ----D---- C:\Program Files\Java
2015-05-17 09:30:51 ----D---- C:\Program Files\McAfee Security Scan
2015-05-16 21:18:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2015-05-10 13:53:41 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-10 13:52:48 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of files/folders modified in the last 1 month======

2015-06-03 21:35:21 ----RD---- C:\Program Files
2015-06-03 21:34:26 ----D---- C:\Program Files\Steam
2015-06-03 21:33:32 ----D---- C:\WINDOWS\Temp
2015-06-03 21:33:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2015-06-03 21:22:44 ----D---- C:\WINDOWS\system32\CatRoot2
2015-06-03 20:36:58 ----RASH---- C:\boot.ini
2015-06-03 20:34:30 ----D---- C:\WINDOWS
2015-06-03 20:34:25 ----D---- C:\WINDOWS\Prefetch
2015-06-03 20:34:13 ----D---- C:\WINDOWS\system32\drivers
2015-06-03 20:28:32 ----D---- C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz
2015-05-24 11:32:27 ----D---- C:\Program Files\The KMPlayer
2015-05-22 18:01:34 ----SD---- C:\Documents and Settings\Pavlína\Data aplikací\Microsoft
2015-05-17 10:32:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Oracle
2015-05-17 10:32:23 ----SHD---- C:\WINDOWS\Installer
2015-05-17 10:32:19 ----D---- C:\Program Files\Common Files
2015-05-17 10:31:56 ----D---- C:\WINDOWS\system32
2015-05-17 10:30:26 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-05-16 21:18:39 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-15 20:36:15 ----SD---- C:\WINDOWS\Tasks
2015-05-13 21:25:39 ----D---- C:\WINDOWS\system32\MRT
2015-05-13 21:19:48 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-10 13:54:49 ----D---- C:\WINDOWS\system32\DirectX
2015-05-10 13:54:48 ----HD---- C:\WINDOWS\inf
2015-05-10 13:54:26 ----RSD---- C:\WINDOWS\assembly
2015-05-10 13:52:46 ----D---- C:\WINDOWS\WinSxS
2015-05-10 09:18:26 ----HD---- C:\Program Files\InstallShield Installation Information
2015-05-10 09:18:18 ----D---- C:\Program Files\Activision

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\System32\DRIVERS\snapman.sys [2014-08-13 114048]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\System32\DRIVERS\timntr.sys [2014-08-13 395744]
R1 {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gt;{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gt; C:\WINDOWS\system32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gt.sys [2014-12-03 55824]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [2014-08-13 39264]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-09-21 2278784]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2005-12-15 1463296]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2008-07-25 176640]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 cpuz134;cpuz134; \??\C:\DOCUME~1\PAVLNA~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-10-17 230944]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2005-12-15 405504]
R2 IePluginServices;IePlugin Services; C:\Documents and Settings\All Users\Data aplikací\IePluginServices\PluginService.exe [2014-12-03 715656]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-12-14 520192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S2 Update Rad Rater;Update Rad Rater; C:\Program Files\Rad Rater\updateRadRater.exe []
S2 WeatherBlinkService;WeatherBlinkService; C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbarsvc.exe [2015-05-21 90696]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-16 268464]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-20 116648]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-11 114800]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravim

Co se tyce ComboFixu, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)

Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Log z CF byste tedy aspon nasel??

ok priznavam, zkusil jsem to

log se pokusim najit (jsem u jineho PC)

Diky

Mel by byt c:\combofix.txt

Zkouset to muzete na mladou naivni divku, ne na stary a vykony ComboFix

pekne receno => s CF uz to vickrat neudelam

Log asi nenajdete, tak tam spustte pro zacatek AdwCleaner - navod dale

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

ok, tady to je

# AdwCleaner v4.206 - Logfile created 04/06/2015 at 20:39:45
# Updated 01/06/2015 by Xplode
# Database : 2015-06-01.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Pavlína - PAVLINA
# Running from : C:\Documents and Settings\Pavlína\Plocha\adwcleaner_4.206.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : IePluginServices
[#] Service Deleted : {6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gt
[#] Service Deleted : WeatherBlinkService

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\apn
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IePluginServices
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\WindowsMangerProtect
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Program Files\doctorpclab.com
Folder Deleted : C:\Program Files\WeatherBlink
Folder Deleted : C:\DOCUME~1\PAVLNA~1\LOCALS~1\Temp\apn
Folder Deleted : C:\DOCUME~1\PAVLNA~1\LOCALS~1\Temp\PCSpeedUp
Folder Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\globalUpdate
Folder Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\iac
Folder Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Internet Speed Checker
Folder Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Doctor_PC
Folder Deleted : C:\Documents and Settings\Pavlína\Data aplikací\Systweak
Folder Deleted : C:\Documents and Settings\Pavlína\Data aplikací\WebExtend
Folder Deleted : C:\Documents and Settings\Pavlína\Data aplikací\webssearches
Folder Deleted : C:\Documents and Settings\Pavlína\Data aplikací\WeatherBlink
Folder Deleted : C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Folder Deleted : C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\veggy@veggyAddon.com
[!] Folder Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
[!] Folder Deleted : C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
File Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage
File Deleted : C:\WINDOWS\Reimage.ini
File Deleted : C:\WINDOWS\system32\roboot.exe
File Deleted : C:\WINDOWS\system32\drivers\{6ae56b3b-b4e1-47bb-8719-04f47e9feb4d}Gt.sys
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BFFOY
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BFFOY.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BLIVMIF
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BLIVMIF.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BOAOQS
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BOAOQS.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BQHUM
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\BQHUM.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\FKVHSDS
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\FKVHSDS.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\IPZCVMDS
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\IPZCVMDS.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\YTVJIN
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\YTVJIN.exe
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\searchplugins\ask-search.xml
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\searchplugins\ask-web-search.xml
File Deleted : C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\searchplugins\myplaycity.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml
File Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
File Deleted : C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : DoctorPC_Popup
Task Deleted : BFFOY
Task Deleted : BLIVMIF
Task Deleted : BOAOQS
Task Deleted : BQHUM
Task Deleted : FKVHSDS
Task Deleted : IPZCVMDS
Task Deleted : YTVJIN

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Internet Explorer.lnk
Shortcut Disinfected : C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk
Shortcut Disinfected : C:\Documents and Settings\Pavlína\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Documents and Settings\Pavlína\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\WeatherBlink.ToolbarProtector.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WeatherBlink AppIntegrator 32-bit]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WeatherBlink Search Scope Monitor]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B9DCAE3-BE34-424C-8D73-75E305A9E091}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B9DCAE3-BE34-424C-8D73-75E305A9E091}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B9DCAE3-BE34-424C-8D73-75E305A9E091}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9B9DCAE3-BE34-424C-8D73-75E305A9E091}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9AD09901-06DD-4DDD-A62D-6D2243B771AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SupHpUISoft
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\Squeaky
Key Deleted : HKCU\Software\WeatherBlink
Key Deleted : HKCU\Software\AppDataLow\Software\Mindspark
Key Deleted : HKLM\SOFTWARE\Crossrider
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\supWPM
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
Key Deleted : HKLM\SOFTWARE\Reimage
Key Deleted : HKLM\SOFTWARE\SiteSee
Key Deleted : HKLM\SOFTWARE\AdGazelle
Key Deleted : HKLM\SOFTWARE\WeatherBlink
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherBlinkbar Uninstall Internet Explorer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{266DBE1C-B640-46ee-9A6D-86F0A1E483B9}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean-Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\webssearches uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WeatherBlinkbar Uninstall Internet Explorer

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]

-\\ Mozilla Firefox v34.0.5 (x86 cs)

[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("browser.newtab.url", "hxxp://istart.webssearches.com/newtab/?type=nt&ts=1417628382&from=scl&uid=ST3160828AS_4MT1QD3YXXXX4MT1QD3Y");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=FEF25BC2-BED6-4DC5-80F4-9E389ED465D3&n=780c9b4f&p2=^BA5^xdm007^YYA^cz&si=CLH0j9378cACFSuWtAodOSEATQ");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14a1157ce3d3fa52b37bf58745287dc5");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.BUTTON_STRUCTURE", "[{\"b\":222193632,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":222193633,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.browser.version.last", "34.0");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.firstKnownVersion", "6.72.4.55178");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=C98045F6-B8D9-4EAF-B3D7-9585C3411344&n=780c7375&p2=^AW7^xdm055^S10503^cz&si=YO_SAF_INTL_CZE_45");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.enabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.hp.guardType", "HPR");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.initialized", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installKeysSource", "LocalStorage");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installType", "XPI");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.contextKey", "");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.installDate", "2014081909");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerId", "^AW7^xdm055^S10503^cz");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.partnerSubId", "YO_SAF_INTL_CZE_45");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.pixelUrl", "hxxp://safepcrepair.dl.tb.ask.com/install_pixels.jhtml?partner=^AW7^xdm055^S10503^cz&coId=c95bf38f915449b5890a4dfb19303c49"[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.success", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.installation.toolbarId", "C98045F6-B8D9-4EAF-B3D7-9585C3411344");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.isCompliantUninstallImplementation", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.lastActivePing", "1431850751049");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.lastKnownVersion", "6.83.5.46922");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.defaultSearch", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.homePageEnabled", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.keywordEnabled", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.options.tabEnabled", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.partnerPixelFired", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.successUrl", "hxxp://download.safepcrepair.com/installComplete.jhtml");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.toolbar.versionChanged", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.toolbarCollapsed", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._89Members_.weather.location", "10001");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.BUTTON_STRUCTURE", "[{\"b\":221354507,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221354508,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.prev", "hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN1 ... _ptnrs=BBH&[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.savedPrev", "true");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=FEF25BC2-BED6-4DC5-80F4-9E389ED465D3&n=780c9b4f&p2=^BA5^xdm007^YYA^cz&si=CLH0j[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.startup.page.prev", 1);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.startup.page.savedPrev", 1);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.startup.page.tb", 1);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.browser.version.last", "34.0");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.firstKnownVersion", "6.76.5.33339");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=FEF25BC2-BED6-4DC5-80F4-9E389ED465D3&n=780c9b4f&p2=^BA5^xdm007^YYA^cz&si=CLH0j9378cACFSuWtAodOSEA[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.hp.enabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.hp.guardType", "HPR");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.hp.user.defined", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.initialized", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installKeysSource", "LocalStorage");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installType", "XPI");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.contextKey", "");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.installDate", "2014092111");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.partnerId", "^BA5^xdm007^YYA^cz");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.partnerSubId", "CLH0j9378cACFSuWtAodOSEATQ");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.pixelUrl", "hxxp://onlinemapfinder.dl.tb.ask.com/install_pixels.jhtml?partner=^BA5^xdm007^YYA^cz&coId=d3d1cdd5af9a40a681ec8eefd1532200"[...]
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.success", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.installation.toolbarId", "FEF25BC2-BED6-4DC5-80F4-9E389ED465D3");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.isCompliantUninstallImplementation", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.lastActivePing", "1431850751037");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.lastKnownVersion", "6.85.5.65033");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.options.defaultSearch", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.options.homePageEnabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.options.keywordEnabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.options.tabEnabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.partnerPixelFired", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.successUrl", "hxxp://free.onlinemapfinder.com/installComplete.jhtml");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.toolbar.versionChanged", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.toolbarCollapsed", false);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._9pMembers_.weather.location", "10001");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "safepcrepair@mindspark.com");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "onlinemapfinder@mindspark.com");
[a7i56ps3.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=FEF25BC2-BED6-4DC5-80F4-9E389ED465D3&n=780c9b4f&ind=2014092111&p2=^BA5^xdm007^YYA^cz&si=CLH0j9378cACFSuWtAodOSEATQ&sea[...]

-\\ Google Chrome v43.0.2357.81

[C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.amazon.com/websearch/ref=bit_bds-p1 ... earchTerms}
[C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] :
[C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : 3898C17A48D859CEF2A32965144F9A815D5A7C65B0118F017C9D8E498F160A9C","urls_to_restore_on_startup":"E5F10560896A6F244BA2F10E99B555BF4454EBA7A19CD9E415D3015CC2A49D95"},"software_reporter":{"prompt_reason":"3AFF815BD7E63F3558360512E42DF7BEE9750D913C51EFD3933859E210C579B6","prompt_seed":"17BA1820989F3BB15FF4C2E1725EC11C9D759F5B6BAFBF2AC13618FA27EF3FFE","prompt_version":"407A5B71D4F6A47A02C1E29D55B571AA0FB0FBE152304E25571FB00D35334FE3"},"sync":{"remaining_rollback_tries":"BEF3C6B58DA243851B1B4CADD18748414FF6060B1E4E8313474B0FC74E53B826"}},"super_mac":"7F64659713EA78A5B6079465AB6FBC874ECE5D98E41BE67C070BE3AE87C0B091"},"session":{"startup_urls":["hxxp://istart.webssearches.com/?type=hp&ts=1417628382&from=scl&uid=ST3160828AS_4MT1QD3YXXXX4MT1QD3Y
[C:\Documents and Settings\Radek\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : fjbbjfdilbioabojmcplalojlmdngbjl

*************************

AdwCleaner[R0].txt - [30147 bytes] - [04/06/2015 19:49:31]
AdwCleaner[S0].txt - [25482 bytes] - [04/06/2015 20:39:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25542 bytes] ##########

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

snad je to ono


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Pavlína on pá 05.06.2015 at 21:57:23,75.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Pavlína\Dokumenty\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5.6.2015 22:00:39 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\Amazon deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Unity deleted successfully
C:\Documents and Settings\LocalService\Data aplikací\QuickScan deleted successfully
C:\Documents and Settings\NetworkService\Data aplikací\Xfire deleted successfully
C:\Documents and Settings\Pavlína\Data aplikací\.minecraft deleted successfully
C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Adobe deleted successfully

Nedobehl cely, ale dobra

Aplikujte FRST dle tohoto http://forum.viry.cz/viewtopic.php?f=30&t=133101 - FRSTLauncher nestahujte, jen samotny FRST a ten spustte

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2015
Ran by Pavlína (administrator) on PAVLINA on 06-06-2015 08:21:41
Running from C:\Documents and Settings\Pavlína\Dokumenty\Downloads
Loaded Profiles: Pavlína (Available Profiles: Pavlína & Radek)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Čeština
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe
(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe
() C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe
() C:\Documents and Settings\Pavlína\Data aplikací\Microsoft\Networking\inet32upd.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [1183656 2006-10-19] (Acronis)
HKLM\...\Run: [AcronisTimounterMonitor] => C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [1958800 2006-10-19] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [87584 2006-10-17] (Acronis)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll [2005-12-15] (ATI Technologies Inc.)
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [DoctorPC] => C:\Program Files\Doctor PC\DoctorPC.exe true
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk [2015-05-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe [2015-05-17] ()
Startup: C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe [2015-05-17] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKU\S-1-5-21-1085031214-920026266-839522115-1004 - (No Name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\2.bin\gcSrcAs.dll No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {6C6550DF-7FFB-463F-9F9B-6190840E9C00} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {6EA26610-A99E-4C6C-9703-E463D3DBA3D0} URL = http://www.novinky.cz/hledej?w={searchT ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {7B47D104-5639-4D93-8E82-96545F92EB0B} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {7C7F3282-CEE7-495D-8F9E-9C5C03A167B0} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {816B7EF3-946D-4779-895F-F73E18D45D9B} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {A51C122E-CAC6-44B6-8480-B0C8A1878626} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {D0E988B0-3F11-4278-98D8-26C9F085338B} URL = http://encyklopedie.seznam.cz/search?q= ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {E8B32CD8-A51D-4DF7-BDC4-64D819FD027D} URL = http://search.seznam.cz/?q={searchTerms ... arch_14875
SearchScopes: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> {F32FCDF0-7F26-4249-A756-950753E1ACB3} URL = http://www.mapy.cz/?query={searchTerms} ... arch_14875
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-17] (Oracle Corporation)
BHO: Toolbar BHO -> {dc9051c2-8f55-479a-97a4-747980d9047f} -> C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbar.dll No File
Toolbar: HKLM - WeatherBlink - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll No File
Toolbar: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2014-02-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> WeatherBlink - {F20DE5E0-2A6E-4C54-985F-1CF59551CE39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll No File
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/wind ... 8372786812
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.33.5 192.168.33.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-1085031214-920026266-839522115-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-16] (Unity Technologies ApS)
FF Extension: SafePCRepair - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\89ffxtbr@SafePCRepair_89.com [2014-12-14]
FF Extension: OnlineMapFinder - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\9pffxtbr@OnlineMapFinder_9p.com [2015-03-11]
FF Extension: Xpert-Web - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\{58e3c1c9-2dc1-4762-bd45-1df9da9d0820} [2014-11-13]
FF Extension: Majestic Sitez - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\{6726b74d-ed76-7f21-e782-28d509370ade} [2015-05-17]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-12-03]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-10-20]
FF HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

Chrome:
=======
CHR Profile: C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-03]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-22]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [230944 2006-10-17] (Acronis)
R2 Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [405504 2005-12-15] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [520192 2005-12-14] () [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 Update Rad Rater; "C:\Program Files\Rad Rater\updateRadRater.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [2278784 2004-09-21] (Realtek Semiconductor Corp.)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [1463296 2005-12-15] (ATI Technologies Inc.) [File not signed]
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [39264 2014-08-13] (Acronis)
S3 cpuz134; \??\C:\DOCUME~1\PAVLNA~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 08:21 - 2015-06-06 08:21 - 00000000 ____D C:\FRST
2015-06-05 22:00 - 2015-06-05 22:02 - 00001742 _____ C:\zoek-results.log
2015-06-05 21:57 - 2015-06-05 22:04 - 00002277 _____ C:\runcheck.txt
2015-06-05 21:56 - 2015-06-05 21:56 - 01308672 _____ C:\Documents and Settings\Pavlína\Plocha\zoek.exe
2015-06-05 21:56 - 2015-06-05 21:56 - 00000000 ____D C:\zoek_backup
2015-06-04 19:49 - 2015-06-04 20:40 - 00000000 ____D C:\AdwCleaner
2015-06-03 21:35 - 2015-06-03 21:35 - 00000000 ____D C:\rsit
2015-06-03 21:35 - 2015-06-03 21:35 - 00000000 ____D C:\Program Files\trend micro
2015-06-03 20:36 - 2015-06-03 20:36 - 00000000 _RSHD C:\cmdcons
2015-06-03 20:36 - 2014-11-20 18:15 - 00000223 _____ C:\Boot.bak
2015-06-03 20:36 - 2004-08-03 23:00 - 00261312 __RSH C:\cmldr
2015-06-03 20:34 - 2015-06-03 20:37 - 00000000 ___SD C:\ComboFix
2015-06-03 20:34 - 2015-06-03 20:34 - 00000000 ___RD C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Nástroje pro správu
2015-06-03 20:34 - 2015-06-03 20:34 - 00000000 ____D C:\Qoobox
2015-06-03 20:34 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-06-03 20:34 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-06-03 20:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-06-03 20:33 - 2015-06-03 20:33 - 00000000 ____D C:\WINDOWS\erdnt
2015-06-03 20:32 - 2015-06-03 20:33 - 00003768 _____ C:\Documents and Settings\Pavlína\Plocha\Rkill.txt
2015-05-23 14:17 - 2015-05-23 14:17 - 00000000 ___HD C:\WINDOWS\PIF
2015-05-17 10:32 - 2015-05-17 10:32 - 00000000 ____D C:\Program Files\Common Files\Java
2015-05-17 10:31 - 2015-05-17 10:31 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Java
2015-05-17 10:31 - 2015-05-17 10:30 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-05-17 10:27 - 2015-05-17 10:27 - 00000000 ____D C:\Program Files\Java
2015-05-17 09:30 - 2015-05-17 09:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-05-17 09:30 - 2015-05-17 09:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\McAfee Security Scan Plus
2015-05-16 21:18 - 2015-05-17 09:30 - 00001773 _____ C:\Documents and Settings\All Users\Plocha\McAfee Security Scan Plus.lnk
2015-05-16 21:18 - 2015-05-17 09:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2015-05-10 13:57 - 2015-05-10 13:57 - 00000000 ____D C:\Documents and Settings\Pavlína\Dokumenty\4A Games
2015-05-10 13:56 - 2015-05-10 13:56 - 00000000 ____D C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\4A Games
2015-05-10 13:53 - 2015-05-10 13:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-10 13:52 - 2015-05-10 13:52 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 08:21 - 2014-08-11 22:57 - 00000000 ____D C:\Documents and Settings\Pavlína\Local Settings\Temp
2015-06-06 08:20 - 2014-08-18 16:39 - 01631695 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-06 08:18 - 2015-04-25 09:53 - 00000000 ____D C:\Program Files\Steam
2015-06-06 08:18 - 2014-12-03 19:51 - 00001366 _____ C:\WINDOWS\Tasks\SDT.job
2015-06-06 08:18 - 2014-10-13 19:09 - 00000226 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-06-06 08:18 - 2014-09-20 13:26 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-06 08:18 - 2014-08-11 22:57 - 00000000 ____D C:\Documents and Settings\Pavlína\Plocha
2015-06-06 08:18 - 2014-08-11 22:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-05 22:04 - 2014-08-11 22:57 - 00000178 ___SH C:\Documents and Settings\Pavlína\ntuser.ini
2015-06-05 22:04 - 2014-08-11 22:56 - 00032478 _____ C:\WINDOWS\SchedLgU.Txt
2015-06-05 22:02 - 2014-08-11 23:48 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2015-06-05 22:02 - 2014-08-11 22:57 - 00000000 __RHD C:\Documents and Settings\Pavlína\Data aplikací
2015-06-05 22:02 - 2014-08-11 22:57 - 00000000 ___HD C:\Documents and Settings\Pavlína\Local Settings\Data aplikací
2015-06-05 22:02 - 2014-08-11 22:56 - 00000000 ____D C:\Documents and Settings\NetworkService\Data aplikací
2015-06-05 22:02 - 2014-08-11 22:56 - 00000000 ____D C:\Documents and Settings\LocalService\Data aplikací
2015-06-05 21:59 - 2014-11-12 16:08 - 00000000 ____D C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz
2015-06-05 21:54 - 2003-04-16 14:00 - 00012984 _____ C:\WINDOWS\system32\wpa.dbl
2015-06-04 20:41 - 2014-09-20 13:26 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-04 20:40 - 2014-09-20 13:27 - 00000917 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2015-06-04 20:40 - 2014-09-20 13:27 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Google Chrome
2015-06-04 20:40 - 2014-08-19 20:22 - 00000730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2015-06-04 20:40 - 2014-08-19 20:22 - 00000724 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2015-06-04 20:40 - 2014-08-11 23:49 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2015-06-04 20:40 - 2014-08-11 23:49 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy
2015-06-04 20:40 - 2014-08-11 22:57 - 00000749 _____ C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Internet Explorer.lnk
2015-06-04 20:40 - 2014-08-11 22:57 - 00000000 ____D C:\Documents and Settings\Pavlína\Nabídka Start\Programy
2015-06-04 20:14 - 2014-08-19 20:31 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-03 20:36 - 2014-08-11 23:47 - 00000339 __RSH C:\boot.ini
2015-06-03 20:23 - 2014-08-11 23:48 - 00797475 _____ C:\WINDOWS\setupapi.log
2015-05-24 11:32 - 2014-08-19 20:40 - 00000000 ____D C:\Program Files\The KMPlayer
2015-05-23 14:13 - 2014-08-24 17:23 - 00134783 _____ C:\WINDOWS\DirectX.log
2015-05-22 21:32 - 2014-08-11 22:57 - 00000000 ___RD C:\Documents and Settings\Pavlína\Dokumenty\Obrázky
2015-05-17 10:36 - 2014-08-12 15:06 - 00000000 ____D C:\Documents and Settings\Pavlína\Dokumenty\Stažené soubory
2015-05-17 10:32 - 2014-12-03 19:36 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Oracle
2015-05-17 10:30 - 2014-12-03 19:49 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-05-17 10:08 - 2014-08-11 22:57 - 00000000 ___RD C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění
2015-05-17 09:30 - 2014-08-11 23:49 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
2015-05-16 21:18 - 2014-08-19 20:31 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-05-16 21:18 - 2014-08-19 20:31 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-05-13 21:25 - 2014-10-18 18:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-13 21:19 - 2014-10-12 23:00 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-10 13:57 - 2014-08-11 22:57 - 00000000 ___RD C:\Documents and Settings\Pavlína\Dokumenty
2015-05-10 13:54 - 2014-08-11 22:08 - 00000000 ____D C:\WINDOWS\system32\DirectX
2015-05-10 09:18 - 2014-09-20 19:42 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Activision
2015-05-10 09:18 - 2014-09-20 19:41 - 00000000 ____D C:\Program Files\Activision
2015-05-10 09:18 - 2014-08-11 23:39 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-05-10 09:13 - 2014-08-11 23:48 - 00187131 _____ C:\WINDOWS\setupact.log
2015-05-08 15:00 - 2014-10-13 19:09 - 00000220 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job

==================== Files in the root of some directories =======

2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Documents and Settings\Pavlína\Data aplikací\SDT
2014-12-03 19:51 - 2014-12-03 19:51 - 1363424 _____ (end) C:\Documents and Settings\Pavlína\Data aplikací\SDT.exe
2014-09-20 20:21 - 2014-09-20 20:23 - 0000327 _____ () C:\Documents and Settings\Pavlína\Data aplikací\Taxi4.MCS
2014-08-12 20:23 - 2015-02-04 17:02 - 0017408 _____ () C:\Documents and Settings\Pavlína\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Documents and Settings\Pavlína\Local Settings\Temp\318838.exe.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\392640.exe.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\409852.exe.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\425189.exe.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\7za.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\APNSetup.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\Pavlína\Local Settings\Temp\BackupSetup.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\comver.dll
C:\Documents and Settings\Pavlína\Local Settings\Temp\DaS_21.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\Pavlína\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\flv.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\hijackthis.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.0.126.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.0.127.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.0.128.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.1.129.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.1.130.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.1.131.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.1.134.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\KMP_3.9.1.135.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\ms.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\NirCmd.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\pcspeedup.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\PEVZ.EXE
C:\Documents and Settings\Pavlína\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\ReimageExpressPackage.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\ReimageExpressSetup.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\ReimagePackage.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\remove.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\Runner2.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\Runner4.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\sed.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\shortcut.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\SimBundD.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Pavlína\Local Settings\Temp\swreg.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\swxcacls.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\vcredist_x86.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\wget.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\zoek-delete.exe
C:\Documents and Settings\Pavlína\Local Settings\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

Odinstalujte McAfee Security Scan a Seznam.cz - instaluji se jako nezadouci doplnek

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
  HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
  HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
  HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [DoctorPC] => C:\Program Files\Doctor PC\DoctorPC.exe true
  HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation)
  Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk [2015-05-16]
  ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
  Startup: C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe [2015-05-17] ()
  Startup: C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe [2015-05-17] ()
  
  HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  URLSearchHook: HKU\S-1-5-21-1085031214-920026266-839522115-1004 - (No Name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\2.bin\gcSrcAs.dll No File
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
  BHO: Toolbar BHO -> {dc9051c2-8f55-479a-97a4-747980d9047f} -> C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbar.dll No File
  Toolbar: HKLM - WeatherBlink - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll No File
  Toolbar: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2014-02-25] (Společnost Microsoft)
  Toolbar: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> WeatherBlink - {F20DE5E0-2A6E-4C54-985F-1CF59551CE39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll No File
  
  FF DefaultSearchEngine: webssearches
  FF SelectedSearchEngine: webssearches
  FF Extension: SafePCRepair - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\89ffxtbr@SafePCRepair_89.com [2014-12-14]
  FF Extension: Majestic Sitez - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\{6726b74d-ed76-7f21-e782-28d509370ade} [2015-05-17]
  FF HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
  FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
  FF Extension: No Name - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
  
  S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
  S2 Update Rad Rater; "C:\Program Files\Rad Rater\updateRadRater.exe" [X]
  S3 cpuz134; \??\C:\DOCUME~1\PAVLNA~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
  S4 IntelIde; No ImagePath
  U3 TlntSvr; No ImagePath
  
  C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe
  C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe
  C:\Program Files\McAfee Security Scan
  C:\Program Files\Rad Rater
  C:\Program Files\WeatherBlink
  C:\Program Files\Doctor PC
  2015-06-05 22:00 - 2015-06-05 22:02 - 00001742 _____ C:\zoek-results.log
  2015-06-05 21:57 - 2015-06-05 22:04 - 00002277 _____ C:\runcheck.txt
  2015-06-05 21:56 - 2015-06-05 21:56 - 01308672 _____ C:\Documents and Settings\Pavlína\Plocha\zoek.exe
  2015-06-05 21:56 - 2015-06-05 21:56 - 00000000 ____D C:\zoek_backup
  2015-06-04 19:49 - 2015-06-04 20:40 - 00000000 ____D C:\AdwCleaner
  2015-06-03 21:35 - 2015-06-03 21:35 - 00000000 ____D C:\rsit
  2015-06-03 21:35 - 2015-06-03 21:35 - 00000000 ____D C:\Program Files\trend micro
  2015-06-03 20:34 - 2015-06-03 20:37 - 00000000 ___SD C:\ComboFix
  2015-06-03 20:34 - 2015-06-03 20:34 - 00000000 ____D C:\Qoobox
  2015-06-03 20:34 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
  2015-06-03 20:34 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
  2015-06-03 20:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
  2015-06-03 20:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
  2015-06-03 20:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
  2015-06-03 20:34 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
  2015-06-03 20:34 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
  2015-06-03 20:34 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
  2015-06-03 20:34 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
  2015-06-03 20:33 - 2015-06-03 20:33 - 00000000 ____D C:\WINDOWS\erdnt
  2015-06-03 20:32 - 2015-06-03 20:33 - 00003768 _____ C:\Documents and Settings\Pavlína\Plocha\Rkill.txt
  2015-05-17 09:30 - 2015-05-17 09:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
  2015-05-17 09:30 - 2015-05-17 09:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\McAfee Security Scan Plus
  2015-05-16 21:18 - 2015-05-17 09:30 - 00001773 _____ C:\Documents and Settings\All Users\Plocha\McAfee Security Scan Plus.lnk
  2015-05-16 21:18 - 2015-05-17 09:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
  
  2015-06-04 20:41 - 2014-09-20 13:26 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  2015-06-06 08:18 - 2014-12-03 19:51 - 00001366 _____ C:\WINDOWS\Tasks\SDT.job
  2015-06-06 08:18 - 2014-10-13 19:09 - 00000226 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
  2015-06-06 08:18 - 2014-09-20 13:26 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  2015-06-04 20:14 - 2014-08-19 20:31 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
  2015-05-08 15:00 - 2014-10-13 19:09 - 00000220 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x86) Version: 03-06-2015
Ran by Pavlína at 2015-06-06 23:23:27 Run:3
Running from C:\Documents and Settings\Pavlína\Dokumenty\Downloads
Loaded Profiles: Pavlína (Available Profiles: Pavlína & Radek)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [cz.seznam.software.autoupdate] => C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [cz.seznam.software.szndesktop] => C:\Documents and Settings\Pavlína\Data aplikací\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [DoctorPC] => C:\Program Files\Doctor PC\DoctorPC.exe true
HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation)
Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk [2015-05-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe [2015-05-17] ()
Startup: C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe [2015-05-17] ()

HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKU\S-1-5-21-1085031214-920026266-839522115-1004 - (No Name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\2.bin\gcSrcAs.dll No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO: Toolbar BHO -> {dc9051c2-8f55-479a-97a4-747980d9047f} -> C:\PROGRA~1\WEATHE~2\bar\2.bin\gcbar.dll No File
Toolbar: HKLM - WeatherBlink - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll No File
Toolbar: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll [2014-02-25] (Společnost Microsoft)
Toolbar: HKU\S-1-5-21-1085031214-920026266-839522115-1004 -> WeatherBlink - {F20DE5E0-2A6E-4C54-985F-1CF59551CE39} - C:\Program Files\WeatherBlink\bar\2.bin\gcbar.dll No File

FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Extension: SafePCRepair - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\89ffxtbr@SafePCRepair_89.com [2014-12-14]
FF Extension: Majestic Sitez - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\{6726b74d-ed76-7f21-e782-28d509370ade} [2015-05-17]
FF HKU\S-1-5-21-1085031214-920026266-839522115-1004\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF Extension: No Name - C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
S2 Update Rad Rater; "C:\Program Files\Rad Rater\updateRadRater.exe" [X]
S3 cpuz134; \??\C:\DOCUME~1\PAVLNA~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S4 IntelIde; No ImagePath
U3 TlntSvr; No ImagePath

C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe
C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe
C:\Program Files\McAfee Security Scan
C:\Program Files\Rad Rater
C:\Program Files\WeatherBlink
C:\Program Files\Doctor PC
2015-06-05 22:00 - 2015-06-05 22:02 - 00001742 _____ C:\zoek-results.log
2015-06-05 21:57 - 2015-06-05 22:04 - 00002277 _____ C:\runcheck.txt
2015-06-05 21:56 - 2015-06-05 21:56 - 01308672 _____ C:\Documents and Settings\Pavlína\Plocha\zoek.exe
2015-06-05 21:56 - 2015-06-05 21:56 - 00000000 ____D C:\zoek_backup
2015-06-04 19:49 - 2015-06-04 20:40 - 00000000 ____D C:\AdwCleaner
2015-06-03 21:35 - 2015-06-03 21:35 - 00000000 ____D C:\rsit
2015-06-03 21:35 - 2015-06-03 21:35 - 00000000 ____D C:\Program Files\trend micro
2015-06-03 20:34 - 2015-06-03 20:37 - 00000000 ___SD C:\ComboFix
2015-06-03 20:34 - 2015-06-03 20:34 - 00000000 ____D C:\Qoobox
2015-06-03 20:34 - 2011-06-26 08:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2015-06-03 20:34 - 2010-11-07 19:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2015-06-03 20:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00098816 _____ C:\WINDOWS\sed.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00080412 _____ C:\WINDOWS\grep.exe
2015-06-03 20:34 - 2000-08-31 02:00 - 00068096 _____ C:\WINDOWS\zip.exe
2015-06-03 20:33 - 2015-06-03 20:33 - 00000000 ____D C:\WINDOWS\erdnt
2015-06-03 20:32 - 2015-06-03 20:33 - 00003768 _____ C:\Documents and Settings\Pavlína\Plocha\Rkill.txt
2015-05-17 09:30 - 2015-05-17 09:30 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-05-17 09:30 - 2015-05-17 09:30 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\McAfee Security Scan Plus
2015-05-16 21:18 - 2015-05-17 09:30 - 00001773 _____ C:\Documents and Settings\All Users\Plocha\McAfee Security Scan Plus.lnk
2015-05-16 21:18 - 2015-05-17 09:30 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan

2015-06-04 20:41 - 2014-09-20 13:26 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-06 08:18 - 2014-12-03 19:51 - 00001366 _____ C:\WINDOWS\Tasks\SDT.job
2015-06-06 08:18 - 2014-10-13 19:09 - 00000226 _____ C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
2015-06-06 08:18 - 2014-09-20 13:26 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-04 20:14 - 2014-08-19 20:31 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-08 15:00 - 2014-10-13 19:09 - 00000220 _____ C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => value not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DoctorPC => value not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value not found.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk not found.
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe not found.
C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe not found.
C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\\{8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} => value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => key not found.
HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc9051c2-8f55-479a-97a4-747980d9047f} => key not found.
HKCR\CLSID\{dc9051c2-8f55-479a-97a4-747980d9047f} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{f20de5e0-2a6e-4c54-985f-1cf59551ce39} => value not found.
HKCR\CLSID\{f20de5e0-2a6e-4c54-985f-1cf59551ce39} => key not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{01E04581-4EEE-11D0-BFE9-00AA005B4383} => value not found.
HKCR\CLSID\{01E04581-4EEE-11D0-BFE9-00AA005B4383} => key not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F20DE5E0-2A6E-4C54-985F-1CF59551CE39} => value not found.
HKCR\CLSID\{F20DE5E0-2A6E-4C54-985F-1CF59551CE39} => key not found.
Firefox DefaultSearchEngine removed successfully.
Firefox SelectedSearchEngine removed successfully.
C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\89ffxtbr@SafePCRepair_89.com => not found.
C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\Extensions\{6726b74d-ed76-7f21-e782-28d509370ade} => not found.
HKU\S-1-5-21-1085031214-920026266-839522115-1004\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value not found.
C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => not found.
C:\Documents and Settings\Pavlína\Data aplikací\Mozilla\Firefox\Profiles\a7i56ps3.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => not found.
McComponentHostService => Service not found.
Update Rad Rater => Service not found.
cpuz134 => Service not found.
IntelIde => Service not found.
TlntSvr => Service not found.
"C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost64.exe" => File/Folder not found.
"C:\Documents and Settings\Pavlína\Nabídka Start\Programy\Po spuštění\conhost32.exe" => File/Folder not found.
"C:\Program Files\McAfee Security Scan" => File/Folder not found.
"C:\Program Files\Rad Rater" => File/Folder not found.
"C:\Program Files\WeatherBlink" => File/Folder not found.
"C:\Program Files\Doctor PC" => File/Folder not found.
"C:\zoek-results.log" => File/Folder not found.
"C:\runcheck.txt" => File/Folder not found.
"C:\Documents and Settings\Pavlína\Plocha\zoek.exe" => File/Folder not found.
"C:\zoek_backup" => File/Folder not found.
"C:\AdwCleaner" => File/Folder not found.
"C:\rsit" => File/Folder not found.
"C:\Program Files\trend micro" => File/Folder not found.
"C:\ComboFix" => File/Folder not found.
"C:\Qoobox" => File/Folder not found.
"C:\WINDOWS\PEV.exe" => File/Folder not found.
"C:\WINDOWS\MBR.exe" => File/Folder not found.
"C:\WINDOWS\NIRCMD.exe" => File/Folder not found.
"C:\WINDOWS\SWREG.exe" => File/Folder not found.
"C:\WINDOWS\SWSC.exe" => File/Folder not found.
"C:\WINDOWS\SWXCACLS.exe" => File/Folder not found.
"C:\WINDOWS\sed.exe" => File/Folder not found.
"C:\WINDOWS\grep.exe" => File/Folder not found.
"C:\WINDOWS\zip.exe" => File/Folder not found.
"C:\WINDOWS\erdnt" => File/Folder not found.
"C:\Documents and Settings\Pavlína\Plocha\Rkill.txt" => File/Folder not found.
"C:\Program Files\McAfee Security Scan" => File/Folder not found.
"C:\Documents and Settings\All Users\Nabídka Start\Programy\McAfee Security Scan Plus" => File/Folder not found.
"C:\Documents and Settings\All Users\Plocha\McAfee Security Scan Plus.lnk" => File/Folder not found.
"C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan" => File/Folder not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => File/Folder not found.
"C:\WINDOWS\Tasks\SDT.job" => File/Folder not found.
"C:\WINDOWS\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job" => File/Folder not found.
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => File/Folder not found.
"C:\WINDOWS\Tasks\Adobe Flash Player Updater.job" => File/Folder not found.
"C:\WINDOWS\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 6 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 23:24:55 ====

Jak se chova PC??

problem je pryc myslim, ze to jde jako delo. diky