Ahoj můžete mi mrknout na log. Mozila mi dělá neplechu. Díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Sima a Nika (administrator) on SIMAANIKA-PC (31-07-2016 13:16:35)
Running from C:\Users\Sima a Nika\Desktop
Loaded Profiles: Sima a Nika (Available Profiles: Sima a Nika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(Winziper Pvt Ltd.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-08-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-24] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-27] (Apple Computer, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify Web Helper] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [HKCU] => C:\Windows\system32\win32\task manager
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-10] (Electronic Arts)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [912920 2016-03-11] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Viber] => "C:\Users\Sima a Nika\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C37B3631-7467-4BE4-A647-53B16BB4F7F4}: [DhcpNameServer] 178.22.112.22 178.22.118.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> 0A3FC045D4DF465317F35C396DFBBB14 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {464EE582-7BD1-4D57-B243-CA0EEE27398A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {572DF0E2-25D9-4927-847B-336D610538F7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {6637F2DC-D6F1-4EDC-98EC-9AB6C320D376} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {8A6A28B6-26D0-4073-8052-66B09D6D47BA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {A5F45262-79B5-4278-A5D7-5B97E429DA5D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {D428D2F7-B945-4FE8-BCAD-F97932648599} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {F3B9CF11-C16F-43DB-A5C7-D131E967699D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {FE077360-64A3-401A-B0F4-A70C17E19D89} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-12] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-12] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c
FF DefaultSearchEngine: nice
FF SearchEngineOrder.1: nice
FF SelectedSearchEngine: nice
FF Homepage: hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2795660459-1446932787-3981253488-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sima a Nika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js [2016-06-29]
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js [2016-06-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2016-01-27] (Apple Computer, Inc.)
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\yahoososo.xml [2016-04-26]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-03-16]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\zbozi.cz-171846.xml [2015-11-20]
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-18]
FF Extension: xRocket Toolbar - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\arthurj8283@gmail.com [2016-06-29] [not signed]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF Extension: GsearchFinder - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-15]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\extensions\arthurj8283@gmail.com
Chrome:
=======
CHR Profile: C:\Users\Sima a Nika\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-08-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-08-12] (Avast Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1592888 2016-03-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [713216 2016-03-24] (Qksee Pvt Ltd.)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-10-20] (PS Media s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [421080 2016-07-12] ()
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [1140792 2016-05-27] (Winziper Pvt Ltd.) <==== ATTENTION
S2 yahoochromebase; C:\ProgramData\desktopfind\desktop264.exe [236728 2016-04-26] (DeskTopService)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-08-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-08-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-08-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-08-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-08-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-08-12] ()
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-03-11] (BlueStack Systems)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-21] (Symantec Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [55056 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-12] (Avast Software)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-31 13:16 - 2016-07-31 13:16 - 00030025 _____ C:\Users\Sima a Nika\Desktop\FRST.txt
2016-07-31 13:16 - 2016-07-31 13:16 - 00000000 ____D C:\FRST
2016-07-31 13:15 - 2016-07-31 13:15 - 02394112 _____ (Farbar) C:\Users\Sima a Nika\Desktop\FRST64.exe
2016-07-24 17:10 - 2016-07-25 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-24 15:01 - 2016-07-24 14:47 - 63474515 _____ C:\Users\Sima a Nika\Documents\CAM01220.mp4
2016-07-24 14:48 - 2016-07-24 14:47 - 63474515 ____N C:\Users\Sima a Nika\Desktop\CAM01220.mp4
2016-07-15 10:38 - 2016-07-15 10:38 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-07-14 17:27 - 2016-07-15 14:36 - 00000000 ____D C:\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\Documents\My Games
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-13 18:35 - 2016-07-15 10:39 - 00000000 ____D C:\ProgramData\6winp6
2016-07-13 18:35 - 2016-07-13 18:35 - 00003452 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\WinSaber
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\1rq4lmua
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-31 13:13 - 2015-11-09 17:50 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\Spotify
2016-07-31 13:13 - 2015-11-09 17:49 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Spotify
2016-07-31 13:12 - 2016-02-06 20:52 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Skype
2016-07-31 12:59 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-31 12:59 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-31 12:55 - 2015-10-20 15:47 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz
2016-07-31 12:55 - 2015-08-12 20:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-31 12:51 - 2015-10-19 14:03 - 00000000 ____D C:\ProgramData\Origin
2016-07-31 12:49 - 2016-03-24 13:58 - 00000000 ____D C:\Program Files (x86)\qksee
2016-07-31 12:49 - 2016-01-27 19:07 - 00054156 ____H C:\Windows\QTFont.qfn
2016-07-31 12:49 - 2015-08-14 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-31 12:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-30 21:36 - 2016-05-03 16:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-30 19:55 - 2016-03-24 14:01 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-07-30 19:55 - 2015-08-12 20:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-25 13:09 - 2011-04-12 10:34 - 00672394 _____ C:\Windows\system32\perfh005.dat
2016-07-25 13:09 - 2011-04-12 10:34 - 00142580 _____ C:\Windows\system32\perfc005.dat
2016-07-25 13:09 - 2009-07-14 07:13 - 01594292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 13:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 15:38 - 2016-05-03 16:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:38 - 2015-09-17 17:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:38 - 2015-09-17 17:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:38 - 2015-09-17 17:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 15:38 - 2015-09-17 17:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-14 11:31 - 2016-06-16 13:07 - 00000000 ____D C:\Program Files (x86)\TData
2016-07-13 18:35 - 2016-03-16 12:56 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-07-13 15:00 - 2015-08-12 22:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:00 - 2015-08-12 22:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
Some files in TEMP:
====================
C:\Users\Sima a Nika\AppData\Local\Temp\bitool.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dyndata_7320011.dll
C:\Users\Sima a Nika\AppData\Local\Temp\dt_A3C2.tmp.exe
C:\Users\Sima a Nika\AppData\Local\Temp\EAD9F2B.exe
C:\Users\Sima a Nika\AppData\Local\Temp\Firefox Setup 39.0.exe
C:\Users\Sima a Nika\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe
C:\Users\Sima a Nika\AppData\Local\Temp\ReIcon_x64.exe
C:\Users\Sima a Nika\AppData\Local\Temp\sqlite3.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ssins.exe
C:\Users\Sima a Nika\AppData\Local\Temp\tmpCB78.exe
C:\Users\Sima a Nika\AppData\Local\Temp\unins000.exe
C:\Users\Sima a Nika\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Sima a Nika\AppData\Local\Temp\_is94C1.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-14 20:51
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
V prohlížeči nejde přenastavit domovská stránka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
V prohlížeči nejde přenastavit domovská stránka
- Přílohy
-
- Addition.rar
- (13.13 KiB) Staženo 79 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: V prohlížeči nejde přenastavit domovská stránka
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: V prohlížeči nejde přenastavit domovská stránka
# AdwCleaner v5.032 - Logfile created 05/02/2016 at 18:13:42
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Sima a Nika - SIMAANIKA-PC
# Running from : C:\Users\Sima a Nika\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Earth Networks
[-] Folder Deleted : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [901 bytes] ##########
# AdwCleaner v5.201 - Log vytvořen 31/07/2016 v 13:35:23
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-31.2 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Sima a Nika - SIMAANIKA-PC
# Spuštěno z : C:\Users\Sima a Nika\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[!] Služba Ne Smazáno : iSafeKrnl
[!] Služba Ne Smazáno : iSafeKrnlBoot
[!] Služba Ne Smazáno : iSafeKrnlKit
[-] Služba Smazáno : iSafeKrnlMon
[!] Služba Ne Smazáno : iSafeKrnlR3
[!] Služba Ne Smazáno : iSafeNetFilter
[!] Služba Ne Smazáno : iSafeService
[-] Služba Smazáno : winzipersvc
[-] Služba Smazáno : ggbugreport
[-] Služba Smazáno : Winsere
[-] Služba Smazáno : qkseeService
[-] Služba Smazáno : yahoochromebase
[-] Služba Smazáno : winsaber
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\desktopfind
[-] Složka Smazáno : C:\ProgramData\ChelfNotify
[-] Složka Smazáno : C:\ProgramData\6winp6
[-] Složka Smazáno : C:\ProgramData\9winp9
[-] Složka Smazáno : C:\ProgramData\EwinpE
[-] Složka Smazáno : C:\ProgramData\XwinpX
[#] Složka Smazáno : C:\ProgramData\Application Data\desktopfind
[#] Složka Smazáno : C:\ProgramData\Application Data\ChelfNotify
[#] Složka Smazáno : C:\ProgramData\Application Data\6winp6
[#] Složka Smazáno : C:\ProgramData\Application Data\9winp9
[#] Složka Smazáno : C:\ProgramData\Application Data\EwinpE
[#] Složka Smazáno : C:\ProgramData\Application Data\XwinpX
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[#] Složka Smazáno : C:\Program Files (x86)\Elex-tech
[-] Složka Smazáno : C:\Program Files (x86)\SFK
[-] Složka Smazáno : C:\Program Files (x86)\WinZipper
[-] Složka Smazáno : C:\Program Files (x86)\SearchesToYesbnd
[-] Složka Smazáno : C:\Program Files (x86)\TData
[-] Složka Smazáno : C:\Program Files (x86)\Winsere
[-] Složka Smazáno : C:\Program Files (x86)\WinTaske
[-] Složka Smazáno : C:\Program Files (x86)\qksee
[-] Složka Smazáno : C:\Program Files (x86)\QQBrowser
[-] Složka Smazáno : C:\Program Files (x86)\TXQQBrowser
[-] Složka Smazáno : C:\Program Files (x86)\WinSaber
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\eCyber
[#] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Elex-tech
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\TSv
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\qksee
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\WinZiper
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\extensions\arthurj8283@gmail.com
[-] Složka Smazáno : C:\Users\Public\Documents\dmp
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[#] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[#] Soubor Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor Smazáno : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\iSafeNetFilter.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
[-] Zástupce Vyléčeno : C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : WinTaske
[-] Úloha Smazáno : Browser Updater Task(Core)
[-] Úloha Smazáno : ChelfNotify Task
***** [ Registry ] *****
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.bmp
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.gif
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.ico
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.jpeg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.jpg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.png
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.tif
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Klíč Smazáno : HKCU\Software\Earth Networks
[-] Klíč Smazáno : HKLM\SOFTWARE\Elex-tech
[-] Klíč Smazáno : HKLM\SOFTWARE\hdcode
[-] Klíč Smazáno : HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč Smazáno : HKLM\SOFTWARE\qkseeSvc
[-] Klíč Smazáno : HKLM\SOFTWARE\qksee
[-] Klíč Smazáno : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč Smazáno : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč Smazáno : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherBug®
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\Elex-tech
[-] Klíč Smazáno : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\attirerpage.com
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
***** [ Prohlížeče ] *****
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpC34mBHUlBU. ... =ffsengext");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffs ... v=20160315");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [20239 bytů] - [05/02/2016 19:13:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [22114 bytů] - [05/02/2016 19:12:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [20387 bytů] ##########
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Sima a Nika - SIMAANIKA-PC
# Running from : C:\Users\Sima a Nika\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Earth Networks
[-] Folder Deleted : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [901 bytes] ##########
# AdwCleaner v5.201 - Log vytvořen 31/07/2016 v 13:35:23
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-31.2 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Sima a Nika - SIMAANIKA-PC
# Spuštěno z : C:\Users\Sima a Nika\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[!] Služba Ne Smazáno : iSafeKrnl
[!] Služba Ne Smazáno : iSafeKrnlBoot
[!] Služba Ne Smazáno : iSafeKrnlKit
[-] Služba Smazáno : iSafeKrnlMon
[!] Služba Ne Smazáno : iSafeKrnlR3
[!] Služba Ne Smazáno : iSafeNetFilter
[!] Služba Ne Smazáno : iSafeService
[-] Služba Smazáno : winzipersvc
[-] Služba Smazáno : ggbugreport
[-] Služba Smazáno : Winsere
[-] Služba Smazáno : qkseeService
[-] Služba Smazáno : yahoochromebase
[-] Služba Smazáno : winsaber
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\desktopfind
[-] Složka Smazáno : C:\ProgramData\ChelfNotify
[-] Složka Smazáno : C:\ProgramData\6winp6
[-] Složka Smazáno : C:\ProgramData\9winp9
[-] Složka Smazáno : C:\ProgramData\EwinpE
[-] Složka Smazáno : C:\ProgramData\XwinpX
[#] Složka Smazáno : C:\ProgramData\Application Data\desktopfind
[#] Složka Smazáno : C:\ProgramData\Application Data\ChelfNotify
[#] Složka Smazáno : C:\ProgramData\Application Data\6winp6
[#] Složka Smazáno : C:\ProgramData\Application Data\9winp9
[#] Složka Smazáno : C:\ProgramData\Application Data\EwinpE
[#] Složka Smazáno : C:\ProgramData\Application Data\XwinpX
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[#] Složka Smazáno : C:\Program Files (x86)\Elex-tech
[-] Složka Smazáno : C:\Program Files (x86)\SFK
[-] Složka Smazáno : C:\Program Files (x86)\WinZipper
[-] Složka Smazáno : C:\Program Files (x86)\SearchesToYesbnd
[-] Složka Smazáno : C:\Program Files (x86)\TData
[-] Složka Smazáno : C:\Program Files (x86)\Winsere
[-] Složka Smazáno : C:\Program Files (x86)\WinTaske
[-] Složka Smazáno : C:\Program Files (x86)\qksee
[-] Složka Smazáno : C:\Program Files (x86)\QQBrowser
[-] Složka Smazáno : C:\Program Files (x86)\TXQQBrowser
[-] Složka Smazáno : C:\Program Files (x86)\WinSaber
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\eCyber
[#] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Elex-tech
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\TSv
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\qksee
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\WinZiper
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\extensions\arthurj8283@gmail.com
[-] Složka Smazáno : C:\Users\Public\Documents\dmp
[-] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[#] Složka Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[#] Soubor Smazáno : C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor Smazáno : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\iSafeNetFilter.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
[-] Zástupce Vyléčeno : C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : WinTaske
[-] Úloha Smazáno : Browser Updater Task(Core)
[-] Úloha Smazáno : ChelfNotify Task
***** [ Registry ] *****
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Klíč Smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Hodnota Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.bmp
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.gif
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.ico
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.jpeg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.jpg
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.png
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\qkseeViewer.tif
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Klíč Smazáno : HKCU\Software\Earth Networks
[-] Klíč Smazáno : HKLM\SOFTWARE\Elex-tech
[-] Klíč Smazáno : HKLM\SOFTWARE\hdcode
[-] Klíč Smazáno : HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč Smazáno : HKLM\SOFTWARE\qkseeSvc
[-] Klíč Smazáno : HKLM\SOFTWARE\qksee
[-] Klíč Smazáno : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč Smazáno : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč Smazáno : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherBug®
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\Elex-tech
[-] Klíč Smazáno : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data Obnoveno : HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\attirerpage.com
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\tlscdn.com
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
***** [ Prohlížeče ] *****
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\prefs.js] Smazáno : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.newtab.url", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpC34mBHUlBU. ... =ffsengext");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffs ... v=20160315");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\prefs.js] Smazáno : user_pref("browser.startup.homepage", "hxxp://www.nicesearches.com?type=hp&ts=1462794 ... 1t5z9cbm1c");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.alias", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.nicesearches.com/favicon.ico?t=1");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.name", "nice");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.ref", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.ts", "1467200107");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.type", "");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.uid", "wdcxwd10ezex-08m2na0_wd-wcc3f411059310593");
[-] [C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\user.js] Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.nicesearches.com/search.php?type=ds ... 72gbzbqbm9[...]
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [20239 bytů] - [05/02/2016 19:13:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [22114 bytů] - [05/02/2016 19:12:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [20387 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: V prohlížeči nejde přenastavit domovská stránka
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: V prohlížeči nejde přenastavit domovská stránka
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Sima a Nika (administrator) on SIMAANIKA-PC (02-08-2016 10:21:22)
Running from C:\Users\Sima a Nika\Desktop
Loaded Profiles: Sima a Nika (Available Profiles: Sima a Nika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-08-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-24] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-27] (Apple Computer, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify Web Helper] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [HKCU] => C:\Windows\system32\win32\task manager
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-10] (Electronic Arts)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [912920 2016-03-11] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Viber] => "C:\Users\Sima a Nika\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C37B3631-7467-4BE4-A647-53B16BB4F7F4}: [DhcpNameServer] 178.22.112.22 178.22.118.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> 0A3FC045D4DF465317F35C396DFBBB14 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {464EE582-7BD1-4D57-B243-CA0EEE27398A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {572DF0E2-25D9-4927-847B-336D610538F7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {6637F2DC-D6F1-4EDC-98EC-9AB6C320D376} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {8A6A28B6-26D0-4073-8052-66B09D6D47BA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {A5F45262-79B5-4278-A5D7-5B97E429DA5D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {D428D2F7-B945-4FE8-BCAD-F97932648599} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {F3B9CF11-C16F-43DB-A5C7-D131E967699D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {FE077360-64A3-401A-B0F4-A70C17E19D89} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-12] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-12] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2795660459-1446932787-3981253488-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sima a Nika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js [2016-06-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2016-01-27] (Apple Computer, Inc.)
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\yahoososo.xml [2016-04-26]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-18]
Chrome:
=======
CHR Profile: C:\Users\Sima a Nika\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-08-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-08-12] (Avast Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-10-20] (PS Media s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-08-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-08-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-08-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-08-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-08-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-08-12] ()
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-03-11] (BlueStack Systems)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-21] (Symantec Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-12] (Avast Software)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-31 14:19 - 2016-07-31 14:19 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-31 14:19 - 2016-07-31 14:19 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-31 14:19 - 2016-07-31 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-31 14:17 - 2016-07-31 14:17 - 00242320 _____ C:\Users\Sima a Nika\Desktop\Firefox Setup Stub 47.0.1.exe
2016-07-31 13:46 - 2016-07-31 13:46 - 00020502 _____ C:\Users\Sima a Nika\Desktop\AdwCleaner[C1].txt
2016-07-31 13:42 - 2016-07-31 13:42 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Elex-tech
2016-07-31 13:42 - 2016-05-19 08:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-07-31 13:33 - 2016-07-31 13:33 - 03712064 _____ C:\Users\Sima a Nika\Desktop\adwcleaner_5.201.exe
2016-07-31 13:20 - 2016-07-31 13:20 - 00013443 _____ C:\Users\Sima a Nika\Desktop\Addition.rar
2016-07-31 13:16 - 2016-08-02 10:21 - 00025153 _____ C:\Users\Sima a Nika\Desktop\FRST.txt
2016-07-31 13:16 - 2016-08-02 10:21 - 00000000 ____D C:\FRST
2016-07-31 13:16 - 2016-07-31 13:17 - 00054316 _____ C:\Users\Sima a Nika\Desktop\Addition.txt
2016-07-31 13:15 - 2016-07-31 13:15 - 02394112 _____ (Farbar) C:\Users\Sima a Nika\Desktop\FRST64.exe
2016-07-24 17:10 - 2016-07-31 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-24 15:01 - 2016-07-24 14:47 - 63474515 _____ C:\Users\Sima a Nika\Documents\CAM01220.mp4
2016-07-24 14:48 - 2016-07-24 14:47 - 63474515 ____N C:\Users\Sima a Nika\Desktop\CAM01220.mp4
2016-07-15 10:38 - 2016-07-15 10:38 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-07-14 17:27 - 2016-07-15 14:36 - 00000000 ____D C:\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\Documents\My Games
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\1rq4lmua
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-02 10:21 - 2015-11-09 17:50 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\Spotify
2016-08-02 10:08 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-02 10:08 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-02 10:05 - 2015-11-09 17:49 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Spotify
2016-08-02 10:05 - 2015-10-20 15:47 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz
2016-08-02 10:01 - 2015-10-19 14:03 - 00000000 ____D C:\ProgramData\Origin
2016-08-02 10:00 - 2016-01-27 19:07 - 00054156 ____H C:\Windows\QTFont.qfn
2016-08-02 10:00 - 2015-08-14 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-02 10:00 - 2015-08-12 20:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-02 09:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-01 21:36 - 2016-05-03 16:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-01 20:16 - 2016-06-16 15:01 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\CrashDumps
2016-08-01 11:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-01 11:05 - 2015-08-20 16:56 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\ElevatedDiagnostics
2016-07-31 14:05 - 2016-02-06 20:52 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Skype
2016-07-31 13:37 - 2016-05-05 13:38 - 00000000 ____D C:\Windows\system32\log
2016-07-31 13:34 - 2016-02-05 19:12 - 00000000 ____D C:\AdwCleaner
2016-07-25 13:09 - 2011-04-12 10:34 - 00672394 _____ C:\Windows\system32\perfh005.dat
2016-07-25 13:09 - 2011-04-12 10:34 - 00142580 _____ C:\Windows\system32\perfc005.dat
2016-07-25 13:09 - 2009-07-14 07:13 - 01594292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 13:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 15:38 - 2016-05-03 16:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:38 - 2015-09-17 17:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:38 - 2015-09-17 17:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:38 - 2015-09-17 17:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 15:38 - 2015-09-17 17:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 15:00 - 2015-08-12 22:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:00 - 2015-08-12 22:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
Some files in TEMP:
====================
C:\Users\Sima a Nika\AppData\Local\Temp\bitool.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dyndata_7320011.dll
C:\Users\Sima a Nika\AppData\Local\Temp\dt_A3C2.tmp.exe
C:\Users\Sima a Nika\AppData\Local\Temp\EAD9F2B.exe
C:\Users\Sima a Nika\AppData\Local\Temp\Firefox Setup 39.0.exe
C:\Users\Sima a Nika\AppData\Local\Temp\libeay32.dll
C:\Users\Sima a Nika\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe
C:\Users\Sima a Nika\AppData\Local\Temp\msvcr120.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ReIcon_x64.exe
C:\Users\Sima a Nika\AppData\Local\Temp\sqlite3.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ssins.exe
C:\Users\Sima a Nika\AppData\Local\Temp\tmpCB78.exe
C:\Users\Sima a Nika\AppData\Local\Temp\unins000.exe
C:\Users\Sima a Nika\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Sima a Nika\AppData\Local\Temp\_is94C1.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-14 20:51
==================== End of FRST.txt ============================
Ran by Sima a Nika (administrator) on SIMAANIKA-PC (02-08-2016 10:21:22)
Running from C:\Users\Sima a Nika\Desktop
Loaded Profiles: Sima a Nika (Available Profiles: Sima a Nika)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-08-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-24] (Intel Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2016-01-27] (Apple Computer, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify Web Helper] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Spotify] => C:\Users\Sima a Nika\AppData\Roaming\Spotify\Spotify.exe [6913648 2016-07-14] (Spotify Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [HKCU] => C:\Windows\system32\win32\task manager
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-06-10] (Electronic Arts)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [912920 2016-03-11] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\Run: [Viber] => "C:\Users\Sima a Nika\AppData\Local\Viber\Viber.exe" StartMinimized
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
HKU\S-1-5-18\...\Policies\system: [DisableLockWorkstation] 0
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX64.dll No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-12] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Sima a Nika\AppData\Local\MEGAsync\ShellExtX32.dll No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 178.22.112.22 178.22.118.10
Tcpip\..\Interfaces\{C37B3631-7467-4BE4-A647-53B16BB4F7F4}: [DhcpNameServer] 178.22.112.22 178.22.118.10
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts=1467027 ... 1059310593
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> 0A3FC045D4DF465317F35C396DFBBB14 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type=ds&ts= ... earchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {464EE582-7BD1-4D57-B243-CA0EEE27398A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {572DF0E2-25D9-4927-847B-336D610538F7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {6637F2DC-D6F1-4EDC-98EC-9AB6C320D376} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {8A6A28B6-26D0-4073-8052-66B09D6D47BA} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {A5F45262-79B5-4278-A5D7-5B97E429DA5D} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {D428D2F7-B945-4FE8-BCAD-F97932648599} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {F3B9CF11-C16F-43DB-A5C7-D131E967699D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12902
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {FE077360-64A3-401A-B0F4-A70C17E19D89} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-12] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-12] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-14] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2795660459-1446932787-3981253488-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sima a Nika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\user.js [2016-06-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-05-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2016-01-27] (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2016-01-27] (Apple Computer, Inc.)
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\firmy.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\nice.xml [2016-06-29]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\videa.seznam.cz-171846.xml [2015-11-20]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\yahoososo.xml [2016-04-26]
FF Extension: Adblock Plus - C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-18]
Chrome:
=======
CHR Profile: C:\Users\Sima a Nika\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-08-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-08-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-08-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-08-12] (Avast Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-03-11] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [880152 2016-03-11] (BlueStack Systems, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 iSafeService; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [118048 2016-05-23] (Elex do Brasil Participações Ltda)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-10] (Electronic Arts)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-10-20] (PS Media s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-10-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-08-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-08-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-08-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-08-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-08-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-08-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-08-12] ()
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-03-11] (BlueStack Systems)
S3 cbaf; C:\Windows\System32\Drivers\cbaf.sys [15872 2008-01-09] (Intel Corp.)
S3 dfuuwb; C:\Windows\System32\Drivers\DfuUWB.sys [503296 2008-09-11] (Intel Corp.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-03-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-03-16] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-21] (Symantec Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-08-07] (Etron Technology Inc)
S3 FLxHCIh; C:\Windows\system32\drivers\FLxHCIh.sys [77040 2012-11-02] (Fresco Logic)
S3 HWA; C:\Windows\System32\Drivers\HWA.sys [61440 2008-09-29] (Intel Corp.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [262344 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeKrnlR3; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [103904 2016-05-23] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
S3 rusb3hub; C:\Windows\system32\drivers\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\system32\drivers\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 uagp35; C:\Windows\system32\drivers\sisagpx.sys [67104 2009-08-01] (Silicon Integrated Systems Corporation)
S3 uwbusb; C:\Windows\System32\Drivers\usbuwbmini.sys [13312 2008-09-15] (Intel Corp.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-12] (Avast Software)
S3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [210944 2012-05-30] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\system32\drivers\xhcdrv.sys [261120 2012-05-30] (VIA Technologies, Inc.)
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-31 14:19 - 2016-07-31 14:19 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-31 14:19 - 2016-07-31 14:19 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-07-31 14:19 - 2016-07-31 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-31 14:17 - 2016-07-31 14:17 - 00242320 _____ C:\Users\Sima a Nika\Desktop\Firefox Setup Stub 47.0.1.exe
2016-07-31 13:46 - 2016-07-31 13:46 - 00020502 _____ C:\Users\Sima a Nika\Desktop\AdwCleaner[C1].txt
2016-07-31 13:42 - 2016-07-31 13:42 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Elex-tech
2016-07-31 13:42 - 2016-05-19 08:42 - 00052392 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeNetFilter.sys
2016-07-31 13:33 - 2016-07-31 13:33 - 03712064 _____ C:\Users\Sima a Nika\Desktop\adwcleaner_5.201.exe
2016-07-31 13:20 - 2016-07-31 13:20 - 00013443 _____ C:\Users\Sima a Nika\Desktop\Addition.rar
2016-07-31 13:16 - 2016-08-02 10:21 - 00025153 _____ C:\Users\Sima a Nika\Desktop\FRST.txt
2016-07-31 13:16 - 2016-08-02 10:21 - 00000000 ____D C:\FRST
2016-07-31 13:16 - 2016-07-31 13:17 - 00054316 _____ C:\Users\Sima a Nika\Desktop\Addition.txt
2016-07-31 13:15 - 2016-07-31 13:15 - 02394112 _____ (Farbar) C:\Users\Sima a Nika\Desktop\FRST64.exe
2016-07-24 17:10 - 2016-07-31 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-24 15:01 - 2016-07-24 14:47 - 63474515 _____ C:\Users\Sima a Nika\Documents\CAM01220.mp4
2016-07-24 14:48 - 2016-07-24 14:47 - 63474515 ____N C:\Users\Sima a Nika\Desktop\CAM01220.mp4
2016-07-15 10:38 - 2016-07-15 10:38 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-07-14 17:27 - 2016-07-15 14:36 - 00000000 ____D C:\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\Documents\My Games
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2016-07-14 17:27 - 2016-07-14 17:27 - 00000000 ____D C:\ProgramData\Gaijin
2016-07-13 18:35 - 2016-07-13 18:35 - 00000000 ____D C:\Program Files (x86)\1rq4lmua
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-02 10:21 - 2015-11-09 17:50 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\Spotify
2016-08-02 10:08 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-02 10:08 - 2009-07-14 06:45 - 00031312 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-02 10:05 - 2015-11-09 17:49 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Spotify
2016-08-02 10:05 - 2015-10-20 15:47 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Seznam.cz
2016-08-02 10:01 - 2015-10-19 14:03 - 00000000 ____D C:\ProgramData\Origin
2016-08-02 10:00 - 2016-01-27 19:07 - 00054156 ____H C:\Windows\QTFont.qfn
2016-08-02 10:00 - 2015-08-14 15:51 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-02 10:00 - 2015-08-12 20:35 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-02 09:59 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-01 21:36 - 2016-05-03 16:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-01 20:16 - 2016-06-16 15:01 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\CrashDumps
2016-08-01 11:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-01 11:05 - 2015-08-20 16:56 - 00000000 ____D C:\Users\Sima a Nika\AppData\Local\ElevatedDiagnostics
2016-07-31 14:05 - 2016-02-06 20:52 - 00000000 ____D C:\Users\Sima a Nika\AppData\Roaming\Skype
2016-07-31 13:37 - 2016-05-05 13:38 - 00000000 ____D C:\Windows\system32\log
2016-07-31 13:34 - 2016-02-05 19:12 - 00000000 ____D C:\AdwCleaner
2016-07-25 13:09 - 2011-04-12 10:34 - 00672394 _____ C:\Windows\system32\perfh005.dat
2016-07-25 13:09 - 2011-04-12 10:34 - 00142580 _____ C:\Windows\system32\perfc005.dat
2016-07-25 13:09 - 2009-07-14 07:13 - 01594292 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-25 13:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-23 20:30 - 2016-02-06 20:51 - 00000000 ____D C:\ProgramData\Skype
2016-07-14 15:38 - 2016-05-03 16:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:38 - 2015-09-17 17:46 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:38 - 2015-09-17 17:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:38 - 2015-09-17 17:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-14 15:38 - 2015-09-17 17:45 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 15:00 - 2015-08-12 22:18 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:00 - 2015-08-12 22:17 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
Some files in TEMP:
====================
C:\Users\Sima a Nika\AppData\Local\Temp\bitool.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Sima a Nika\AppData\Local\Temp\drm_dyndata_7320011.dll
C:\Users\Sima a Nika\AppData\Local\Temp\dt_A3C2.tmp.exe
C:\Users\Sima a Nika\AppData\Local\Temp\EAD9F2B.exe
C:\Users\Sima a Nika\AppData\Local\Temp\Firefox Setup 39.0.exe
C:\Users\Sima a Nika\AppData\Local\Temp\libeay32.dll
C:\Users\Sima a Nika\AppData\Local\Temp\listicka-partner-12902-1.1.13-offline.exe
C:\Users\Sima a Nika\AppData\Local\Temp\msvcr120.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ReIcon_x64.exe
C:\Users\Sima a Nika\AppData\Local\Temp\sqlite3.dll
C:\Users\Sima a Nika\AppData\Local\Temp\ssins.exe
C:\Users\Sima a Nika\AppData\Local\Temp\tmpCB78.exe
C:\Users\Sima a Nika\AppData\Local\Temp\unins000.exe
C:\Users\Sima a Nika\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Sima a Nika\AppData\Local\Temp\_is94C1.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-14 20:51
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: V prohlížeči nejde přenastavit domovská stránka
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: F - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {0eda44fd-43f2-11e5-85d7-448a5b26731a} - F:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {5b7040a6-77e4-11e5-9b7d-448a5b26731a} - H:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {67c2874b-4127-11e5-9b2f-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {6da64602-1c30-11e6-9a39-448a5b26731a} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193da-9e42-11e5-9b61-448a5b26731a} - G:\Autorun.exe
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\...\MountPoints2: {fc7193e8-9e42-11e5-9b61-448a5b26731a} - I:\Autorun.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.attirerpage.com/?type=hp&ts= ... 1059310593
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.attirerpage.com/?type=hp&ts= ... 1059310593
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2795660459-1446932787-3981253488-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.attirerpage.com/search/?type ... 9310593&q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
C:\Program Files (x86)\1rq4lmua
C:\Users\Sima a Nika\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: V prohlížeči nejde přenastavit domovská stránka
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
C:\Program Files (x86)\1rq4lmua
C:\Users\Sima a Nika\AppData\Local\Temp
End
*****************
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0eda44fd-43f2-11e5-85d7-448a5b26731a}" => key removed successfully
HKCR\CLSID\{0eda44fd-43f2-11e5-85d7-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b7040a6-77e4-11e5-9b7d-448a5b26731a}" => key removed successfully
HKCR\CLSID\{5b7040a6-77e4-11e5-9b7d-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67c2874b-4127-11e5-9b2f-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{67c2874b-4127-11e5-9b2f-806e6f6e6963} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6da64602-1c30-11e6-9a39-448a5b26731a}" => key removed successfully
HKCR\CLSID\{6da64602-1c30-11e6-9a39-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc7193da-9e42-11e5-9b61-448a5b26731a}" => key removed successfully
HKCR\CLSID\{fc7193da-9e42-11e5-9b61-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc7193e8-9e42-11e5-9b61-448a5b26731a}" => key removed successfully
HKCR\CLSID\{fc7193e8-9e42-11e5-9b61-448a5b26731a} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Could not move "C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml" => Scheduled to move on reboot.
C:\Program Files (x86)\1rq4lmua => moved successfully
"C:\Users\Sima a Nika\AppData\Local\Temp" folder move:
Could not move "C:\Users\Sima a Nika\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-02 18:49:30)
C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml => Is moved successfully
C:\Users\Sima a Nika\AppData\Local\Temp => moved successfully
==== End of Fixlog 18:49:30 ====
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF SearchPlugin: C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml [2016-06-27]
C:\Program Files (x86)\1rq4lmua
C:\Users\Sima a Nika\AppData\Local\Temp
End
*****************
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I" => key removed successfully
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0eda44fd-43f2-11e5-85d7-448a5b26731a}" => key removed successfully
HKCR\CLSID\{0eda44fd-43f2-11e5-85d7-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5b7040a6-77e4-11e5-9b7d-448a5b26731a}" => key removed successfully
HKCR\CLSID\{5b7040a6-77e4-11e5-9b7d-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67c2874b-4127-11e5-9b2f-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{67c2874b-4127-11e5-9b2f-806e6f6e6963} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6da64602-1c30-11e6-9a39-448a5b26731a}" => key removed successfully
HKCR\CLSID\{6da64602-1c30-11e6-9a39-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc7193da-9e42-11e5-9b61-448a5b26731a}" => key removed successfully
HKCR\CLSID\{fc7193da-9e42-11e5-9b61-448a5b26731a} => key not found.
"HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc7193e8-9e42-11e5-9b61-448a5b26731a}" => key removed successfully
HKCR\CLSID\{fc7193e8-9e42-11e5-9b61-448a5b26731a} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\Wow6432Node\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-2795660459-1446932787-3981253488-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key could not remove.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Could not move "C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml" => Scheduled to move on reboot.
C:\Program Files (x86)\1rq4lmua => moved successfully
"C:\Users\Sima a Nika\AppData\Local\Temp" folder move:
Could not move "C:\Users\Sima a Nika\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-02 18:49:30)
C:\Users\Sima a Nika\AppData\Roaming\Mozilla\Firefox\Profiles\e50ewqf3.default\searchplugins\attirerpage.xml => Is moved successfully
C:\Users\Sima a Nika\AppData\Local\Temp => moved successfully
==== End of Fixlog 18:49:30 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: V prohlížeči nejde přenastavit domovská stránka
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: V prohlížeči nejde přenastavit domovská stránka
No teď Firefox nejde spustit hlásí že "Profil Firefox nelze spustit, buď chybí nebo je zaneprázdněný" Explorer funguje normálně.
Mám zkusit Firefox přeinstalovat?
Mám zkusit Firefox přeinstalovat?
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: V prohlížeči nejde přenastavit domovská stránka
Určitě ano.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?