VIRY.CZ

Prosim o kontrolu logu, mam problemy s malwarem, dekuji:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:46:24, on 30.8.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18427)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Glary Utilities 4\SoftwareUpdate.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
C:\Program Files (x86)\Java\jre1.5.0_17\bin\jusched.exe
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Users\6320\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Program Files (x86)\Glary Utilities 4\MemfilesService.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\6320\Downloads\HiJackThis.exe
C:\Users\6320\AppData\Local\Temp\nsm3E06.tmp\setupHiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=COSP&ptag=G3A0B ... =CT3210127
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.natur.cuni.cz:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: (no name) - {707db484-2428-402d-afb5-d85b387544c7} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.5.0_17\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [DiscWizardMonitor.exe] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
O4 - HKLM\..\Run: [SafeQ Client] "C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.5.0_17\bin\jusched.exe"
O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\6320\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Google Update] "C:\Users\6320\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BackgroundContainerV3] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\6320\AppData\Local\Cctbplt\BackgroundContainer\BackgroundContainer.dll",DllRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\6320\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\6320\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files (x86)\Verdict Free\etnxp.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{EFF5B315-EED6-4292-BF6C-98116B4D325D}: NameServer = 93.153.117.1 62.141.0.2
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Seagate Scheduler2 Service (SgtSch2Svc) - Seagate - C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13674 bytes

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . HijackThis už je dávno za zenitem.

Vkladam log FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016
Ran by 6320 (administrator) on 6320-PC (30-08-2016 20:35:09)
Running from C:\Users\6320\Desktop
Loaded Profiles: 6320 (Available Profiles: 6320)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\SoftwareUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Seagate) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
(Acronis) C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
() C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Java\jre1.5.0_17\bin\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Users\6320\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\6320\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\MemfilesService.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\x64\Win64ShellLink.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\6320\Desktop\FRSTLauncher (2).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2011-07-25] ()
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [136544 2009-10-16] (Seagate)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [1325936 2009-10-16] (Seagate)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe [904840 2009-10-16] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SafeQ Client] => C:\Program Files (x86)\Y Soft\SafeQ Client\Client\SafeQ Client.exe [259584 2013-02-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.5.0_17\bin\jusched.exe"
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2014-11-19] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [Facebook Update] => "C:\Users\6320\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [Google Update] => C:\Users\6320\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [BackgroundContainerV3] => C:\Users\6320\AppData\Local\Cctbplt\BackgroundContainer\BackgroundContainer.dll [300352 2016-04-18] (ClientConnect Ltd.)
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\6320\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\6320\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [5915776 2016-03-21] (Safer-Networking Ltd.)
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\MountPoints2: {b8cdd02e-23c9-11e1-8346-028037ec0200} - E:\setup.exe
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\...\MountPoints2: {c505d136-3778-11e5-bd22-028037ec0200} - F:\LaunchU3.exe -a
Lsa: [Authentication Packages] msv1_0 relog_ap
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk /p \??\C:autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-545032729-1702850814-3137012214-1000] => cache.natur.cuni.cz:3128
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3C9EBCCC-D4F6-473E-A9D9-C3FFB341891C}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5090A5C1-4540-4A85-A81C-B75C98E8E848}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A9E7D24B-D453-43D5-9C16-420DB6691813}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{EFF5B315-EED6-4292-BF6C-98116B4D325D}: [NameServer] 93.153.117.1 62.141.0.2

Internet Explorer:
==================
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=COSP&ptag=G3A0B15BED26 ... =CT3210127
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2247187
URLSearchHook: HKLM-x32 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
URLSearchHook: HKLM-x32 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 - (No Name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - No File
URLSearchHook: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
URLSearchHook: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 - (No Name) - {707db484-2428-402d-afb5-d85b387544c7} - No File
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2247187
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> DefaultScope {50FFE74C-9F38-4FBE-A50C-767D59FEDAA4} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> Backup.Old.DefaultScope {F2F522D1-4DF2-46B5-AC11-E73AF990E17C}
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {00F3ADB8-0F84-479F-9F1F-A29DC7A2F0FF} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {06769F9D-6F1C-FFC0-2289-7ED83D0B8426} URL = hxxp://www.bing.com/search?pc=COSP&ptag=G3A0B1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {50FFE74C-9F38-4FBE-A50C-767D59FEDAA4} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {AD228A0F-A427-4E32-AD4F-3D80C06B0883} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {C2015D7E-37D8-4B98-B2E4-1D0552F2A71F} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=30157914-EE4C-49ED-AF00-B03D47A35D81&apn_sauid=D0EFB97B-20D8-49B8-A735-2025C2FCEDAB
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {F2F522D1-4DF2-46B5-AC11-E73AF990E17C} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522
SearchScopes: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> {F7BC3D2D-136E-46F8-B472-FFAA0D1B3786} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: No Name -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> No File
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.5.0_17\bin\ssv.dll [2008-11-10] (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: No Name -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> No File
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> No Name - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - No File
Toolbar: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> No Name - {707DB484-2428-402D-AFB5-D85B387544C7} - No File
Toolbar: HKU\S-1-5-21-545032729-1702850814-3137012214-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-545032729-1702850814-3137012214-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\6320\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Plugin HKU\S-1-5-21-545032729-1702850814-3137012214-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\6320\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-545032729-1702850814-3137012214-1000: @talk.google.com/O1DPlugin -> C:\Users\6320\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-545032729-1702850814-3137012214-1000: @tools.google.com/Google Update;version=3 -> C:\Users\6320\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-545032729-1702850814-3137012214-1000: @tools.google.com/Google Update;version=9 -> C:\Users\6320\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-26] (Google Inc.)
FF user.js: detected! => C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\user.js [2012-08-09]
FF Plugin ProgramFiles/Appdata: C:\Users\6320\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\6320\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\searchplugins\bingp.xml [2013-01-23]
FF SearchPlugin: C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\searchplugins\Search.xml [2012-09-25]
FF SearchPlugin: C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\searchplugins\yahoo_ff.xml [2016-08-30]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml [2011-11-21]
FF Extension: (Seznam lištička) - C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-08-30]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} [2015-06-18] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\6320\AppData\Local\Google\Chrome\Application\52.0.2743.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Native Client) - C:\Users\6320\AppData\Local\Google\Chrome\Application\52.0.2743.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\6320\AppData\Local\Google\Chrome\Application\52.0.2743.116\pdf.dll => No File
CHR Profile: C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-30]
CHR Extension: (Dokumenty Google) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-30]
CHR Extension: (Disk Google) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-30]
CHR Extension: (Funmoods Chat) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2014-03-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2016-08-30]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2016-08-30]
CHR Extension: (YouTube) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-30]
CHR Extension: (Funmoods) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2014-03-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-30]
CHR Extension: (Skype) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-08-30]
CHR Extension: (Shopping Helper) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof [2014-06-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-08-30]
CHR Extension: (Gmail) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\6320\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-30]
CHR HKU\S-1-5-21-545032729-1702850814-3137012214-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\6320\AppData\Local\funmoods.crx [2012-08-09]
CHR HKU\S-1-5-21-545032729-1702850814-3137012214-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\6320\AppData\Local\funmoods-speeddial.crx [2012-08-09]
CHR HKLM-x32\...\Chrome\Extension: [jllpjckabhalgdienlngoikeehalibei] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [ojpijjmpahflnipadmlpgbjmagmjchkk] - <no Path/update_url>
StartMenuInternet: Google Chrome - C:\Users\6320\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2014-02-26] (Glarysoft Ltd)
R3 d554gps; C:\Windows\System32\DRIVERS\d554gps64.sys [101416 2010-12-02] (Ericsson AB)
R3 d554scard; C:\Windows\System32\DRIVERS\d554scard.sys [61992 2010-11-19] (Ericsson AB)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-11] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-24] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-24] (Ericsson AB)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [848384 2011-07-14] (Realtek Semiconductor Corporation )
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276520 2011-02-08] (Ericsson AB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-30 20:35 - 2016-08-30 20:36 - 00028060 _____ C:\Users\6320\Desktop\FRST.txt
2016-08-30 20:34 - 2016-08-30 20:35 - 00000000 ____D C:\FRST
2016-08-30 20:33 - 2016-08-30 20:33 - 00112640 _____ (forum.viry.cz) C:\Users\6320\Desktop\FRSTLauncher (2).exe
2016-08-30 20:31 - 2016-08-30 20:31 - 00112640 _____ (forum.viry.cz) C:\Users\6320\Desktop\Nepotvrzeno 413315.crdownload
2016-08-30 20:29 - 2016-08-30 20:29 - 00112640 _____ (forum.viry.cz) C:\Users\6320\Desktop\Nepotvrzeno 907917.crdownload
2016-08-30 20:28 - 2016-08-30 20:28 - 02397696 _____ (Farbar) C:\Users\6320\Desktop\FRST64.exe
2016-08-30 20:27 - 2016-08-30 20:28 - 02397696 _____ (Farbar) C:\Users\6320\Downloads\FRST64.exe
2016-08-30 18:43 - 2016-08-30 18:44 - 07881808 _____ C:\Users\6320\Downloads\HiJackThis.exe
2016-08-30 16:32 - 2016-08-30 16:33 - 00009802 _____ C:\Windows\wininit.ini
2016-08-30 15:33 - 2016-08-30 15:33 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-30 15:33 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-30 15:17 - 2016-08-30 15:17 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-08-30 15:17 - 2016-08-30 15:17 - 00000000 ____D C:\%LOCALAPPDATA%
2016-08-30 15:16 - 2016-08-30 20:29 - 00000000 ____D C:\Users\6320\AppData\Roaming\Seznam.cz
2016-08-30 15:16 - 2016-08-30 15:16 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-08-30 15:15 - 2016-08-30 16:32 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-30 15:15 - 2016-08-30 15:35 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-30 15:15 - 2016-08-30 15:15 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-30 15:15 - 2016-08-30 15:15 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-30 15:15 - 2016-08-30 15:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-30 15:15 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-08-30 15:13 - 2016-08-30 15:14 - 53962248 _____ C:\Users\6320\Downloads\spybot-2.4.exe
2016-08-30 00:37 - 2016-08-30 00:37 - 00001757 _____ C:\Users\6320\Downloads\net2ftp-1472510233.zip
2016-08-30 00:35 - 2016-08-30 00:36 - 00000000 ____D C:\Users\6320\Desktop\wordpress
2016-08-30 00:34 - 2016-08-30 00:35 - 08648124 _____ C:\Users\6320\Downloads\wordpress-4.6.zip
2016-08-28 21:27 - 2016-08-29 23:18 - 00009056 _____ C:\Users\6320\Desktop\klice.xlsx
2016-08-28 15:28 - 2016-08-28 15:29 - 201651180 _____ C:\Users\6320\Downloads\New.Girl_S05E04_CZ_tit.avi
2016-08-25 16:30 - 2016-08-25 16:32 - 63004514 _____ C:\Users\6320\Desktop\template_45516_qGZXtq58wEEM11ahVYoS.zip
2016-08-23 13:02 - 2016-08-28 11:55 - 00000000 ___RD C:\Users\6320\Desktop\Blog
2016-08-23 12:31 - 2016-08-23 12:40 - 00000000 ____D C:\Users\6320\Desktop\upravene fotky
2016-08-23 10:15 - 2016-08-23 13:05 - 00000000 ___RD C:\Users\6320\Desktop\PRÁCE
2016-08-17 11:18 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-17 11:18 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-15 13:34 - 2016-08-15 13:34 - 00003498 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-6320-PC-6320
2016-08-15 13:18 - 2016-08-15 13:18 - 00001075 _____ C:\Users\6320\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
2016-08-15 13:18 - 2016-08-15 13:18 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-08-15 13:17 - 2016-08-15 13:17 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-08-15 13:16 - 2016-08-15 13:18 - 00000000 ____D C:\Program Files\Adobe
2016-08-15 13:16 - 2016-08-15 13:16 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-08-15 13:15 - 2016-08-15 13:15 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-08-15 13:12 - 2016-08-15 13:12 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-08-15 13:12 - 2016-08-15 13:12 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-08-15 13:08 - 2016-08-15 13:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-15 12:37 - 2016-08-15 12:53 - 2210534168 _____ C:\Users\6320\Downloads\Adobe-Photoshop-CS6-CZ-Full-version.rar
2016-08-15 11:53 - 2016-08-15 12:03 - 1698924084 _____ C:\Users\6320\Downloads\Adobe-Photoshop-CC-2015-(20150529.r.88)-(32+64Bit)-+-Crack.rar
2016-08-13 23:14 - 2016-08-21 14:27 - 00000000 ____D C:\Users\6320\Downloads\Subs
2016-08-13 22:48 - 2016-08-13 22:53 - 743191444 _____ C:\Users\6320\Downloads\Before-We-Go-(2014)---anglicky---titulky-ke-stažení-(Komedie-%2F-Drama-%2F-Romantický)---Chris-Evans.mp4
2016-08-10 12:42 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 12:42 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 12:42 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 12:42 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-10 12:42 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-10 12:42 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 12:42 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-10 12:42 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 12:42 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-10 12:42 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-10 12:42 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-10 12:42 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-10 12:42 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-10 12:42 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 12:42 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-10 12:42 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-10 12:42 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 12:42 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 12:42 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-10 12:42 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-10 12:42 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-10 12:42 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-10 12:42 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-10 12:42 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-10 12:42 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-10 12:42 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 12:42 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 12:42 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-10 12:42 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 12:42 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-10 12:42 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-10 12:42 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-10 12:42 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-10 12:42 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-10 12:42 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 12:42 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-10 12:42 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-10 12:42 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-10 12:42 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 12:42 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-10 12:42 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-10 12:42 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 12:42 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 12:42 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 12:42 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-10 12:42 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 12:42 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-10 12:42 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-10 12:42 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 12:42 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-10 12:42 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-10 12:42 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-10 12:42 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-10 12:42 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 12:42 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-10 12:42 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 12:42 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-10 12:42 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 12:42 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 12:42 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-10 12:42 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 12:42 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 12:42 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 12:42 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 12:42 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 12:42 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 12:36 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 12:36 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-10 12:36 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-10 12:36 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-10 12:36 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-10 12:36 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-10 12:36 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-10 12:36 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-10 12:36 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-10 12:36 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-10 12:36 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 12:36 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-10 12:36 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-10 12:36 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-10 12:29 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-08 15:41 - 2016-08-22 14:43 - 00000000 ____D C:\Users\6320\Desktop\fotky zkouska

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-30 20:31 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-30 20:31 - 2009-07-14 06:45 - 00031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-30 20:14 - 2012-04-23 15:44 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-30 20:01 - 2012-04-23 15:44 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-30 19:54 - 2014-03-15 23:23 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000UA.job
2016-08-30 18:39 - 2013-01-23 14:50 - 00000000 ____D C:\Users\6320\AppData\Roaming\Skype
2016-08-30 18:09 - 2013-10-18 00:04 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000UA.job
2016-08-30 16:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-30 08:32 - 2014-03-17 16:16 - 00000326 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2016-08-30 08:32 - 2014-03-17 16:16 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 4
2016-08-30 08:32 - 2012-04-23 15:44 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-30 08:31 - 2014-04-21 14:29 - 00000356 _____ C:\Windows\Tasks\SoftwareUpdateGU4.job
2016-08-30 08:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-30 00:09 - 2013-10-18 00:04 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000Core.job
2016-08-29 22:54 - 2014-03-15 23:23 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000Core.job
2016-08-29 12:41 - 2011-08-26 09:34 - 00669132 _____ C:\Windows\system32\perfh005.dat
2016-08-29 12:41 - 2011-08-26 09:34 - 00141760 _____ C:\Windows\system32\perfc005.dat
2016-08-29 12:41 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-28 21:20 - 2011-11-27 10:33 - 00000000 ____D C:\Program Files (x86)\Conduit
2016-08-27 12:07 - 2011-12-03 12:47 - 00000000 ____D C:\Users\6320\AppData\Local\Adobe
2016-08-23 18:27 - 2014-03-01 17:55 - 00000000 ____D C:\Users\6320\Desktop\Hudba
2016-08-23 13:04 - 2012-01-11 18:25 - 00000000 ___RD C:\Users\6320\Desktop\ŠKOLA
2016-08-23 09:52 - 2013-09-16 22:58 - 00000000 ____D C:\Users\6320\Desktop\fotky
2016-08-19 08:43 - 2016-01-14 15:19 - 00000000 ____D C:\Windows\rescache
2016-08-18 23:20 - 2009-07-14 07:08 - 00032540 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-18 23:18 - 2012-04-10 19:48 - 00000000 ____D C:\Users\6320\AppData\Roaming\vlc
2016-08-16 09:31 - 2011-12-03 12:44 - 00000000 ____D C:\ProgramData\Adobe
2016-08-16 08:38 - 2009-07-14 06:45 - 05035096 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-15 14:03 - 2011-11-27 10:25 - 00000000 ____D C:\Users\6320\AppData\Roaming\Adobe
2016-08-15 13:33 - 2011-09-15 23:34 - 00109296 _____ C:\Users\6320\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-15 13:16 - 2011-12-03 12:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-09 00:58 - 2011-11-27 10:30 - 00002366 _____ C:\Users\6320\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 00:58 - 2011-11-27 10:30 - 00002358 _____ C:\Users\6320\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2012-01-20 21:27 - 2015-03-09 22:07 - 0008192 _____ () C:\Users\6320\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-09 23:54 - 2012-08-09 23:54 - 0384844 _____ () C:\Users\6320\AppData\Local\funmoods-speeddial.crx
2012-08-09 23:54 - 2012-08-09 23:54 - 0031465 _____ () C:\Users\6320\AppData\Local\funmoods.crx

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000Core.job => C:\Users\6320\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000UA.job => C:\Users\6320\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000Core.job => C:\Users\6320\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-545032729-1702850814-3137012214-1000UA.job => C:\Users\6320\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SoftwareUpdateGU4.job => C:\Program Files (x86)\Glary Utilities 4\SoftwareUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\6320\Desktop" je 91936 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

AdwCleaner log po vycisteni:

# AdwCleaner v6.010 - Log soubor vytvořen 30/08/2016 na 21:40:27
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-08-30.2 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : 6320 - 6320-PC
# Beží od : C:\Users\6320\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****

[-] Služby smazány:BackupStack


***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\6320\Funmoods
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\AskToolbar
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\BS_Player
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\Conduit
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\ConduitEngine
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\PriceGong
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\Search Settings
[-] Adresář smazán:C:\Users\6320\AppData\LocalLow\Vuze_Remote
[-] Adresář smazán:C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\ConduitCommon
[#] Adresář nelze smazat:C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\conduitcommon
[-] Adresář smazán:C:\ProgramData\Ask
[#] Adresář nelze smazat:C:\ProgramData\Application Data\Ask
[-] Adresář smazán:C:\Program Files (x86)\BS_Player
[-] Adresář smazán:C:\Program Files (x86)\Conduit
[-] Adresář smazán:C:\Program Files (x86)\ConduitEngine
[-] Adresář smazán:C:\Program Files (x86)\Vuze_Remote
[-] Adresář smazán:C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[-] Adresář smazán:C:\Users\6320\AppData\Local\Temp\APN-Stub
[-] Adresář smazán:C:\Users\6320\AppData\Local\Temp\APNLogs
[-] Adresář smazán:C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater


***** [ Soubory ] *****

[-] Soubor smazán:C:\Users\6320\AppData\Local\funmoods.crx
[-] Soubor smazán:C:\Users\6320\AppData\Local\funmoods-speeddial.crx
[-] Soubor smazán:C:\END
[-] Soubor smazán:C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\searchplugins\bingp.xml
[-] Soubor smazán:C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\searchplugins\search.xml
[-] Soubor smazán:C:\Users\6320\AppData\Roaming\Mozilla\Firefox\Profiles\6x0uvmyy.default\searchplugins\yahoo_ff.xml


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Classes\Toolbar.CT1750559
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Conduit.Engine
[-] Klíč smazán:HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\APN
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\BackgroundContainer
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Conduit
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\InstallCore
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Search Settings
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Toolbar
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Software\adawarebp
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Software\AskToolbar
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Software\conduitEngine
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Software\ConduitSearchScopes
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Software\PriceGong
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\AppDataLow\Software\Search Settings
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[#] Klíč smazán po restartování:HKCU\Software\APN
[#] Klíč smazán po restartování:HKCU\Software\BackgroundContainer
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\InstallCore
[#] Klíč smazán po restartování:HKCU\Software\Search Settings
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Toolbar
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\adawarebp
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\AskToolbar
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\conduitEngine
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\PriceGong
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Search Settings
[-] Klíč smazán:HKLM\SOFTWARE\APN
[-] Klíč smazán:HKLM\SOFTWARE\AskToolbar
[-] Klíč smazán:HKLM\SOFTWARE\Conduit
[-] Klíč smazán:HKLM\SOFTWARE\conduitEngine
[-] Klíč smazán:HKLM\SOFTWARE\Search Settings
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[#] Klíč smazán po restartování:HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[#] Klíč smazán po restartování:HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
[-] Data obnovena:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{00F3ADB8-0F84-479F-9F1F-A29DC7A2F0FF}
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{06769F9D-6F1C-FFC0-2289-7ED83D0B8426}
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{50FFE74C-9F38-4FBE-A50C-767D59FEDAA4}
[-] Data obnovena:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AD228A0F-A427-4E32-AD4F-3D80C06B0883}
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C2015D7E-37D8-4B98-B2E4-1D0552F2A71F}
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F2F522D1-4DF2-46B5-AC11-E73AF990E17C}
[-] Klíč smazán:HKU\S-1-5-21-545032729-1702850814-3137012214-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F7BC3D2D-136E-46F8-B472-FFAA0D1B3786}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{00F3ADB8-0F84-479F-9F1F-A29DC7A2F0FF}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{06769F9D-6F1C-FFC0-2289-7ED83D0B8426}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{50FFE74C-9F38-4FBE-A50C-767D59FEDAA4}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD228A0F-A427-4E32-AD4F-3D80C06B0883}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C2015D7E-37D8-4B98-B2E4-1D0552F2A71F}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F2F522D1-4DF2-46B5-AC11-E73AF990E17C}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F7BC3D2D-136E-46F8-B472-FFAA0D1B3786}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com


***** [ Prohlížeče ] *****

[-] Firefox nastavení vyčištěno:"extensions.funmoods.hmpgUrl" - "hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.newTabUrl" - "hxxp://start.funmoods.com/?f=2&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.prdct" - "funmoods"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.prtnrId" - "funmoods"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.tlbrSrchUrl" - "hxxp://start.funmoods.com/?f=3&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522&q="
[-] Firefox nastavení vyčištěno:"extensions.funmoods.hmpgUrl" - "hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.newTabUrl" - "hxxp://start.funmoods.com/?f=2&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.tlbrSrchUrl" - "hxxp://start.funmoods.com/?f=3&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzu0AtDzzzz0ByE0C0BtCtA0AyE0BtC0A0BtN0D0Tzu0StBtBtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2093288522&q="
[-] Firefox nastavení vyčištěno:"extensions.funmoods.prtnrId" - "funmoods"
[-] Firefox nastavení vyčištěno:"extensions.funmoods.prdct" - "funmoods"


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [16636 Bajtů] - [30/08/2016 21:40:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [16806 Bajtů] - [30/08/2016 21:38:01]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [16786 Bajtů] ##########

Dejte nový log FRST.