VIRY.CZ

Dobry den mohol by som poprosit o kontrolu logu.Ukazalo my to 146 hrozieb snad to bude vsetko v poriadku.Dakujem

# AdwCleaner v6.030 - Log soubor vytvořen 26/11/2016 na 10:35:59
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-25.3 [Server]
# Operační systém : Windows 7 Home Premium (X86)
# Uživatelské jméno : Vinc - VINC-PC
# Beží od : C:\Users\Vinc\Downloads\AdwCleaner.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Vinc\AppData\Local\iMesh
[-] Adresář smazán:C:\Users\Vinc\AppData\Local\PackageAware
[-] Adresář smazán:C:\Users\Vinc\AppData\Local\torch
[-] Adresář smazán:C:\Users\Vinc\AppData\Local\VirtualStore\Program Files\iMesh Applications
[-] Adresář smazán:C:\Users\Vinc\AppData\LocalLow\ilividmoviestoolbar181
[-] Adresář smazán:C:\Users\Vinc\AppData\LocalLow\searchresultstb
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\Babylon
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\DealPly
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\DownLite
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\OpenCandy
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\ICQToolbarData
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\ilividmoviestoolbar181
[-] Adresář smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\Smartbar
[-] Adresář smazán:C:\ProgramData\apn
[-] Adresář smazán:C:\ProgramData\Babylon
[-] Adresář smazán:C:\ProgramData\BitGuard
[-] Adresář smazán:C:\ProgramData\Browser Manager
[-] Adresář smazán:C:\ProgramData\BrowserProtect
[-] Adresář smazán:C:\ProgramData\ICQ\ICQToolbar
[-] Adresář smazán:C:\ProgramData\wincert
[-] Adresář smazán:C:\ProgramData\ICQ\ICQNewTab
[#] Adresář nelze smazat:C:\ProgramData\Application Data\apn
[#] Adresář nelze smazat:C:\ProgramData\Application Data\Babylon
[#] Adresář nelze smazat:C:\ProgramData\Application Data\BitGuard
[#] Adresář nelze smazat:C:\ProgramData\Application Data\Browser Manager
[#] Adresář nelze smazat:C:\ProgramData\Application Data\BrowserProtect
[#] Adresář nelze smazat:C:\ProgramData\Application Data\ICQ\ICQToolbar
[#] Adresář nelze smazat:C:\ProgramData\Application Data\wincert
[#] Adresář nelze smazat:C:\ProgramData\Application Data\ICQ\ICQNewTab
[-] Adresář smazán:C:\Program Files\ICQ6Toolbar
[-] Adresář smazán:C:\extensions


***** [ Soubory ] *****

[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\icqplugin-1.xml
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\icqplugin-2.xml
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\icqplugin-3.xml
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\icqplugin-4.xml
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\icqplugin-5.xml
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\icqplugin.xml
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
[-] Soubor smazán:C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
[-] Soubor smazán:C:\user.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKCU\Software\8edd8ce23bb845
[-] Klíč smazán:HKLM\SOFTWARE\8edd8ce23bb845
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\iLividSetup-r1227-n-bf.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\iLividSetup-r706-n-bf.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\iLividSetup.exe
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Classes\iLivid.torrent
[#] Klíč smazán po restartování:HKCU\Software\Classes\iLivid.torrent
[-] Klíč smazán:HKLM\SOFTWARE\Classes\iLivid.torrent
[-] Klíč smazán:HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
[-] Klíč smazán:HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Prod.cap
[-] Klíč smazán:HKLM\SOFTWARE\Classes\speedupmypc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F001652-AF51-45C6-B029-86E0265A1851}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F001652-AF51-45C6-B029-86E0265A1851}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014}
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota smazána:HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
[-] Hodnota smazána:HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]
[-] Klíč smazán:HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\APN PIP
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\APNDTX
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\BABSOLUTION
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\BabylonToolbar
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Conduit
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\DataMngr_Toolbar
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\DownLite
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\ilivid
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\ilividmoviestoolbar181
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\PrivitizeVPNInstallDates
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\StartSearch
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\torch
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Mail.Ru
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\AppDataLow\Software\ilividmoviestoolbar181
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4096036714-2317514608-166931336-1000\Software\AskPartnerNetwork
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Klíč smazán po restartování:HKCU\Software\APN PIP
[#] Klíč smazán po restartování:HKCU\Software\APNDTX
[#] Klíč smazán po restartování:HKCU\Software\BABSOLUTION
[#] Klíč smazán po restartování:HKCU\Software\BabylonToolbar
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\DataMngr_Toolbar
[#] Klíč smazán po restartování:HKCU\Software\DownLite
[#] Klíč smazán po restartování:HKCU\Software\ilivid
[#] Klíč smazán po restartování:HKCU\Software\ilividmoviestoolbar181
[#] Klíč smazán po restartování:HKCU\Software\PrivitizeVPNInstallDates
[#] Klíč smazán po restartování:HKCU\Software\StartSearch
[#] Klíč smazán po restartování:HKCU\Software\torch
[#] Klíč smazán po restartování:HKCU\Software\Mail.Ru
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\ilividmoviestoolbar181
[-] Klíč smazán:HKLM\SOFTWARE\Babylon
[-] Klíč smazán:HKLM\SOFTWARE\Conduit
[-] Klíč smazán:HKLM\SOFTWARE\DataMngr
[-] Klíč smazán:HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč smazán:HKLM\SOFTWARE\iLividSRTB
[-] Klíč smazán:HKLM\SOFTWARE\Imesh
[-] Klíč smazán:HKLM\SOFTWARE\PIP
[-] Klíč smazán:HKLM\SOFTWARE\torch
[-] Klíč smazán:HKLM\SOFTWARE\Uniblue
[#] Klíč smazán po restartování:HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Klíč smazán:HKLM\SOFTWARE\Mail.Ru
[#] Klíč smazán po restartování:HKLM\SOFTWARE\Datamngr
[#] Klíč smazán po restartování:HKLM\SOFTWARE\iMesh
[-] Data obnovena:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data obnovena:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [bProtector Start Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[-] Klíč smazán:HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E783E48A-5DD8-4794-A551-B18BAAD4E1B6}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E783E48A-5DD8-4794-A551-B18BAAD4E1B6}
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] c:\progra~2\browse~2\261249~1.132\{c16c1~1\browse~1.dll
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
[#] Klíč smazán po restartování:HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
[-] Klíč smazán:HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
[-] Hodnota smazána:HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
[-] Hodnota smazána:HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
[#] Hodnota smazána po restartování:HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls [x86]


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [13298 Bajtů] - [26/11/2016 10:35:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [13206 Bajtů] - [26/11/2016 10:34:48]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [13448 Bajtů] ##########

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2016
Ran by Vinc (administrator) on VINC-PC (26-11-2016 11:34:34)
Running from C:\Users\Vinc\Desktop
Loaded Profiles: Vinc (Available Profiles: Vinc)
Platform: Microsoft Windows 7 Home Premium (X86) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\Defraggler\Defraggler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Vinc\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157968 2015-08-13] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\Run: [] => [X]
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {39dce2de-3764-11e3-b5a4-001d60fd27f1} - I:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {3b633cd9-30af-11e5-b009-001d60fd27f1} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {b31a15a9-4894-11e3-ae23-001d60fd27f1} - I:\LGAutoRun.exe
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {b31a15b5-4894-11e3-ae23-001d60fd27f1} - I:\PcOptions.exe
Startup: C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CCC.lnk [2013-02-19]
ShortcutTarget: CCC.lnk -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{44C30D06-67E9-489D-9DBD-89394A476B37}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6A48C047-3B15-41E1-9B75-A9B2ADFA98A6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131106000396455078&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> DefaultScope {DFE7119D-13A2-44BE-8281-27CC86DDA5FE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> {DFE7119D-13A2-44BE-8281-27CC86DDA5FE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-26] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-26] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> No Name - {434C4D2D-5341-5400-76A7-7A786E7484D7} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default [2016-11-26]
FF user.js: detected! => C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\user.js [2013-11-25]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\3ee9z9zp.default -> hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&CUI=UN11562418163226514&UM=1&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\3ee9z9zp.default -> Tuvaro
FF Homepage: Mozilla\Firefox\Profiles\3ee9z9zp.default -> hxxp://google.cz/
FF Extension: (ADB Helper) - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\Extensions\adbhelper@mozilla.org [2015-07-17] [not signed]
FF Extension: (Movies Toolbar (Dist. by Bandoo Media, Inc.)) - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\Extensions\{d1dac034-9fd9-4c13-a388-d2e10e57707f} [2014-04-16] [not signed]
FF Extension: (No Name) - C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\extensions\{282b0e54-8981-49eb-9193-5910a1f6fd33} [not found]
FF SearchPlugin: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\ask-search.xml [2013-02-21]
FF SearchPlugin: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\askcom.xml [2013-02-02]
FF SearchPlugin: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\babylon.xml [2013-05-08]
FF SearchPlugin: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\conduit.xml [2013-04-07]
FF SearchPlugin: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\Search_Results.xml [2013-02-20]
FF SearchPlugin: C:\Users\Vinc\AppData\Roaming\Mozilla\Firefox\Profiles\3ee9z9zp.default\searchplugins\tuvaro.xml [2013-11-25]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-26] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-26] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-26] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4096036714-2317514608-166931336-1000: iMeshPlugin -> C:\Program Files\iMesh Applications\iMesh\npiMeshPlugin.dll [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-07-31]

Chrome:
=======
CHR Profile: C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default [2016-11-26]
CHR Extension: (Prezentace Google) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-26]
CHR Extension: (Dokumenty Google) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-26]
CHR Extension: (Disk Google) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-26]
CHR Extension: (YouTube) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-26]
CHR Extension: (Tabulky Google) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-26]
CHR Extension: (Gmail) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-26]
CHR Extension: (Chrome Media Router) - C:\Users\Vinc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-26]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 HFGService; C:\Windows\System32\HFGService.dll [413696 2009-12-21] (CSR, plc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [43008 2009-12-21] (CSR, plc)
R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [61952 2009-12-21] (CSR, plc)
S3 Mo3Fltr; C:\Windows\System32\drivers\Mo3Fltr.sys [11136 2010-08-11] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2015-06-10] (Apple, Inc.) [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam.sys [1068216 2012-04-15] (Windows (R) Win 7 DDK provider)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [465408 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-26 11:34 - 2016-11-26 11:35 - 00012725 _____ C:\Users\Vinc\Desktop\FRST.txt
2016-11-26 11:34 - 2016-11-26 11:34 - 00000000 ____D C:\FRST
2016-11-26 11:32 - 2016-11-26 11:32 - 00112640 _____ (forum.viry.cz) C:\Users\Vinc\Desktop\FRSTLauncher.exe
2016-11-26 11:30 - 2016-11-26 11:30 - 01761280 _____ (Farbar) C:\Users\Vinc\Desktop\FRST.exe
2016-11-26 10:46 - 2016-11-26 10:46 - 00001863 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-11-26 10:46 - 2016-11-26 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2016-11-26 10:46 - 2016-11-26 10:46 - 00000000 ____D C:\Program Files\Defraggler
2016-11-26 10:45 - 2016-11-26 10:45 - 04529456 _____ (Piriform Ltd) C:\Users\Vinc\Downloads\dfsetup221.exe
2016-11-26 10:42 - 2016-11-26 10:42 - 20174528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-26 10:39 - 2016-11-26 10:39 - 00013529 _____ C:\Users\Vinc\Desktop\AdwCleaner[C0].txt
2016-11-26 10:32 - 2016-11-26 10:39 - 00000000 ____D C:\AdwCleaner
2016-11-26 10:32 - 2016-11-26 10:32 - 03910208 _____ C:\Users\Vinc\Downloads\AdwCleaner.exe
2016-11-26 10:28 - 2016-11-26 10:28 - 00002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-26 10:28 - 2016-11-26 10:28 - 00002201 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-26 10:26 - 2016-11-26 11:31 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-26 10:26 - 2016-11-26 10:37 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-26 10:25 - 2016-11-26 10:26 - 00000000 ____D C:\Users\Vinc\AppData\Local\Deployment
2016-11-26 10:25 - 2016-11-26 10:25 - 00000000 ____D C:\Users\Vinc\AppData\Local\Apps\2.0
2016-11-26 10:24 - 2016-11-26 10:24 - 00060144 _____ C:\Users\Vinc\Desktop\cc_20161126_102432.reg
2016-11-26 09:47 - 2016-11-26 09:47 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Sun
2016-11-26 09:47 - 2016-11-26 09:47 - 00000000 ____D C:\Program Files\Common Files\Java

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-26 10:45 - 2009-07-14 05:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-26 10:45 - 2009-07-14 05:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-26 10:42 - 2013-02-19 15:35 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-26 10:42 - 2013-02-19 15:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-26 10:42 - 2013-02-19 15:35 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-26 10:42 - 2013-02-19 15:35 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-26 10:38 - 2016-01-02 21:45 - 00000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-11-26 10:38 - 2013-02-19 15:29 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Skype
2016-11-26 10:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-26 10:37 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-11-26 10:35 - 2013-04-20 01:42 - 00000000 ____D C:\ProgramData\ICQ
2016-11-26 10:30 - 2013-06-01 12:41 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-11-26 10:28 - 2013-05-20 16:11 - 00000000 ____D C:\Program Files\Google
2016-11-26 10:21 - 2013-02-21 22:43 - 00000000 ____D C:\Windows\Minidump
2016-11-26 10:21 - 2013-02-19 17:06 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\DAEMON Tools Lite
2016-11-26 10:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\ModemLogs
2016-11-26 10:18 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2016-11-26 10:18 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat
2016-11-26 10:17 - 2015-01-28 17:53 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-26 10:13 - 2016-04-03 17:47 - 00000000 ____D C:\ProgramData\Apple
2016-11-26 10:13 - 2016-04-03 17:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-26 10:12 - 2013-07-04 13:16 - 00000000 ____D C:\ProgramData\Origin
2016-11-26 10:08 - 2013-09-10 15:40 - 00000000 ___HD C:\GrandeDevice
2016-11-26 10:08 - 2013-02-20 00:07 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-11-26 10:00 - 2013-05-08 13:06 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\uTorrent
2016-11-26 09:59 - 2013-02-19 15:50 - 00108768 _____ C:\Users\Vinc\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-26 09:57 - 2009-07-14 05:33 - 00406440 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-26 09:55 - 2013-09-29 17:11 - 00000000 ____D C:\Program Files\ESET
2016-11-26 09:48 - 2013-11-19 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2016-11-26 09:48 - 2013-11-19 20:54 - 00000000 ____D C:\Program Files\Counter-Strike
2016-11-26 09:48 - 2013-10-21 07:33 - 00000000 ____D C:\ProgramData\Oracle
2016-11-26 09:47 - 2014-02-18 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-26 09:47 - 2013-08-20 07:46 - 00000000 ____D C:\Program Files\Java
2016-11-26 09:46 - 2014-02-18 18:49 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-11-26 09:45 - 2014-02-18 18:49 - 00269888 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2016-11-26 09:45 - 2013-04-07 21:32 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\BSplayer
2016-11-26 09:37 - 2014-07-31 20:20 - 00000000 ____D C:\Users\Vinc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-11-26 09:37 - 2014-07-31 20:20 - 00000000 ____D C:\Program Files\DSPRobotics
2016-11-26 09:37 - 2014-07-31 20:14 - 00000000 ____D C:\Program Files\Image-Line
2016-11-26 09:29 - 2013-02-19 15:31 - 01575230 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-26 09:29 - 2009-07-14 09:44 - 00665944 _____ C:\Windows\system32\perfh005.dat
2016-11-26 09:29 - 2009-07-14 09:44 - 00139608 _____ C:\Windows\system32\perfc005.dat
2016-11-26 09:21 - 2013-02-19 15:29 - 00000000 ___RD C:\Program Files\Skype
2016-11-26 09:20 - 2013-02-19 15:24 - 00000000 ____D C:\Users\Vinc

==================== Files in the root of some directories =======

2013-05-08 12:50 - 2013-05-08 12:51 - 0000000 _____ () C:\Users\Vinc\AppData\Roaming\bitlord_log.txt
2013-08-03 21:41 - 2013-08-03 21:41 - 0003584 _____ () C:\Users\Vinc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-31 14:52 - 2013-05-31 15:11 - 0000000 _____ () C:\ProgramData\kjhy64.txt
2013-05-31 14:52 - 2013-05-31 15:11 - 95023320 ____T () C:\ProgramData\t14a.pad

Files to move or delete:
====================
C:\ProgramData\t14a.pad


Some files in TEMP:
====================
C:\Users\Vinc\AppData\Local\Temp\BRSVC_1142703_hlp.exe
C:\Users\Vinc\AppData\Local\Temp\libeay32.dll
C:\Users\Vinc\AppData\Local\Temp\msvcr120.dll
C:\Users\Vinc\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Vinc\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-26 13:47

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:89.43 GB) (Free:52.97 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:59.62 GB) (Free:9.85 GB) NTFS

Available physical RAM: 827.85 MB
Total physical RAM: 1791.24 MB
Percentage of memory in use: 53%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 1A9608F5)
Partition 1: (Active) - (Size=89.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59.6 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vinc\Desktop" je 3283 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\Run: [] => [X]
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {39dce2de-3764-11e3-b5a4-001d60fd27f1} - I:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {3b633cd9-30af-11e5-b009-001d60fd27f1} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {b31a15a9-4894-11e3-ae23-001d60fd27f1} - I:\LGAutoRun.exe
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {b31a15b5-4894-11e3-ae23-001d60fd27f1} - I:\PcOptions.exe
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> DefaultScope {DFE7119D-13A2-44BE-8281-27CC86DDA5FE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> {DFE7119D-13A2-44BE-8281-27CC86DDA5FE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> No Name - {434C4D2D-5341-5400-76A7-7A786E7484D7} - No File
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\3ee9z9zp.default -> hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\3ee9z9zp.default -> Tuvaro
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\t14a.pad
C:\Users\Vinc\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Vinc\Desktop" je 3283 MB.

To je příliš mnoho a může to způsobovat pomalý start systému. Vytvořte v C:\Users\Vinc novou složku, do níž přesuňte veškerá data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Fix result of Farbar Recovery Scan Tool (x86) Version: 23-11-2016
Ran by Vinc (26-11-2016 11:53:35) Run:1
Running from C:\Users\Vinc\Desktop
Loaded Profiles: Vinc (Available Profiles: Vinc)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\Run: [] => [X]
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {39dce2de-3764-11e3-b5a4-001d60fd27f1} - I:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {3b633cd9-30af-11e5-b009-001d60fd27f1} - I:\LG_PC_Programs.exe
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {b31a15a9-4894-11e3-ae23-001d60fd27f1} - I:\LGAutoRun.exe
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\...\MountPoints2: {b31a15b5-4894-11e3-ae23-001d60fd27f1} - I:\PcOptions.exe
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> DefaultScope {DFE7119D-13A2-44BE-8281-27CC86DDA5FE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> {DFE7119D-13A2-44BE-8281-27CC86DDA5FE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
Toolbar: HKU\S-1-5-21-4096036714-2317514608-166931336-1000 -> No Name - {434C4D2D-5341-5400-76A7-7A786E7484D7} - No File
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\3ee9z9zp.default -> hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\3ee9z9zp.default -> Tuvaro
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\t14a.pad
C:\Users\Vinc\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
"HKU\S-1-5-21-4096036714-2317514608-166931336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39dce2de-3764-11e3-b5a4-001d60fd27f1}" => key removed successfully.
HKCR\CLSID\{39dce2de-3764-11e3-b5a4-001d60fd27f1} => key not found.
"HKU\S-1-5-21-4096036714-2317514608-166931336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3b633cd9-30af-11e5-b009-001d60fd27f1}" => key removed successfully.
HKCR\CLSID\{3b633cd9-30af-11e5-b009-001d60fd27f1} => key not found.
"HKU\S-1-5-21-4096036714-2317514608-166931336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b31a15a9-4894-11e3-ae23-001d60fd27f1}" => key removed successfully.
HKCR\CLSID\{b31a15a9-4894-11e3-ae23-001d60fd27f1} => key not found.
"HKU\S-1-5-21-4096036714-2317514608-166931336-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b31a15b5-4894-11e3-ae23-001d60fd27f1}" => key removed successfully.
HKCR\CLSID\{b31a15b5-4894-11e3-ae23-001d60fd27f1} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" => key removed successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => key not found.
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-4096036714-2317514608-166931336-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DFE7119D-13A2-44BE-8281-27CC86DDA5FE}" => key removed successfully.
HKCR\CLSID\{DFE7119D-13A2-44BE-8281-27CC86DDA5FE} => key not found.
HKU\S-1-5-21-4096036714-2317514608-166931336-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{434C4D2D-5341-5400-76A7-7A786E7484D7} => value removed successfully.
HKCR\CLSID\{434C4D2D-5341-5400-76A7-7A786E7484D7} => key not found.
Firefox DefaultSearchUrl removed successfully.
Firefox SelectedSearchEngine removed successfully.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully.
"HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\t14a.pad => moved successfully

"C:\Users\Vinc\AppData\Local\Temp" folder move:

Could not move "C:\Users\Vinc\AppData\Local\Temp" => Scheduled to move on reboot.


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3388468 B
Java, Flash, Steam htmlcache => 1370 B
Windows/system/drivers => 1348 B
Edge => 0 B
Chrome => 51276086 B
Firefox => 381551572 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 1870334 B
LocalService => 66708 B
NetworkService => 2090 B
Vinc => 37874818 B

RecycleBin => 0 B
EmptyTemp: => 462 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-11-2016 11:55:41)

C:\Users\Vinc\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:55:41 ====

Smazáno. Nastala nějaká změna?

Myslim ze notebook je o nieco rychlejsi este ho defragmentujem a snad to bude ok.Este sa opytam ten log je z celeho pc myslim disky C a D?Inac moc velka vdaka za pomoc.

Vsetko je OK syn je spokojny a tiez dakuje

Log je převážne ze systémového disku. Pokud by se něco spouštělo z jiného disku, než systémového, pak i z něj. Pokud si zavirujete počítač, odnese to zpravidla oper. systém. Tak proto. Nemáte zač!