VIRY.CZ

Zdravím, nějaká havěť mi přesměrovává okna na erotické hry a jiné obdobné stránky. V cookies mám složku pipechanels.com, ta se objevuje stále i po vymazání. Prohlížeč Firefox nightly. Co s tím ? Díky za radu

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-12-2017
Ran by Petr (administrator) on BUDINOVI (16-12-2017 22:36:11)
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Nightly\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
() C:\ProgramData\GreatSoft\WS-Booster\WS-Booster.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Sony) C:\Program Files\Sony\Xperia Companion\XperiaCompanionAgent.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
( ) C:\Users\Petr\Downloads\Vikings_S05E04_720p_HDTV_x264-KILLERS\setup.exe
() C:\Users\Petr\AppData\Local\Temp\is-HBHFP.tmp\setup.tmp
(System Process Inc.) C:\Users\Petr\AppData\Roaming\Idle\Idle.exe
( ) C:\Users\Petr\Downloads\Vikings_S05E04_720p_HDTV_x264-KILLERS\setup.exe
() C:\Users\Petr\AppData\Local\Temp\is-I99MB.tmp\setup.tmp
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Family Tree Builder Update] => C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-11-09] (AMD)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [LinkMagic for magicolor 1680MF] => [X]
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files\Sony\Xperia Companion\XperiaCompanionAgent.exe [2105728 2017-05-31] (Sony)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {107ae12c-fb2c-11e6-a718-80c16eee84f4} - H:\startme.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {c34109fc-dfcb-11e1-a8a4-80c16eee84f4} - G:\autorun.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-547410738-3630084662-3663649074-1000] => http=127.0.0.1:49180;https=127.0.0.1:49180
AutoConfigURL: [S-1-5-21-547410738-3630084662-3663649074-1000] => http=127.0.0.1:49180;https=127.0.0.1:49180
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{456172AB-5DD2-40A7-ACFC-FDAA69B8ABD7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> DefaultScope {098377F4-B708-4A5D-9576-A279A88A150A} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {098377F4-B708-4A5D-9576-A279A88A150A} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {8329AD31-27BD-4958-BA55-03CB1AED11C4} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-30] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: wq0bbe54.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wq0bbe54.default [2017-12-16]
FF Homepage: Mozilla\Firefox\Profiles\wq0bbe54.default -> hxxp://www.seznam.cz/
FF Extension: (Test Pilot) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wq0bbe54.default\Extensions\@testpilot-addon.xpi [2017-12-15] [Legacy]
FF Extension: (Image Zoom) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wq0bbe54.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2016-04-27] [Legacy]
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\cncp0q0i.dev-edition-default [2017-12-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-18] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-547410738-3630084662-3663649074-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS)
StartMenuInternet: Firefox-A3710B8EBB50CD3 - C:\Program Files\Nightly\firefox.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36196787.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36197192.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\36196787.cfg [2017-12-16] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\36197192.cfg [2017-12-16] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2017-12-15]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-04]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-14]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 Mobizen plugin; C:\desktop\New Folder\MobizenService\MobizenService.exe [1276800 2017-11-22] ( Rsupport Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [1431424 2017-05-31] (Sony)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-08-06] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2017-11-16] (Sony Mobile Communications)
R3 GKUPRO2D; C:\Windows\System32\Drivers\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 MpKsl9d393ce2; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E2D35A69-40A2-412C-A6F9-36A0FA2AE54D}\MpKsl9d393ce2.sys [49504 2017-12-16] (Microsoft Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [28400 2017-07-15] () [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [173568 2011-11-14] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [208896 2011-11-14] (VIA Technologies, Inc.)
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-16 22:36 - 2017-12-16 22:41 - 000017151 _____ C:\Users\Petr\Downloads\FRST.txt
2017-12-16 22:34 - 2017-12-16 22:35 - 001752576 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Idle
2017-12-16 19:35 - 2017-12-16 19:35 - 000000000 ____D C:\Users\Petr\Downloads\Vikings_S05E04_720p_HDTV_x264-KILLERS
2017-12-15 19:10 - 2017-12-15 19:10 - 000343338 _____ C:\Users\Petr\Downloads\Bořík, Bohoušek a spol - Steklač V..epub
2017-12-13 16:11 - 2017-11-17 05:15 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-13 16:11 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 16:11 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 16:11 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 16:11 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 16:11 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 16:11 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 16:11 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 16:11 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 16:11 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 16:11 - 2017-11-07 21:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 16:11 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 16:11 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 16:11 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 16:11 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 16:11 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 16:11 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 16:11 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 16:11 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 16:11 - 2017-11-07 21:39 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 16:11 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 16:11 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 16:11 - 2017-11-07 21:35 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 16:11 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 16:11 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 16:11 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 16:11 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 16:11 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 16:11 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 16:11 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 16:11 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 16:11 - 2017-11-07 21:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 16:11 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 16:11 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 16:11 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 16:11 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 16:11 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 16:11 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 16:11 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 16:11 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 16:11 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 16:11 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 16:11 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 16:11 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 16:11 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 16:11 - 2017-10-12 01:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-08 18:21 - 2017-12-08 18:27 - 000000000 ____D C:\Users\Petr\Desktop\dlažba, obklad
2017-12-04 15:11 - 2017-12-04 15:11 - 000000000 ____D C:\Users\Petr\AppData\Roaming\slay-one-desktop
2017-12-02 13:32 - 2017-12-02 13:33 - 000000000 ____D C:\Users\Petr\AppData\Local\Movavi
2017-12-02 13:32 - 2017-12-02 13:32 - 000000000 ____D C:\Users\Petr\AppData\Local\ScreenRecorder
2017-12-02 13:32 - 2017-12-02 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi
2017-12-02 13:31 - 2017-12-02 13:31 - 000005097 _____ C:\ProgramData\eslierbc.jnj
2017-12-02 13:31 - 2017-12-02 13:31 - 000000000 ____D C:\ProgramData\Movavi Screen Recorder 9
2017-12-02 13:31 - 2017-12-02 13:31 - 000000000 ____D C:\ProgramData\Movavi
2017-12-02 13:26 - 2017-12-02 13:26 - 000005082 _____ C:\ProgramData\yfnytlwp.esg
2017-12-02 13:26 - 2017-12-02 13:26 - 000000016 _____ C:\ProgramData\mntemp
2017-12-02 13:26 - 2017-12-02 13:26 - 000000000 ____D C:\ProgramData\Movavi Game Capture 5
2017-12-02 11:32 - 2017-12-02 11:32 - 000000000 ____D C:\Users\Public\Documents\Rsupport
2017-12-02 11:32 - 2017-12-02 11:32 - 000000000 ____D C:\Users\Petr\Documents\Mobizen
2017-12-02 11:32 - 2017-12-02 11:32 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Rsupport
2017-12-02 11:31 - 2017-12-02 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT
2017-11-30 20:57 - 2017-11-30 20:57 - 000000000 ____D C:\Users\Petr\Desktop\prilohy_27505
2017-11-30 20:50 - 2017-11-30 20:50 - 001724058 _____ C:\Users\Petr\Downloads\prilohy_27505.zip
2017-11-29 18:30 - 2017-11-29 18:30 - 000001340 _____ C:\Users\Petr\Desktop\OpertionInfinityBakery.txt
2017-11-28 17:21 - 2017-11-28 17:21 - 000000000 ____D C:\Users\Petr\Desktop\Karta zdr. poj. Toník
2017-11-27 16:44 - 2017-11-27 16:44 - 000000000 ____D C:\Users\Petr\Desktop\Firefox Images
2017-11-25 21:14 - 2017-11-25 21:15 - 000000000 ____D C:\Users\Petr\Desktop\Elán vše
2017-11-24 18:34 - 2017-11-24 18:34 - 000000000 ____D C:\Users\Petr\Documents\AutomaticSolution Software
2017-11-24 16:17 - 2017-12-16 19:36 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2017-11-24 16:17 - 2017-11-24 16:17 - 000001187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2017-11-23 22:12 - 2017-11-23 22:13 - 000000000 ____D C:\Users\Petr\Šlapeto
2017-11-23 22:01 - 2017-11-23 22:01 - 000000000 ____D C:\Users\Petr\elán love
2017-11-23 20:19 - 2017-11-23 20:19 - 001902032 _____ C:\Users\Petr\Downloads\abadia.pdf
2017-11-20 18:25 - 2017-11-20 18:25 - 000206113 _____ C:\Users\Petr\Downloads\OZ 4 - přechodné .xlsm
2017-11-19 14:04 - 2017-12-16 15:51 - 000000000 ____D C:\Program Files\Nightly
2017-11-19 14:04 - 2017-11-19 14:04 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightly.lnk
2017-11-17 22:46 - 2017-11-17 23:19 - 3110141952 _____ C:\Users\Petr\Downloads\Dredd 2012 cz dabing super kvalita 720p..avi
2017-11-16 20:35 - 2017-11-16 21:00 - 000000000 ____D C:\ASPI
2017-11-16 18:57 - 2017-11-16 18:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggsomc_01009.Wdf
2017-11-16 18:57 - 2017-11-16 18:57 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2017-11-16 18:55 - 2017-11-16 18:55 - 000026328 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggsomc.sys
2017-11-16 18:55 - 2017-11-16 18:55 - 000013528 _____ (Sony Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2017-11-16 18:53 - 2017-11-16 18:53 - 000000000 ____D C:\ProgramData\Sony Mobile
2017-11-16 18:53 - 2017-11-16 18:53 - 000000000 ____D C:\Program Files\Sony Mobile

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-16 22:36 - 2014-03-03 22:31 - 000000000 ____D C:\FRST
2017-12-16 22:16 - 2016-11-17 20:34 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2017-12-16 21:05 - 2015-11-10 22:41 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2017-12-16 19:36 - 2016-10-21 15:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-16 10:32 - 2009-07-14 05:34 - 000026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-16 10:32 - 2009-07-14 05:34 - 000026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-16 10:26 - 2014-03-05 23:00 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-16 09:38 - 2012-08-06 07:35 - 001593150 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-16 09:38 - 2009-07-14 09:37 - 000672136 _____ C:\Windows\system32\perfh005.dat
2017-12-16 09:38 - 2009-07-14 09:37 - 000142732 _____ C:\Windows\system32\perfc005.dat
2017-12-16 09:38 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-12-16 09:33 - 2014-02-19 22:43 - 000000442 ____H C:\Windows\Tasks\WS-Booster-S-596631634.job
2017-12-16 09:33 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-15 19:14 - 2015-07-04 21:43 - 000000000 ____D C:\Users\Petr\Documents\Knihovna Calibre
2017-12-14 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2017-12-13 20:28 - 2009-07-14 05:33 - 000406880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-13 20:25 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 20:09 - 2013-08-21 06:54 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 20:03 - 2017-10-12 19:02 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 20:03 - 2012-08-06 08:32 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-11 20:43 - 2017-11-03 17:56 - 000000000 ____D C:\Users\Petr\Desktop\Obrázky
2017-12-11 20:40 - 2012-08-06 11:13 - 000000000 ___RD C:\Users\Petr\Desktop\hesla
2017-12-11 15:07 - 2015-10-17 17:12 - 000000000 ____D C:\Users\Petr\Desktop\tondové
2017-12-07 23:47 - 2016-02-19 16:57 - 000000000 ____D C:\Program Files\Steam
2017-12-07 23:44 - 2017-11-04 20:46 - 000000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2017-12-07 20:53 - 2017-11-04 20:55 - 000000000 ____D C:\Program Files\StarCraft II
2017-12-07 17:34 - 2017-11-04 20:46 - 000000000 ____D C:\Program Files\Battle.net
2017-12-03 10:03 - 2012-08-06 14:52 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-29 17:39 - 2009-07-14 03:04 - 000000478 _____ C:\Windows\win.ini
2017-11-29 14:30 - 2015-07-25 19:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-25 23:20 - 2017-05-30 18:46 - 000032256 _____ C:\Users\Petr\Desktop\pracovní výkaz Msp_Budín.xls
2017-11-23 22:13 - 2012-08-06 07:32 - 000000000 ____D C:\Users\Petr
2017-11-20 21:32 - 2012-08-06 07:51 - 000450720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-17 18:55 - 2017-08-21 18:37 - 000000000 ____D C:\Users\Petr\Desktop\Odis foto
2017-11-16 22:51 - 2009-07-14 05:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-16 18:50 - 2012-08-06 11:05 - 000000000 ____D C:\Users\Petr\Documents\PETR
2017-11-16 14:41 - 2014-03-05 23:01 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Mozilla
2017-11-16 14:39 - 2014-11-04 18:17 - 000001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

==================== Files in the root of some directories =======

2013-03-23 19:24 - 2014-08-19 20:43 - 002171392 _____ () C:\Users\Petr\AppData\Roaming\bfldb.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 002248704 _____ () C:\Users\Petr\AppData\Roaming\bfldongle.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 002265088 _____ () C:\Users\Petr\AppData\Roaming\bfluart.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 002416640 _____ () C:\Users\Petr\AppData\Roaming\bflusb.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 000004366 _____ () C:\Users\Petr\AppData\Roaming\C
2014-02-16 22:31 - 2017-03-03 19:01 - 000007168 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-25 10:22 - 2017-02-25 10:22 - 049685376 _____ (Sony) C:\Users\Petr\AppData\Local\pcc.exe
2017-08-20 19:32 - 2017-08-20 19:32 - 000032038 _____ () C:\Users\Petr\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2016-06-12 14:26 - 2016-06-12 14:26 - 000000000 _____ () C:\Users\Petr\AppData\Local\{0F627AE5-C386-418E-99C7-E6E19AEEA611}

Some files in TEMP:
====================
2017-12-16 19:36 - 2017-12-16 19:36 - 000839680 _____ (System Process Inc.) C:\Users\Petr\AppData\Local\Temp\36197613.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000839680 _____ (System Process Inc.) C:\Users\Petr\AppData\Local\Temp\36197645.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000970240 _____ () C:\Users\Petr\AppData\Local\Temp\36204259.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000970240 _____ () C:\Users\Petr\AppData\Local\Temp\36204290.exe
2017-01-01 15:44 - 2017-01-01 15:44 - 000737856 _____ (Oracle Corporation) C:\Users\Petr\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-08-30 15:26 - 2017-08-30 15:26 - 000740416 _____ (Oracle Corporation) C:\Users\Petr\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-04-23 19:38 - 2017-04-23 19:39 - 057827288 _____ (Skype Technologies S.A.) C:\Users\Petr\AppData\Local\Temp\SkypeSetup.exe
2017-04-21 19:06 - 2017-04-21 19:06 - 014456872 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\vc_redist.x86.exe
2017-02-25 10:22 - 2017-02-25 10:22 - 049239544 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcs4146.tmp.exe
2017-05-07 06:29 - 2017-05-07 06:29 - 049508048 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcs7DA8.tmp.exe
2017-04-20 19:46 - 2017-04-20 19:46 - 049294512 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcsAA2A.tmp.exe
2017-07-29 20:21 - 2017-07-29 20:21 - 049533288 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcsE460.tmp.exe
2016-11-13 15:45 - 2008-05-23 17:25 - 000456416 _____ (Macrovision Corporation) C:\Users\Petr\AppData\Local\Temp\_is6163.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-09 09:30

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

provedl jsem, log viz níže. Něco dál ?

# AdwCleaner 7.0.5.0 - Logfile created on Sun Dec 17 11:20:15 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Professional (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater
Deleted: C:\Program Files\GreenTree Applications
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Deleted: C:\Program Files\myfree codec
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted: C:\ProgramData\ytd video downloader
Deleted: C:\ProgramData\Application Data\ytd video downloader
Deleted: C:\Users\All Users\ytd video downloader
Deleted: C:\Program Files\Enigma Software Group
Deleted: C:\ProgramData\43103e466190a1cd

***** [ Files ] *****

Deleted: C:\Users\All Users\Desktop\YTD Video Downloader.lnk
Deleted: C:\Users\Public\Desktop\YTD Video Downloader.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: WS-Booster-S-596631634

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted: [Key] - HKLM\SOFTWARE\Myfree Codec
Deleted: [Key] - HKU\S-1-5-21-547410738-3630084662-3663649074-1000\Software\Myfree Codec
Deleted: [Key] - HKCU\Software\Myfree Codec
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Deleted: [Key] - HKU\S-1-5-21-547410738-3630084662-3663649074-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-547410738-3630084662-3663649074-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\SpyHunter\
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files\Enigma Software Group\

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [8526 B] - [2014/11/4 18:21:48]
C:/AdwCleaner/AdwCleaner[S1].txt - [3368 B] - [2017/12/17 11:18:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Dejte nový log FRST.

vkládám :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-12-2017
Ran by Petr (administrator) on BUDINOVI (17-12-2017 14:33:57)
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Nightly\firefox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
( Rsupport Corporation) C:\desktop\New Folder\MobizenService\MobizenService.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(System Process Inc.) C:\Users\Petr\AppData\Roaming\Idle\Idle.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Rsupport corporation) C:\desktop\New Folder\MobizenService\MobizenTray.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(Sony) C:\Program Files\Sony\Xperia Companion\XperiaCompanionAgent.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Nightly\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Family Tree Builder Update] => C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2477056 2015-03-02] (MyHeritage)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-11-09] (AMD)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [LinkMagic for magicolor 1680MF] => [X]
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files\Sony\Xperia Companion\XperiaCompanionAgent.exe [2105728 2017-05-31] (Sony)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {107ae12c-fb2c-11e6-a718-80c16eee84f4} - H:\startme.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {c34109fc-dfcb-11e1-a8a4-80c16eee84f4} - G:\autorun.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-547410738-3630084662-3663649074-1000] => http=127.0.0.1:49180;https=127.0.0.1:49180
AutoConfigURL: [S-1-5-21-547410738-3630084662-3663649074-1000] => http=127.0.0.1:49180;https=127.0.0.1:49180
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{456172AB-5DD2-40A7-ACFC-FDAA69B8ABD7}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> DefaultScope {098377F4-B708-4A5D-9576-A279A88A150A} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {098377F4-B708-4A5D-9576-A279A88A150A} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {8329AD31-27BD-4958-BA55-03CB1AED11C4} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-30] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: wq0bbe54.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wq0bbe54.default [2017-12-17]
FF Homepage: Mozilla\Firefox\Profiles\wq0bbe54.default -> hxxp://www.seznam.cz/
FF Extension: (Test Pilot) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wq0bbe54.default\Extensions\@testpilot-addon.xpi [2017-12-15] [Legacy]
FF Extension: (Image Zoom) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\wq0bbe54.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2016-04-27] [Legacy]
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\cncp0q0i.dev-edition-default [2017-12-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-18] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-547410738-3630084662-3663649074-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Petr\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-06-10] (Unity Technologies ApS)
StartMenuInternet: Firefox-A3710B8EBB50CD3 - C:\Program Files\Nightly\firefox.exe
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36196787.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36197192.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\36196787.cfg [2017-12-16] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\36197192.cfg [2017-12-16] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2017-12-17]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-04]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-14]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-04]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S4 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Mobizen plugin; C:\desktop\New Folder\MobizenService\MobizenService.exe [1276800 2017-11-22] ( Rsupport Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
S4 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Avanquest Software)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [1431424 2017-05-31] (Sony)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-08-06] (DT Soft Ltd)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [26328 2017-11-16] (Sony Mobile Communications)
R3 GKUPRO2D; C:\Windows\System32\Drivers\GKUPRO2D.sys [90240 2012-11-05] (Gemalto)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [86824 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [114600 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [108328 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [26024 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [104616 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [109736 2008-10-21] (MCCI Corporation)
S4 secdrv; C:\Windows\system32\Drivers\secdrv.sys [28400 2017-07-15] () [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [173568 2011-11-14] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [208896 2011-11-14] (VIA Technologies, Inc.)
S3 CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-17 14:33 - 2017-12-17 14:35 - 000016676 _____ C:\Users\Petr\Downloads\FRST.txt
2017-12-17 14:33 - 2017-12-17 14:33 - 000000000 ____D C:\Users\Petr\Downloads\FRST-OlderVersion
2017-12-17 12:22 - 2017-12-17 12:22 - 000003173 _____ C:\Users\Petr\Desktop\AdwCleaner[C0].txt
2017-12-17 12:19 - 2017-12-17 12:19 - 000003368 _____ C:\Users\Petr\Desktop\AdwCleaner[S1].txt
2017-12-17 12:16 - 2017-12-17 12:16 - 008187336 _____ (Malwarebytes) C:\Users\Petr\Downloads\adwcleaner_7.0.5.0.exe
2017-12-16 22:34 - 2017-12-17 14:33 - 001752576 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Idle
2017-12-16 19:35 - 2017-12-16 19:35 - 000000000 ____D C:\Users\Petr\Downloads\Vikings_S05E04_720p_HDTV_x264-KILLERS
2017-12-15 19:10 - 2017-12-15 19:10 - 000343338 _____ C:\Users\Petr\Downloads\Bořík, Bohoušek a spol - Steklač V..epub
2017-12-13 16:11 - 2017-11-17 05:15 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-12-13 16:11 - 2017-11-15 01:36 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-12-13 16:11 - 2017-11-14 02:37 - 013679616 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-12-13 16:11 - 2017-11-14 02:15 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-12-13 16:11 - 2017-11-14 02:15 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-12-13 16:11 - 2017-11-14 02:15 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-12-13 16:11 - 2017-11-14 02:10 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-12-13 16:11 - 2017-11-14 01:32 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-12-13 16:11 - 2017-11-14 01:31 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-12-13 16:11 - 2017-11-07 21:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-12-13 16:11 - 2017-11-07 21:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-12-13 16:11 - 2017-11-07 21:46 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-12-13 16:11 - 2017-11-07 21:46 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-12-13 16:11 - 2017-11-07 21:46 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-12-13 16:11 - 2017-11-07 21:44 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-12-13 16:11 - 2017-11-07 21:41 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-12-13 16:11 - 2017-11-07 21:41 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-12-13 16:11 - 2017-11-07 21:40 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-12-13 16:11 - 2017-11-07 21:39 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-12-13 16:11 - 2017-11-07 21:39 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-12-13 16:11 - 2017-11-07 21:38 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-12-13 16:11 - 2017-11-07 21:38 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-12-13 16:11 - 2017-11-07 21:35 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-12-13 16:11 - 2017-11-07 21:29 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-12-13 16:11 - 2017-11-07 21:28 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-12-13 16:11 - 2017-11-07 21:28 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-12-13 16:11 - 2017-11-07 21:27 - 004509696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-12-13 16:11 - 2017-11-07 21:26 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-12-13 16:11 - 2017-11-07 21:24 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-12-13 16:11 - 2017-11-07 21:19 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-12-13 16:11 - 2017-11-07 21:18 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-12-13 16:11 - 2017-11-07 21:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-12-13 16:11 - 2017-11-07 21:17 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-12-13 16:11 - 2017-11-07 21:17 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-12-13 16:11 - 2017-11-07 21:04 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-12-13 16:11 - 2017-11-07 21:01 - 001313280 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-12-13 16:11 - 2017-11-07 20:58 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-12-13 16:11 - 2017-11-07 17:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 16:11 - 2017-11-04 16:10 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2017-12-13 16:11 - 2017-11-04 16:10 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 16:11 - 2017-11-02 16:11 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 16:11 - 2017-11-02 16:11 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2017-12-13 16:11 - 2017-11-02 16:11 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2017-12-13 16:11 - 2017-11-02 15:56 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2017-12-13 16:11 - 2017-10-16 23:46 - 000953344 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-12-13 16:11 - 2017-10-12 01:14 - 000247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-12-08 18:21 - 2017-12-08 18:27 - 000000000 ____D C:\Users\Petr\Desktop\dlažba, obklad
2017-12-04 15:11 - 2017-12-04 15:11 - 000000000 ____D C:\Users\Petr\AppData\Roaming\slay-one-desktop
2017-12-02 13:32 - 2017-12-02 13:33 - 000000000 ____D C:\Users\Petr\AppData\Local\Movavi
2017-12-02 13:32 - 2017-12-02 13:32 - 000000000 ____D C:\Users\Petr\AppData\Local\ScreenRecorder
2017-12-02 13:32 - 2017-12-02 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi
2017-12-02 13:31 - 2017-12-02 13:31 - 000005097 _____ C:\ProgramData\eslierbc.jnj
2017-12-02 13:31 - 2017-12-02 13:31 - 000000000 ____D C:\ProgramData\Movavi Screen Recorder 9
2017-12-02 13:31 - 2017-12-02 13:31 - 000000000 ____D C:\ProgramData\Movavi
2017-12-02 13:26 - 2017-12-02 13:26 - 000005082 _____ C:\ProgramData\yfnytlwp.esg
2017-12-02 13:26 - 2017-12-02 13:26 - 000000016 _____ C:\ProgramData\mntemp
2017-12-02 13:26 - 2017-12-02 13:26 - 000000000 ____D C:\ProgramData\Movavi Game Capture 5
2017-12-02 11:32 - 2017-12-02 11:32 - 000000000 ____D C:\Users\Public\Documents\Rsupport
2017-12-02 11:32 - 2017-12-02 11:32 - 000000000 ____D C:\Users\Petr\Documents\Mobizen
2017-12-02 11:32 - 2017-12-02 11:32 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Rsupport
2017-12-02 11:31 - 2017-12-02 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT
2017-11-30 20:57 - 2017-11-30 20:57 - 000000000 ____D C:\Users\Petr\Desktop\prilohy_27505
2017-11-30 20:50 - 2017-11-30 20:50 - 001724058 _____ C:\Users\Petr\Downloads\prilohy_27505.zip
2017-11-29 18:30 - 2017-11-29 18:30 - 000001340 _____ C:\Users\Petr\Desktop\OpertionInfinityBakery.txt
2017-11-28 17:21 - 2017-11-28 17:21 - 000000000 ____D C:\Users\Petr\Desktop\Karta zdr. poj. Toník
2017-11-27 16:44 - 2017-11-27 16:44 - 000000000 ____D C:\Users\Petr\Desktop\Firefox Images
2017-11-25 21:14 - 2017-11-25 21:15 - 000000000 ____D C:\Users\Petr\Desktop\Elán vše
2017-11-24 18:34 - 2017-11-24 18:34 - 000000000 ____D C:\Users\Petr\Documents\AutomaticSolution Software
2017-11-24 16:17 - 2017-12-16 19:36 - 000000000 ____D C:\Program Files\Firefox Developer Edition
2017-11-24 16:17 - 2017-11-24 16:17 - 000001187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Developer Edition.lnk
2017-11-23 22:12 - 2017-11-23 22:13 - 000000000 ____D C:\Users\Petr\Šlapeto
2017-11-23 22:01 - 2017-11-23 22:01 - 000000000 ____D C:\Users\Petr\elán love
2017-11-23 20:19 - 2017-11-23 20:19 - 001902032 _____ C:\Users\Petr\Downloads\abadia.pdf
2017-11-20 18:25 - 2017-11-20 18:25 - 000206113 _____ C:\Users\Petr\Downloads\OZ 4 - přechodné .xlsm
2017-11-19 14:04 - 2017-12-17 12:23 - 000000000 ____D C:\Program Files\Nightly
2017-11-19 14:04 - 2017-11-19 14:04 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightly.lnk
2017-11-17 22:46 - 2017-11-17 23:19 - 3110141952 _____ C:\Users\Petr\Downloads\Dredd 2012 cz dabing super kvalita 720p..avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-17 14:33 - 2014-03-03 22:31 - 000000000 ____D C:\FRST
2017-12-17 12:30 - 2009-07-14 05:34 - 000026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-12-17 12:30 - 2009-07-14 05:34 - 000026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-12-17 12:27 - 2012-08-06 07:35 - 001593150 _____ C:\Windows\system32\PerfStringBackup.INI
2017-12-17 12:27 - 2009-07-14 09:37 - 000672136 _____ C:\Windows\system32\perfh005.dat
2017-12-17 12:27 - 2009-07-14 09:37 - 000142732 _____ C:\Windows\system32\perfc005.dat
2017-12-17 12:27 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-12-17 12:23 - 2016-11-17 20:34 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2017-12-17 12:23 - 2014-03-05 23:00 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-12-17 12:21 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-12-17 12:20 - 2014-11-04 18:49 - 000000000 ____D C:\AdwCleaner
2017-12-16 23:14 - 2012-08-06 11:13 - 000000000 ___RD C:\Users\Petr\Desktop\hesla
2017-12-16 21:05 - 2015-11-10 22:41 - 000000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2017-12-16 19:36 - 2016-10-21 15:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-12-15 19:14 - 2015-07-04 21:43 - 000000000 ____D C:\Users\Petr\Documents\Knihovna Calibre
2017-12-14 14:06 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2017-12-13 20:28 - 2009-07-14 05:33 - 000406880 _____ C:\Windows\system32\FNTCACHE.DAT
2017-12-13 20:25 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\Setup
2017-12-13 20:09 - 2013-08-21 06:54 - 000000000 ____D C:\Windows\system32\MRT
2017-12-13 20:03 - 2017-10-12 19:02 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-12-13 20:03 - 2012-08-06 08:32 - 130448288 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-12-11 20:43 - 2017-11-03 17:56 - 000000000 ____D C:\Users\Petr\Desktop\Obrázky
2017-12-11 15:07 - 2015-10-17 17:12 - 000000000 ____D C:\Users\Petr\Desktop\tondové
2017-12-07 23:47 - 2016-02-19 16:57 - 000000000 ____D C:\Program Files\Steam
2017-12-07 23:44 - 2017-11-04 20:46 - 000000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2017-12-07 20:53 - 2017-11-04 20:55 - 000000000 ____D C:\Program Files\StarCraft II
2017-12-07 17:34 - 2017-11-04 20:46 - 000000000 ____D C:\Program Files\Battle.net
2017-12-03 10:03 - 2012-08-06 14:52 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-29 17:39 - 2009-07-14 03:04 - 000000478 _____ C:\Windows\win.ini
2017-11-29 14:30 - 2015-07-25 19:54 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-25 23:20 - 2017-05-30 18:46 - 000032256 _____ C:\Users\Petr\Desktop\pracovní výkaz Msp_Budín.xls
2017-11-23 22:13 - 2012-08-06 07:32 - 000000000 ____D C:\Users\Petr
2017-11-20 21:32 - 2012-08-06 07:51 - 000450720 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-11-17 18:55 - 2017-08-21 18:37 - 000000000 ____D C:\Users\Petr\Desktop\Odis foto

==================== Files in the root of some directories =======

2013-03-23 19:24 - 2014-08-19 20:43 - 002171392 _____ () C:\Users\Petr\AppData\Roaming\bfldb.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 002248704 _____ () C:\Users\Petr\AppData\Roaming\bfldongle.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 002265088 _____ () C:\Users\Petr\AppData\Roaming\bfluart.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 002416640 _____ () C:\Users\Petr\AppData\Roaming\bflusb.dll
2013-03-23 19:24 - 2014-08-19 20:43 - 000004366 _____ () C:\Users\Petr\AppData\Roaming\C
2014-02-16 22:31 - 2017-03-03 19:01 - 000007168 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-25 10:22 - 2017-02-25 10:22 - 049685376 _____ (Sony) C:\Users\Petr\AppData\Local\pcc.exe
2017-08-20 19:32 - 2017-08-20 19:32 - 000032038 _____ () C:\Users\Petr\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2016-06-12 14:26 - 2016-06-12 14:26 - 000000000 _____ () C:\Users\Petr\AppData\Local\{0F627AE5-C386-418E-99C7-E6E19AEEA611}

Some files in TEMP:
====================
2017-12-16 19:36 - 2017-12-16 19:36 - 000839680 _____ (System Process Inc.) C:\Users\Petr\AppData\Local\Temp\36197613.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000839680 _____ (System Process Inc.) C:\Users\Petr\AppData\Local\Temp\36197645.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000970240 _____ () C:\Users\Petr\AppData\Local\Temp\36204259.exe
2017-12-16 19:36 - 2017-12-16 19:36 - 000970240 _____ () C:\Users\Petr\AppData\Local\Temp\36204290.exe
2017-01-01 15:44 - 2017-01-01 15:44 - 000737856 _____ (Oracle Corporation) C:\Users\Petr\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-08-30 15:26 - 2017-08-30 15:26 - 000740416 _____ (Oracle Corporation) C:\Users\Petr\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-04-23 19:38 - 2017-04-23 19:39 - 057827288 _____ (Skype Technologies S.A.) C:\Users\Petr\AppData\Local\Temp\SkypeSetup.exe
2017-04-21 19:06 - 2017-04-21 19:06 - 014456872 _____ (Microsoft Corporation) C:\Users\Petr\AppData\Local\Temp\vc_redist.x86.exe
2017-02-25 10:22 - 2017-02-25 10:22 - 049239544 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcs4146.tmp.exe
2017-05-07 06:29 - 2017-05-07 06:29 - 049508048 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcs7DA8.tmp.exe
2017-04-20 19:46 - 2017-04-20 19:46 - 049294512 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcsAA2A.tmp.exe
2017-07-29 20:21 - 2017-07-29 20:21 - 049533288 _____ (Sony) C:\Users\Petr\AppData\Local\Temp\xcsE460.tmp.exe
2016-11-13 15:45 - 2008-05-23 17:25 - 000456416 _____ (Macrovision Corporation) C:\Users\Petr\AppData\Local\Temp\_is6163.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-09 09:30

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [LinkMagic for magicolor 1680MF] => [X]
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {107ae12c-fb2c-11e6-a718-80c16eee84f4} - H:\startme.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {c34109fc-dfcb-11e1-a8a4-80c16eee84f4} - G:\autorun.exe
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36196787.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36197192.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\36196787.cfg [2017-12-16] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\36197192.cfg [2017-12-16] <==== ATTENTION
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Petr\AppData\Local\Temp

EmptyTemp:
End

Uložte do C:\Users\Petr\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Provedeno prosím :

Fix result of Farbar Recovery Scan Tool (x86) Version: 17-12-2017
Ran by Petr (17-12-2017 18:47:05) Run:2
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\Run: [LinkMagic for magicolor 1680MF] => [X]
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: G - G:\autorun.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {107ae12c-fb2c-11e6-a718-80c16eee84f4} - H:\startme.exe
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\...\MountPoints2: {c34109fc-dfcb-11e1-a8a4-80c16eee84f4} - G:\autorun.exe
SearchScopes: HKU\S-1-5-21-547410738-3630084662-3663649074-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36196787.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\36197192.js [2017-12-16] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\36196787.cfg [2017-12-16] <==== ATTENTION
FF ExtraCheck: C:\Program Files\mozilla firefox\36197192.cfg [2017-12-16] <==== ATTENTION
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Petr\AppData\Local\Temp

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-547410738-3630084662-3663649074-1000\Software\Microsoft\Windows\CurrentVersion\Run\\LinkMagic for magicolor 1680MF => value removed successfully.
"HKU\S-1-5-21-547410738-3630084662-3663649074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => removed successfully.
"HKU\S-1-5-21-547410738-3630084662-3663649074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{107ae12c-fb2c-11e6-a718-80c16eee84f4}" => removed successfully.
HKLM\Software\Classes\CLSID\{107ae12c-fb2c-11e6-a718-80c16eee84f4} => not found
"HKU\S-1-5-21-547410738-3630084662-3663649074-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c34109fc-dfcb-11e1-a8a4-80c16eee84f4}" => removed successfully.
HKLM\Software\Classes\CLSID\{c34109fc-dfcb-11e1-a8a4-80c16eee84f4} => not found
"HKU\S-1-5-21-547410738-3630084662-3663649074-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully.
C:\Program Files\mozilla firefox\defaults\pref\36196787.js => moved successfully
C:\Program Files\mozilla firefox\defaults\pref\36197192.js => moved successfully
C:\Program Files\mozilla firefox\36196787.cfg => moved successfully
C:\Program Files\mozilla firefox\36197192.cfg => moved successfully
C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Petr\AppData\Local\Temp" folder move:

Could not move "C:\Users\Petr\AppData\Local\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 110555000 B
Java, Flash, Steam htmlcache => 168635637 B
Windows/system/drivers => 145939410 B
Edge => 0 B
Chrome => 353254129 B
Firefox => 402802004 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 117031 B
LocalService => 0 B
NetworkService => 304392846 B
Petr => 1296826638 B

RecycleBin => 228079317 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-12-2017 18:50:12)

C:\Users\Petr\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:50:17 ====

Smazáno. Nastala nějaká změna?

myslím si, že to bude v pořádku. Nic se mi už neotevírá

Velké díky a hodně zdaru do budoucna .... v čemkoliv

Děkuji za přání a vy nemáte zač!

VIRY.CZ

pipeschanels.com okna ?

pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?

Re: pipeschanels.com okna ?