Dobry den, mam podezreni ze se nam do notebooku dostala nejaka havet. Antivir, ale nic nehlasi. Proto bych byl velmi rad pokud by se mi nekdo zkuseny podival na log. Diky moc!
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Lucky (administrator) on PETULKA-THINK on 30-12-2014 11:16:20
Running from C:\Users\Lucky\Desktop
Loaded Profile: Lucky (Available profiles: Petulka & Lucky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Dropbox, Inc.) C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-01-27] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo Group Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [] => [X]
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {2cc129c6-9a51-11e0-847e-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {65557a67-1642-11e3-8f3e-f0def161f790} - F:\HTC_Sync_Manager_PC.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk /k:C * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchmania.info/?pid= ... Z&unqvl=70
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/web/?type= ... earchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc& ... XX5VJCVS3T
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchmania.info/?l=1& ... Z&unqvl=70
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {3E004C5A-2294-4321-B5D9-7B6CE4889D5A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchmania.info/?l=1& ... Z&unqvl=70
SearchScopes: HKU\S-1-5-21-1920216681-166065492-3221773523-1007 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-1920216681-166065492-3221773523-1007 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = http://dts.search-results.com/sr?src=ie ... earchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 194.12.32.233
FireFox:
========
FF ProfilePath: C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
FF Extension: BuyNsavee - C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default\Extensions\6rJ@x6Fq9L.org [2014-12-28]
FF Extension: YoutubbEAdBlocke - C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default\Extensions\oeot@EvWyU.net [2014-12-28]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com/?type=sc& ... XX5VJCVS3T
Chrome:
=======
CHR HomePage: Default -> hxxp://start.icq.com/
CHR Profile: C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Disk Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-10-10]
CHR Extension: (Dropbox) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-12-28]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2014-09-14]
CHR Extension: (Boomerang for Gmail) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Weather Aware) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2014-01-21]
CHR Extension: (Gmail) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-20] (DT Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2011-03-31] (Intel(R) Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)
R1 {9edce1a3-558f-4c3b-be88-be4ba52055de}Gw64; C:\Windows\System32\drivers\{9edce1a3-558f-4c3b-be88-be4ba52055de}Gw64.sys [48784 2014-11-27] (StdLib)
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 11:16 - 2014-12-30 11:17 - 00022425 _____ () C:\Users\Lucky\Desktop\FRST.txt
2014-12-30 11:15 - 2014-12-30 11:16 - 00000000 ____D () C:\FRST
2014-12-30 11:13 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Downloads\Nepotvrzeno 705462.crdownload
2014-12-30 11:12 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
2014-12-30 11:12 - 2014-12-30 11:12 - 02123264 _____ (Farbar) C:\Users\Lucky\Desktop\FRST64.exe
2014-12-28 23:11 - 2014-12-28 23:11 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-28 23:11 - 2014-12-28 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-28 23:10 - 2014-12-28 23:10 - 00000000 __SHD () C:\Users\Lucky\AppData\Local\EmieBrowserModeList
2014-12-28 23:06 - 2014-12-28 23:06 - 41338448 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeStandaloneSetup(1).exe
2014-12-28 23:05 - 2014-12-28 23:06 - 41338448 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeStandaloneSetup.exe
2014-12-28 22:58 - 2014-12-28 22:58 - 00880784 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeSetup.exe
2014-12-28 22:57 - 2014-12-28 22:57 - 00262232 _____ () C:\Users\Lucky\Downloads\GoogleUpdate.adm
2014-12-28 22:52 - 2014-12-28 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (3).exe
2014-12-28 22:43 - 2014-12-28 22:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (2).exe
2014-12-27 17:32 - 2014-12-27 17:32 - 00441344 _____ () C:\Users\Petulka\Downloads\VodaCoca.pps
2014-12-23 14:39 - 2014-12-23 14:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (1).exe
2014-12-23 12:36 - 2014-12-23 12:36 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-12-23 12:36 - 2014-12-23 12:36 - 00001390 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-12-23 12:36 - 2014-12-23 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-12-23 12:35 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-12-23 12:34 - 2014-12-23 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4.exe
2014-12-22 10:27 - 2014-12-22 10:27 - 00894464 _____ () C:\Users\Petulka\Downloads\SALY_prosinec.xls
2014-12-18 17:03 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 17:03 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 16:38 - 2014-12-15 16:39 - 08965956 _____ () C:\Users\Petulka\Downloads\DecoratingTheTrees (1).themepack
2014-12-15 16:38 - 2014-12-15 16:39 - 08207429 _____ () C:\Users\Petulka\Downloads\SugarAndSpice.themepack
2014-12-15 16:38 - 2014-12-15 16:38 - 09848819 _____ () C:\Users\Petulka\Downloads\DeckingTheHalls (1).themepack
2014-12-15 16:38 - 2014-12-15 16:38 - 09205655 _____ () C:\Users\Petulka\Downloads\HolidayLights (1).themepack
2014-12-14 17:56 - 2014-12-14 17:56 - 06157824 _____ () C:\Users\Petulka\Downloads\Strasburk Mala Francie.pps
2014-12-14 17:56 - 2014-12-14 17:56 - 04945408 _____ () C:\Users\Petulka\Downloads\3-ADVENT.pps
2014-12-10 23:29 - 2014-12-10 23:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Lucky\Downloads\SpyHunter-installer.exe
2014-12-10 23:22 - 2014-12-10 23:22 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\EZDownloader
2014-12-10 23:22 - 2014-12-10 23:22 - 00000000 ____D () C:\ProgramData\3872871776
2014-12-10 22:37 - 2014-12-09 16:59 - 128026221 _____ () C:\Users\Lucky\Desktop\tt_1.4_ita_uni_cz-sk.rar
2014-12-10 22:30 - 2014-12-10 20:51 - 1070015724 _____ () C:\Users\Lucky\Desktop\CEE_IT_ANDR.rar
2014-12-10 22:12 - 2014-12-29 08:26 - 00006316 _____ () C:\Windows\PFRO.log
2014-12-10 22:12 - 2014-12-10 22:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 21:51 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 21:51 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 21:51 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 21:51 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 21:51 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 21:51 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 21:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 21:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 21:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 21:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 20:24 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 20:24 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 20:23 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 20:23 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 20:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 20:23 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 20:23 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 20:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 20:23 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 20:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 20:23 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 20:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 20:23 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 20:23 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 20:23 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 20:23 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 20:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 20:23 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 20:23 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 20:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 20:23 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 20:23 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 20:23 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 20:23 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 20:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 20:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 20:23 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 20:23 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 20:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 20:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 20:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 20:23 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 20:23 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 20:23 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 20:23 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 20:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 20:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 20:23 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 20:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 20:23 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 20:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 20:23 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 20:23 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 20:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 20:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 20:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 20:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 20:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 20:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 20:23 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 20:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 20:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 20:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 20:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 20:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 20:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 20:23 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 20:23 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 20:23 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 20:22 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 20:22 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 20:22 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 20:22 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 20:22 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 20:22 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 20:22 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 20:22 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\ProgramData\4950124095679097672
2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\Program Files (x86)\BuyNsavee
2014-12-07 21:14 - 2014-12-07 21:14 - 01011200 _____ () C:\Users\Petulka\Downloads\Das Adventsfest Der 100 Lichter.exe
2014-12-06 21:53 - 2014-12-06 21:53 - 07054848 _____ () C:\Users\Petulka\Downloads\Vánoční rostliny .pps
2014-12-03 17:03 - 2014-12-29 08:27 - 00002934 _____ () C:\Windows\setupact.log
2014-12-03 17:03 - 2014-12-03 17:03 - 00000000 _____ () C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 11:16 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 11:16 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 11:12 - 2014-01-04 16:00 - 00000000 ____D () C:\Users\Lucky\AppData\Local\Adobe
2014-12-30 11:10 - 2012-03-29 06:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-30 11:10 - 2012-03-29 06:09 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-30 11:10 - 2012-03-29 06:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 11:10 - 2011-07-14 10:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-30 11:01 - 2014-01-05 11:35 - 00000000 ___RD () C:\Users\Lucky\Dropbox
2014-12-30 11:01 - 2014-01-05 11:31 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\Dropbox
2014-12-30 11:01 - 2011-08-15 15:34 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job
2014-12-30 11:00 - 2013-03-16 08:43 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 10:49 - 2013-03-16 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 10:48 - 2011-06-19 09:57 - 01999926 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 10:35 - 2011-07-14 10:44 - 00000000 ___RD () C:\Users\Petulka\Dropbox
2014-12-30 10:35 - 2011-07-14 10:33 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\Dropbox
2014-12-30 10:34 - 2011-08-15 15:34 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job
2014-12-29 11:29 - 2014-01-12 10:07 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-12-29 11:02 - 2011-08-29 19:20 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\vlc
2014-12-29 08:34 - 2011-06-19 09:46 - 00678004 _____ () C:\Windows\system32\perfh005.dat
2014-12-29 08:34 - 2011-06-19 09:46 - 00146888 _____ () C:\Windows\system32\perfc005.dat
2014-12-29 08:34 - 2009-07-14 06:13 - 01612436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-29 08:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-28 23:11 - 2011-09-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-24 11:56 - 2011-07-14 11:42 - 00000000 ____D () C:\Users\Petulka\AppData\Local\CrashDumps
2014-12-23 14:51 - 2013-12-28 18:57 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\vlc
2014-12-23 12:41 - 2014-03-09 19:26 - 00000000 ____D () C:\Users\Lucky\AppData\Local\CrashDumps
2014-12-23 12:37 - 2014-08-26 22:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-23 12:35 - 2011-07-14 10:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-17 18:31 - 2014-08-17 09:24 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1394895297
2014-12-17 18:31 - 2011-07-14 10:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-17 18:23 - 2011-07-14 10:34 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 21:52 - 2014-01-05 11:33 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 18:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 21:33 - 2014-04-29 14:55 - 00000000 ____D () C:\Users\Petulka\Desktop\RM_2014
2014-12-10 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 22:12 - 2014-05-07 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 22:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 22:10 - 2011-07-16 19:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 22:08 - 2013-08-15 21:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:54 - 2011-08-07 12:57 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-08 21:26 - 2013-12-28 18:49 - 00000000 ____D () C:\Users\Lucky\AppData\Local\Microsoft Help
2014-12-01 15:59 - 2014-11-29 22:00 - 1342228544 _____ () C:\Users\Lucky\Desktop\Vlk-z-Wall-Street.avi.6112858442905288751.part
2014-11-30 20:50 - 2014-03-10 16:21 - 01961472 ___SH () C:\Users\Petulka\Downloads\Thumbs.db
Files to move or delete:
====================
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Petulka\SEUD.exe
Some content of TEMP:
====================
C:\Users\Lucky\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw9dyvr.dll
C:\Users\Petulka\AppData\Local\Temp\17131A6.exe
C:\Users\Petulka\AppData\Local\Temp\1C0D144b6.exe
C:\Users\Petulka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpggzhyo.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Lucky\Desktop" je 2518 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar
"C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry
C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM
"C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\linkbucks2
"C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe
"C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\network_smb_linkbucks3rgxw
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
"C:\Users\Petulka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Petulka\AppData\Roaming\Seznam.cz" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RotateImage
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka - pomalý notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Pribinacek
- Návštěvník
- Příspěvky: 5
- Registrován: 30 pro 2014 11:22
Preventivka - pomalý notebook
- Přílohy
-
- Addition.zip
- (8.78 KiB) Staženo 25 x
Re: Preventivka - pomalý notebook
Zdravim 
Odinstalujte Spybot - Search & Destroy a McAfee Security Scan
Velikost plochy by nemela presahovat 200 MB. Snizuje se pak start i samotny chod celeho PC.
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Odinstalujte Spybot - Search & Destroy a McAfee Security Scan Velikost plochy by nemela presahovat 200 MB. Snizuje se pak start i samotny chod celeho PC. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
Pribinacek
- Návštěvník
- Příspěvky: 5
- Registrován: 30 pro 2014 11:22
Re: Preventivka - pomalý notebook
McAfee Security Scan jsem v PC uz nenasel, ale vim ze tam v minulosti byl. Pred nejakou dobou jsem ho daval pryc.
# AdwCleaner v4.106 - Report created 30/12/2014 at 15:26:38
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lucky - PETULKA-THINK
# Running from : C:\Users\Lucky\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : {9edce1a3-558f-4c3b-be88-be4ba52055de}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\4950124095679097672
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iMesh Applications
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Users\Lucky\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Petulka\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Petulka\AppData\Local\PackageAware
Folder Deleted : C:\Users\Petulka\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Petulka\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Petulka\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\YTAHelper
[!] Folder Deleted : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\p3ye4fe9.default\Extensions\zulagames@ZulaGames.com.xpi
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\p3ye4fe9.default\Extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com
Folder Deleted : C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default\Extensions\6rJ@x6Fq9L.org
Folder Deleted : C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default\Extensions\oeot@EvWyU.net
File Deleted : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\p3ye4fe9.default\Extensions\zulagames@ZulaGames.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{9edce1a3-558f-4c3b-be88-be4ba52055de}Gw64.sys
File Deleted : C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : LaunchSignup
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\BuyNsave.BuyNsave
Key Deleted : HKLM\SOFTWARE\Classes\BuyNsave.BuyNsave.9
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5981d668-4034-4c21-b30f-27eecea2ada5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{c5d0dbbc-d7b3-4bd9-a8cb-4dfb133a9349}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5981d668-4034-4c21-b30f-27eecea2ada5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c5d0dbbc-d7b3-4bd9-a8cb-4dfb133a9349}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5981d668-4034-4c21-b30f-27eecea2ada5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{c5d0dbbc-d7b3-4bd9-a8cb-4dfb133a9349}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\IB Updater
Key Deleted : HKLM\SOFTWARE\iMeshSRTB
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F937787D1134BBA4B846D98011F78299
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v20.0.1 (cs)
[ek6olk7s.default\prefs.js] - Line Deleted : user_pref("extensions.ayvH2kNsN79yNGeT.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[ek6olk7s.default\prefs.js] - Line Deleted : user_pref("extensions.nxYjjWQ6wrWhyJA1.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.admin", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dfltLng", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.ffxUnstlRst", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hmpg", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://www.google.cz/");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.id", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.instlDay", "15872");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.instlRef", "INF00176");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=bee1ec23000000000000f0def161f790&q=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.newTab", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=bee1ec23000000000000f0def161f790&q=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.vrsn", "1.8.19.3");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.8.19.312:27:46");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.vrsni", "1.8.19.3");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1358668662935");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.admin", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.afterInstallRpt", "sent");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.cntry", "CZ");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltLng", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltSrch", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltlng", "en");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltsrch", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.did", "10643");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.envrmnt", "production");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.excTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.hdrMd5", "8A9A159E9AF1175EE2044777A8394027");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.hmpg", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.hrdid", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.id", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.installerproductid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlDay", "15725");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlRef", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlday", "15725");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlref", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.isdcmntcmplt", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.keywordurl", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.newTab", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.newtab", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.newtaburl", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.ppd", "1");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.productid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.prtnrid", "Incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.sg", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.smplGrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.smplgrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.srch", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.srchprvdr", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrId", "base");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQWm9zr5g&loc=IB_TB&i=26&search=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrid", "base");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQWm9zr5g&loc=IB_TB&i=26&search=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.upn2", "6PQWm9zr5g");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.upn2n", "92544303331952618");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsnts", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.did", "10643");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.id", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15725");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.ppd", "1");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQWm9zr5g&loc=IB_TB&i=26&search=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.upn2", "6PQWm9zr5g");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92544303331952618");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLBbabsrc=toolbarbabsrc=tb_ssinvocationType=tb50-ie-aolsoftonic-tbsbox-en-usinvocationType=tb50-ff-aolsoftonic[...]
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://www.hawkpoint.om/8641363419262438");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://www.hawkpoint.om/#old_value8641363419262[...]
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.searchmania.info/?pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchmania.info/?pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70&l=1&q=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmania.info/?pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70&l=1&q=");
-\\ Google Chrome v39.0.2171.95
[C:\Users\Petulka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.searchmania.info/?l=1&q={searchTerms}&pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
-\\ Opera v26.0.1656.60
[C:\Users\Petulka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.searchmania.info/?l=1&q={searchTerms}&pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
*************************
AdwCleaner[R0].txt - [25528 octets] - [30/12/2014 15:22:14]
AdwCleaner[S0].txt - [27312 octets] - [30/12/2014 15:26:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27373 octets] ##########
# AdwCleaner v4.106 - Report created 30/12/2014 at 15:26:38
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lucky - PETULKA-THINK
# Running from : C:\Users\Lucky\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : {9edce1a3-558f-4c3b-be88-be4ba52055de}Gw64
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\ProgramData\4950124095679097672
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\iMesh Applications
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Users\Lucky\AppData\Roaming\EZDownloader
Folder Deleted : C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Petulka\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Petulka\AppData\Local\PackageAware
Folder Deleted : C:\Users\Petulka\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Petulka\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Petulka\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Petulka\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Public\Documents\YTAHelper
[!] Folder Deleted : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\p3ye4fe9.default\Extensions\zulagames@ZulaGames.com.xpi
Folder Deleted : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\p3ye4fe9.default\Extensions\ae44639e-43f2-4cd1-aa80-39d5d2e18fa9@gmail.com
Folder Deleted : C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default\Extensions\6rJ@x6Fq9L.org
Folder Deleted : C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default\Extensions\oeot@EvWyU.net
File Deleted : C:\Users\Petulka\AppData\Roaming\Mozilla\Firefox\Profiles\p3ye4fe9.default\Extensions\zulagames@ZulaGames.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\drivers\{9edce1a3-558f-4c3b-be88-be4ba52055de}Gw64.sys
File Deleted : C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : LaunchSignup
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SpeedUpMyComputer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Classes\BuyNsave.BuyNsave
Key Deleted : HKLM\SOFTWARE\Classes\BuyNsave.BuyNsave.9
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5981d668-4034-4c21-b30f-27eecea2ada5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{c5d0dbbc-d7b3-4bd9-a8cb-4dfb133a9349}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5981d668-4034-4c21-b30f-27eecea2ada5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{c5d0dbbc-d7b3-4bd9-a8cb-4dfb133a9349}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BFF6B2CA-366C-4A90-B685-D87776DEB0D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5981d668-4034-4c21-b30f-27eecea2ada5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{c5d0dbbc-d7b3-4bd9-a8cb-4dfb133a9349}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\IB Updater
Key Deleted : HKLM\SOFTWARE\iMeshSRTB
Key Deleted : HKLM\SOFTWARE\omiga-plusSoftware
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SupTab
Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F937787D1134BBA4B846D98011F78299
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v20.0.1 (cs)
[ek6olk7s.default\prefs.js] - Line Deleted : user_pref("extensions.ayvH2kNsN79yNGeT.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[ek6olk7s.default\prefs.js] - Line Deleted : user_pref("extensions.nxYjjWQ6wrWhyJA1.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.index[...]
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.admin", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dfltLng", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.ffxUnstlRst", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hmpg", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=13&cc=&mi=bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://www.google.cz/");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.id", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.instlDay", "15872");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.instlRef", "INF00176");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=2&cc=&mi=bee1ec23000000000000f0def161f790&q=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.newTab", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00176/tb_v1/?SearchSource=15&cc=&mi=bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=1&cc=&mi=bee1ec23000000000000f0def161f790&q=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.vrsn", "1.8.19.3");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.8.19.312:27:46");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.Softonic.vrsni", "1.8.19.3");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.actvtyRptTime", "1358668662935");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.admin", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.aflt", "orgnl");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.afterInstallRpt", "sent");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.cntry", "CZ");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltLng", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltSrch", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltlng", "en");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.dfltsrch", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.did", "10643");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.envrmnt", "production");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.excTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.hdrMd5", "8A9A159E9AF1175EE2044777A8394027");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.hmpg", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.hrdid", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.id", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.installerproductid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlDay", "15725");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlRef", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlday", "15725");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.instlref", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.isDcmntCmplt", true);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.isdcmntcmplt", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.keywordurl", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.newTab", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.newtab", "false");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.newtaburl", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.noFFXTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.ppd", "1");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.prdct", "incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.productid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.prtnrId", "Incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.prtnrid", "Incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.sg", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.smplGrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.smplgrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.srch", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.srchprvdr", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrId", "base");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQWm9zr5g&loc=IB_TB&i=26&search=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrid", "base");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.tlbrsrchurl", "hxxp://mystart.Incredibar.com/?a=6PQWm9zr5g&loc=IB_TB&i=26&search=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.upn2", "6PQWm9zr5g");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.upn2n", "92544303331952618");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsn", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsni", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar.vrsnts", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.dfltLng", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.did", "10643");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.excTlbr", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.id", "bee1ec23000000000000f0def161f790");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.instlDay", "15725");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.instlRef", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.newTab", false);
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.ppd", "1");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.productid", "26");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQWm9zr5g&loc=IB_TB&i=26&search=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.upn2", "6PQWm9zr5g");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.upn2n", "92544303331952618");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:56:04");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLBbabsrc=toolbarbabsrc=tb_ssinvocationType=tb50-ie-aolsoftonic-tbsbox-en-usinvocationType=tb50-ff-aolsoftonic[...]
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_referrer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://www.hawkpoint.om/8641363419262438");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://www.hawkpoint.om/#old_value8641363419262[...]
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.searchmania.info/?pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchmania.info/?pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70&l=1&q=");
[p3ye4fe9.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchmania.info/?pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70&l=1&q=");
-\\ Google Chrome v39.0.2171.95
[C:\Users\Petulka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.searchmania.info/?l=1&q={searchTerms}&pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
-\\ Opera v26.0.1656.60
[C:\Users\Petulka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.searchmania.info/?l=1&q={searchTerms}&pid=1247&r=2014/12/10&hid=14923386555559372595&lg=EN&cc=CZ&unqvl=70
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://dts.search-results.com/sr?src=opb&gct=ds&appid=1157&systemid=1&IME001=IME001&apn_ptnrs=AG1&o=APN10653&apn_uid=2510479143414550&q={searchTerms}
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://mystart.incredibar.com/mb201/?loc=IB_DS&search={searchTerms}&a=6PQWm9zr5g&i=26
[C:\Users\Petulka\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://search.softonic.com/INF00176/tb_v1?q={searchTerms}
*************************
AdwCleaner[R0].txt - [25528 octets] - [30/12/2014 15:22:14]
AdwCleaner[S0].txt - [27312 octets] - [30/12/2014 15:26:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27373 octets] ##########
Re: Preventivka - pomalý notebook
Dejte novy log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101 - pri druhem a dalsim spusteni musite explicitne zatrhnout moznost AdditionPokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
Pribinacek
- Návštěvník
- Příspěvky: 5
- Registrován: 30 pro 2014 11:22
Re: Preventivka - pomalý notebook
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Lucky (administrator) on PETULKA-THINK on 30-12-2014 15:45:15
Running from C:\Users\Lucky\Desktop
Loaded Profile: Lucky (Available profiles: Petulka & Lucky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dropbox, Inc.) C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-01-27] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo Group Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [] => [X]
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {2cc129c6-9a51-11e0-847e-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {65557a67-1642-11e3-8f3e-f0def161f790} - F:\HTC_Sync_Manager_PC.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk /k:C * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {3E004C5A-2294-4321-B5D9-7B6CE4889D5A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 194.12.32.233
FireFox:
========
FF ProfilePath: C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
Chrome:
=======
CHR HomePage: Default -> hxxp://start.icq.com/
CHR Profile: C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Disk Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-10-10]
CHR Extension: (Dropbox) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-12-28]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2014-09-14]
CHR Extension: (Boomerang for Gmail) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Weather Aware) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2014-01-21]
CHR Extension: (Gmail) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-20] (DT Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2011-03-31] (Intel(R) Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 15:45 - 2014-12-30 15:46 - 00017834 _____ () C:\Users\Lucky\Desktop\FRST.txt
2014-12-30 15:22 - 2014-12-30 15:26 - 00000000 ____D () C:\AdwCleaner
2014-12-30 15:18 - 2014-12-30 15:19 - 02173952 _____ () C:\Users\Lucky\Desktop\adwcleaner_4.106.exe
2014-12-30 11:34 - 2014-12-30 11:34 - 00008987 _____ () C:\Users\Lucky\Desktop\Addition.zip
2014-12-30 11:15 - 2014-12-30 15:45 - 00000000 ____D () C:\FRST
2014-12-30 11:12 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
2014-12-30 11:12 - 2014-12-30 11:12 - 02123264 _____ (Farbar) C:\Users\Lucky\Desktop\FRST64.exe
2014-12-28 23:11 - 2014-12-28 23:11 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-28 23:11 - 2014-12-28 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-28 23:10 - 2014-12-28 23:10 - 00000000 __SHD () C:\Users\Lucky\AppData\Local\EmieBrowserModeList
2014-12-28 23:06 - 2014-12-28 23:06 - 41338448 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeStandaloneSetup(1).exe
2014-12-28 23:05 - 2014-12-28 23:06 - 41338448 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeStandaloneSetup.exe
2014-12-28 22:58 - 2014-12-28 22:58 - 00880784 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeSetup.exe
2014-12-28 22:57 - 2014-12-28 22:57 - 00262232 _____ () C:\Users\Lucky\Downloads\GoogleUpdate.adm
2014-12-28 22:52 - 2014-12-28 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (3).exe
2014-12-28 22:43 - 2014-12-28 22:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (2).exe
2014-12-27 17:32 - 2014-12-27 17:32 - 00441344 _____ () C:\Users\Petulka\Downloads\VodaCoca.pps
2014-12-23 14:39 - 2014-12-23 14:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (1).exe
2014-12-23 12:34 - 2014-12-23 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4.exe
2014-12-22 10:27 - 2014-12-22 10:27 - 00894464 _____ () C:\Users\Petulka\Downloads\SALY_prosinec.xls
2014-12-18 17:03 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 17:03 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 16:38 - 2014-12-15 16:39 - 08965956 _____ () C:\Users\Petulka\Downloads\DecoratingTheTrees (1).themepack
2014-12-15 16:38 - 2014-12-15 16:39 - 08207429 _____ () C:\Users\Petulka\Downloads\SugarAndSpice.themepack
2014-12-15 16:38 - 2014-12-15 16:38 - 09848819 _____ () C:\Users\Petulka\Downloads\DeckingTheHalls (1).themepack
2014-12-15 16:38 - 2014-12-15 16:38 - 09205655 _____ () C:\Users\Petulka\Downloads\HolidayLights (1).themepack
2014-12-14 17:56 - 2014-12-14 17:56 - 06157824 _____ () C:\Users\Petulka\Downloads\Strasburk Mala Francie.pps
2014-12-14 17:56 - 2014-12-14 17:56 - 04945408 _____ () C:\Users\Petulka\Downloads\3-ADVENT.pps
2014-12-10 23:29 - 2014-12-10 23:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Lucky\Downloads\SpyHunter-installer.exe
2014-12-10 23:22 - 2014-12-10 23:22 - 00000000 ____D () C:\ProgramData\3872871776
2014-12-10 22:12 - 2014-12-30 15:27 - 00009902 _____ () C:\Windows\PFRO.log
2014-12-10 22:12 - 2014-12-10 22:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 21:51 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 21:51 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 21:51 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 21:51 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 21:51 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 21:51 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 21:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 21:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 21:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 21:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 20:24 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 20:24 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 20:23 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 20:23 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 20:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 20:23 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 20:23 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 20:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 20:23 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 20:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 20:23 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 20:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 20:23 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 20:23 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 20:23 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 20:23 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 20:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 20:23 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 20:23 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 20:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 20:23 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 20:23 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 20:23 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 20:23 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 20:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 20:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 20:23 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 20:23 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 20:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 20:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 20:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 20:23 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 20:23 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 20:23 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 20:23 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 20:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 20:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 20:23 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 20:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 20:23 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 20:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 20:23 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 20:23 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 20:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 20:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 20:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 20:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 20:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 20:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 20:23 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 20:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 20:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 20:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 20:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 20:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 20:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 20:23 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 20:23 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 20:23 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 20:22 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 20:22 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 20:22 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 20:22 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 20:22 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 20:22 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 20:22 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 20:22 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\Program Files (x86)\BuyNsavee
2014-12-07 21:14 - 2014-12-07 21:14 - 01011200 _____ () C:\Users\Petulka\Downloads\Das Adventsfest Der 100 Lichter.exe
2014-12-06 21:53 - 2014-12-06 21:53 - 07054848 _____ () C:\Users\Petulka\Downloads\Vánoční rostliny .pps
2014-12-03 17:03 - 2014-12-30 15:42 - 00003214 _____ () C:\Windows\setupact.log
2014-12-03 17:03 - 2014-12-03 17:03 - 00000000 _____ () C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 15:45 - 2011-06-19 09:57 - 02030703 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 15:43 - 2014-01-05 11:35 - 00000000 ___RD () C:\Users\Lucky\Dropbox
2014-12-30 15:43 - 2014-01-05 11:31 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\Dropbox
2014-12-30 15:43 - 2013-03-16 08:43 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 15:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-30 15:38 - 2011-06-19 09:46 - 00678004 _____ () C:\Windows\system32\perfh005.dat
2014-12-30 15:38 - 2011-06-19 09:46 - 00146888 _____ () C:\Windows\system32\perfc005.dat
2014-12-30 15:38 - 2009-07-14 06:13 - 01612436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-30 15:38 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 15:38 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 15:20 - 2014-08-26 22:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-30 15:15 - 2014-09-15 16:26 - 00000291 _____ () C:\Windows\wininit.ini
2014-12-30 15:10 - 2013-03-16 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 15:10 - 2012-03-29 06:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 15:10 - 2011-08-15 15:34 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job
2014-12-30 12:09 - 2011-07-14 10:44 - 00000000 ___RD () C:\Users\Petulka\Dropbox
2014-12-30 12:08 - 2011-07-14 10:33 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\Dropbox
2014-12-30 11:12 - 2014-01-04 16:00 - 00000000 ____D () C:\Users\Lucky\AppData\Local\Adobe
2014-12-30 11:10 - 2012-03-29 06:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-30 11:10 - 2012-03-29 06:09 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-30 11:10 - 2011-07-14 10:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-30 10:34 - 2011-08-15 15:34 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job
2014-12-29 11:29 - 2014-01-12 10:07 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-12-29 11:02 - 2011-08-29 19:20 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\vlc
2014-12-28 23:11 - 2011-09-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-24 11:56 - 2011-07-14 11:42 - 00000000 ____D () C:\Users\Petulka\AppData\Local\CrashDumps
2014-12-23 14:51 - 2013-12-28 18:57 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\vlc
2014-12-23 12:41 - 2014-03-09 19:26 - 00000000 ____D () C:\Users\Lucky\AppData\Local\CrashDumps
2014-12-23 12:35 - 2011-07-14 10:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-17 18:31 - 2014-08-17 09:24 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1394895297
2014-12-17 18:31 - 2011-07-14 10:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-17 18:23 - 2011-07-14 10:34 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 21:52 - 2014-01-05 11:33 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 18:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 21:33 - 2014-04-29 14:55 - 00000000 ____D () C:\Users\Petulka\Desktop\RM_2014
2014-12-10 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 22:12 - 2014-05-07 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 22:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 22:10 - 2011-07-16 19:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 22:08 - 2013-08-15 21:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:54 - 2011-08-07 12:57 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-08 21:26 - 2013-12-28 18:49 - 00000000 ____D () C:\Users\Lucky\AppData\Local\Microsoft Help
2014-11-30 20:50 - 2014-03-10 16:21 - 01961472 ___SH () C:\Users\Petulka\Downloads\Thumbs.db
Files to move or delete:
====================
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Petulka\SEUD.exe
Some content of TEMP:
====================
C:\Users\Lucky\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk1vkkl.dll
C:\Users\Lucky\AppData\Local\Temp\Quarantine.exe
C:\Users\Lucky\AppData\Local\Temp\sqlite3.dll
C:\Users\Petulka\AppData\Local\Temp\17131A6.exe
C:\Users\Petulka\AppData\Local\Temp\1C0D144b6.exe
C:\Users\Petulka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr1x68_.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Lucky\Desktop" je 19 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar
"C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry
C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM
"C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\linkbucks2
"C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe
"C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\network_smb_linkbucks3rgxw
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
"C:\Users\Petulka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Petulka\AppData\Roaming\Seznam.cz" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RotateImage
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Lucky (administrator) on PETULKA-THINK on 30-12-2014 15:45:15
Running from C:\Users\Lucky\Desktop
Loaded Profile: Lucky (Available profiles: Petulka & Lucky)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dropbox, Inc.) C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2011-01-14] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [41320 2011-01-27] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281448 2010-12-17] (Lenovo Group Limited)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2012-02-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (Authentec Inc.)
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [] => [X]
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {2cc129c6-9a51-11e0-847e-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {65557a67-1642-11e3-8f3e-f0def161f790} - F:\HTC_Sync_Manager_PC.exe
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk /k:C * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {3E004C5A-2294-4321-B5D9-7B6CE4889D5A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 194.12.32.233
FireFox:
========
FF ProfilePath: C:\Users\Lucky\AppData\Roaming\Mozilla\Firefox\Profiles\ek6olk7s.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
Chrome:
=======
CHR HomePage: Default -> hxxp://start.icq.com/
CHR Profile: C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Disk Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2014-10-10]
CHR Extension: (Dropbox) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-12-28]
CHR Extension: (Todoist: To-Do list and Task Manager) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2014-09-14]
CHR Extension: (Boomerang for Gmail) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Weather Aware) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofiahdodpoomdjoegkmibpmgejobfpcn [2014-01-21]
CHR Extension: (Gmail) - C:\Users\Lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo Group Limited)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-20] (DT Soft Ltd)
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [317440 2011-03-31] (Intel(R) Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [45296 2013-11-15] (Synaptics Incorporated)
S2 smihlp2; \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 15:45 - 2014-12-30 15:46 - 00017834 _____ () C:\Users\Lucky\Desktop\FRST.txt
2014-12-30 15:22 - 2014-12-30 15:26 - 00000000 ____D () C:\AdwCleaner
2014-12-30 15:18 - 2014-12-30 15:19 - 02173952 _____ () C:\Users\Lucky\Desktop\adwcleaner_4.106.exe
2014-12-30 11:34 - 2014-12-30 11:34 - 00008987 _____ () C:\Users\Lucky\Desktop\Addition.zip
2014-12-30 11:15 - 2014-12-30 15:45 - 00000000 ____D () C:\FRST
2014-12-30 11:12 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
2014-12-30 11:12 - 2014-12-30 11:12 - 02123264 _____ (Farbar) C:\Users\Lucky\Desktop\FRST64.exe
2014-12-28 23:11 - 2014-12-28 23:11 - 00002266 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-28 23:11 - 2014-12-28 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-28 23:10 - 2014-12-28 23:10 - 00000000 __SHD () C:\Users\Lucky\AppData\Local\EmieBrowserModeList
2014-12-28 23:06 - 2014-12-28 23:06 - 41338448 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeStandaloneSetup(1).exe
2014-12-28 23:05 - 2014-12-28 23:06 - 41338448 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeStandaloneSetup.exe
2014-12-28 22:58 - 2014-12-28 22:58 - 00880784 _____ (Google Inc.) C:\Users\Lucky\Downloads\ChromeSetup.exe
2014-12-28 22:57 - 2014-12-28 22:57 - 00262232 _____ () C:\Users\Lucky\Downloads\GoogleUpdate.adm
2014-12-28 22:52 - 2014-12-28 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (3).exe
2014-12-28 22:43 - 2014-12-28 22:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (2).exe
2014-12-27 17:32 - 2014-12-27 17:32 - 00441344 _____ () C:\Users\Petulka\Downloads\VodaCoca.pps
2014-12-23 14:39 - 2014-12-23 14:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (1).exe
2014-12-23 12:34 - 2014-12-23 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4.exe
2014-12-22 10:27 - 2014-12-22 10:27 - 00894464 _____ () C:\Users\Petulka\Downloads\SALY_prosinec.xls
2014-12-18 17:03 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 17:03 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 16:38 - 2014-12-15 16:39 - 08965956 _____ () C:\Users\Petulka\Downloads\DecoratingTheTrees (1).themepack
2014-12-15 16:38 - 2014-12-15 16:39 - 08207429 _____ () C:\Users\Petulka\Downloads\SugarAndSpice.themepack
2014-12-15 16:38 - 2014-12-15 16:38 - 09848819 _____ () C:\Users\Petulka\Downloads\DeckingTheHalls (1).themepack
2014-12-15 16:38 - 2014-12-15 16:38 - 09205655 _____ () C:\Users\Petulka\Downloads\HolidayLights (1).themepack
2014-12-14 17:56 - 2014-12-14 17:56 - 06157824 _____ () C:\Users\Petulka\Downloads\Strasburk Mala Francie.pps
2014-12-14 17:56 - 2014-12-14 17:56 - 04945408 _____ () C:\Users\Petulka\Downloads\3-ADVENT.pps
2014-12-10 23:29 - 2014-12-10 23:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Lucky\Downloads\SpyHunter-installer.exe
2014-12-10 23:22 - 2014-12-10 23:22 - 00000000 ____D () C:\ProgramData\3872871776
2014-12-10 22:12 - 2014-12-30 15:27 - 00009902 _____ () C:\Windows\PFRO.log
2014-12-10 22:12 - 2014-12-10 22:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 21:51 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 21:51 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 21:51 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 21:51 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 21:51 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 21:51 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 21:51 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 21:51 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 21:51 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 21:51 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 20:24 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 20:24 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 20:24 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 20:23 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 20:23 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 20:23 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 20:23 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 20:23 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 20:23 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 20:23 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 20:23 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 20:23 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 20:23 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 20:23 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 20:23 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 20:23 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 20:23 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 20:23 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 20:23 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 20:23 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 20:23 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 20:23 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 20:23 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 20:23 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 20:23 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 20:23 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 20:23 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 20:23 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 20:23 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 20:23 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 20:23 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 20:23 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 20:23 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 20:23 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 20:23 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 20:23 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 20:23 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 20:23 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 20:23 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 20:23 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 20:23 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 20:23 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 20:23 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 20:23 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 20:23 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 20:23 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 20:23 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 20:23 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 20:23 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 20:23 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 20:23 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 20:23 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 20:23 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 20:23 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 20:23 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 20:23 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 20:23 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 20:23 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 20:23 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 20:23 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 20:22 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 20:22 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 20:22 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 20:22 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 20:22 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 20:22 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 20:22 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 20:22 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 20:22 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 20:22 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\Program Files (x86)\BuyNsavee
2014-12-07 21:14 - 2014-12-07 21:14 - 01011200 _____ () C:\Users\Petulka\Downloads\Das Adventsfest Der 100 Lichter.exe
2014-12-06 21:53 - 2014-12-06 21:53 - 07054848 _____ () C:\Users\Petulka\Downloads\Vánoční rostliny .pps
2014-12-03 17:03 - 2014-12-30 15:42 - 00003214 _____ () C:\Windows\setupact.log
2014-12-03 17:03 - 2014-12-03 17:03 - 00000000 _____ () C:\Windows\setuperr.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-30 15:45 - 2011-06-19 09:57 - 02030703 _____ () C:\Windows\WindowsUpdate.log
2014-12-30 15:43 - 2014-01-05 11:35 - 00000000 ___RD () C:\Users\Lucky\Dropbox
2014-12-30 15:43 - 2014-01-05 11:31 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\Dropbox
2014-12-30 15:43 - 2013-03-16 08:43 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 15:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-30 15:38 - 2011-06-19 09:46 - 00678004 _____ () C:\Windows\system32\perfh005.dat
2014-12-30 15:38 - 2011-06-19 09:46 - 00146888 _____ () C:\Windows\system32\perfc005.dat
2014-12-30 15:38 - 2009-07-14 06:13 - 01612436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-30 15:38 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-30 15:38 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-30 15:20 - 2014-08-26 22:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-30 15:15 - 2014-09-15 16:26 - 00000291 _____ () C:\Windows\wininit.ini
2014-12-30 15:10 - 2013-03-16 08:43 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 15:10 - 2012-03-29 06:09 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-30 15:10 - 2011-08-15 15:34 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job
2014-12-30 12:09 - 2011-07-14 10:44 - 00000000 ___RD () C:\Users\Petulka\Dropbox
2014-12-30 12:08 - 2011-07-14 10:33 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\Dropbox
2014-12-30 11:12 - 2014-01-04 16:00 - 00000000 ____D () C:\Users\Lucky\AppData\Local\Adobe
2014-12-30 11:10 - 2012-03-29 06:09 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-30 11:10 - 2012-03-29 06:09 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-30 11:10 - 2011-07-14 10:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-30 10:34 - 2011-08-15 15:34 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job
2014-12-29 11:29 - 2014-01-12 10:07 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-12-29 11:02 - 2011-08-29 19:20 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\vlc
2014-12-28 23:11 - 2011-09-18 21:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-24 11:56 - 2011-07-14 11:42 - 00000000 ____D () C:\Users\Petulka\AppData\Local\CrashDumps
2014-12-23 14:51 - 2013-12-28 18:57 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\vlc
2014-12-23 12:41 - 2014-03-09 19:26 - 00000000 ____D () C:\Users\Lucky\AppData\Local\CrashDumps
2014-12-23 12:35 - 2011-07-14 10:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-12-17 18:31 - 2014-08-17 09:24 - 00003840 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1394895297
2014-12-17 18:31 - 2011-07-14 10:31 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-17 18:23 - 2011-07-14 10:34 - 00000000 ____D () C:\Users\Petulka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 21:52 - 2014-01-05 11:33 - 00000000 ____D () C:\Users\Lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-16 18:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 21:33 - 2014-04-29 14:55 - 00000000 ____D () C:\Users\Petulka\Desktop\RM_2014
2014-12-10 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 22:12 - 2014-05-07 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 22:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 22:10 - 2011-07-16 19:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 22:08 - 2013-08-15 21:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 21:54 - 2011-08-07 12:57 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-08 21:26 - 2013-12-28 18:49 - 00000000 ____D () C:\Users\Lucky\AppData\Local\Microsoft Help
2014-11-30 20:50 - 2014-03-10 16:21 - 01961472 ___SH () C:\Users\Petulka\Downloads\Thumbs.db
Files to move or delete:
====================
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Petulka\SEUD.exe
Some content of TEMP:
====================
C:\Users\Lucky\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpk1vkkl.dll
C:\Users\Lucky\AppData\Local\Temp\Quarantine.exe
C:\Users\Lucky\AppData\Local\Temp\sqlite3.dll
C:\Users\Petulka\AppData\Local\Temp\17131A6.exe
C:\Users\Petulka\AppData\Local\Temp\1C0D144b6.exe
C:\Users\Petulka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr1x68_.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Lucky\Desktop" je 19 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar
"C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry
C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM
"C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\linkbucks2
"C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyDriveConnect.exe
"C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyTomTomSA.exe
C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\network_smb_linkbucks3rgxw
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe
"C:\Users\Petulka\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\Petulka\AppData\Roaming\Seznam.cz" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RotateImage
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk
C:\PROGRA~2\MCAFEE~1\30E3C3~1.285\SSSCHE~1.EXE [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (8.41 KiB) Staženo 37 x
Re: Preventivka - pomalý notebook
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [] => [X] HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {2cc129c6-9a51-11e0-847e-806e6f6e6963} - Q:\LenovoQDrive.exe HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {65557a67-1642-11e3-8f3e-f0def161f790} - F:\HTC_Sync_Manager_PC.exe BootExecute: autocheck autochk /k:C * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION SearchScopes: HKLM -> {5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox SearchScopes: HKLM-x32 -> {3E004C5A-2294-4321-B5D9-7B6CE4889D5A} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml 2014-12-30 15:45 - 2014-12-30 15:46 - 00017834 _____ () C:\Users\Lucky\Desktop\FRST.txt 2014-12-30 15:22 - 2014-12-30 15:26 - 00000000 ____D () C:\AdwCleaner 2014-12-30 15:18 - 2014-12-30 15:19 - 02173952 _____ () C:\Users\Lucky\Desktop\adwcleaner_4.106.exe 2014-12-30 11:34 - 2014-12-30 11:34 - 00008987 _____ () C:\Users\Lucky\Desktop\Addition.zip 2014-12-30 11:12 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe 2014-12-28 22:52 - 2014-12-28 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (3).exe 2014-12-28 22:43 - 2014-12-28 22:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (2).exe 2014-12-23 14:39 - 2014-12-23 14:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (1).exe 2014-12-23 12:34 - 2014-12-23 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4.exe 2014-12-10 23:29 - 2014-12-10 23:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Lucky\Downloads\SpyHunter-installer.exe 2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\Program Files (x86)\BuyNsavee 2014-12-30 15:20 - 2014-08-26 22:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-12-23 12:35 - 2011-07-14 10:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe C:\Users\Petulka\SEUD.exe REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f C:\Program Files (x86)\Ask.com REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar" /f C:\Program Files (x86)\BabylonToolbar REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry" /f C:\Program Files (x86)\SmartTweak REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f Task: {0591EBC9-3181-45D8-B3C0-0B0A703DD58A} - System32\Tasks\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32} => pcalua.exe -a C:\Users\Petulka\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=smt Task: {7AC23F15-A672-4504-9CDC-0FAC10856773} - System32\Tasks\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E} => pcalua.exe -a C:\Users\Petulka\Desktop\FRD_0.85u1-final\frd.exe -d C:\Users\Petulka\Desktop\FRD_0.85u1-final Task: {CEE23E76-8135-44DF-99EA-C1A6A218D998} - System32\Tasks\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006} => pcalua.exe -a D:\Setup.exe -d D:\ Task: {D2215550-7BDE-4540-B76E-B50FA8D96AE0} - System32\Tasks\NCH Software\WavePadReminder => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe Task: {E66F4D57-69F7-45D6-B2C4-09C381FA6284} - System32\Tasks\{BDF41D5C-21CE-4920-AF6D-A505B2C33379} => pcalua.exe -a C:\Users\Petulka\Downloads\opera-lista-centrumcz.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
Pribinacek
- Návštěvník
- Příspěvky: 5
- Registrován: 30 pro 2014 11:22
Re: Preventivka - pomalý notebook
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Lucky at 2014-12-30 21:09:55 Run:1
Running from C:\Users\Lucky\Desktop
Loaded Profile: Lucky (Available profiles: Petulka & Lucky)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [] => [X]
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {2cc129c6-9a51-11e0-847e-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {65557a67-1642-11e3-8f3e-f0def161f790} - F:\HTC_Sync_Manager_PC.exe
BootExecute: autocheck autochk /k:C * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {3E004C5A-2294-4321-B5D9-7B6CE4889D5A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
2014-12-30 15:45 - 2014-12-30 15:46 - 00017834 _____ () C:\Users\Lucky\Desktop\FRST.txt
2014-12-30 15:22 - 2014-12-30 15:26 - 00000000 ____D () C:\AdwCleaner
2014-12-30 15:18 - 2014-12-30 15:19 - 02173952 _____ () C:\Users\Lucky\Desktop\adwcleaner_4.106.exe
2014-12-30 11:34 - 2014-12-30 11:34 - 00008987 _____ () C:\Users\Lucky\Desktop\Addition.zip
2014-12-30 11:12 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
2014-12-28 22:52 - 2014-12-28 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (3).exe
2014-12-28 22:43 - 2014-12-28 22:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (2).exe
2014-12-23 14:39 - 2014-12-23 14:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (1).exe
2014-12-23 12:34 - 2014-12-23 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4.exe
2014-12-10 23:29 - 2014-12-10 23:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Lucky\Downloads\SpyHunter-installer.exe
2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\Program Files (x86)\BuyNsavee
2014-12-30 15:20 - 2014-08-26 22:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-23 12:35 - 2011-07-14 10:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Petulka\SEUD.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f
C:\Program Files (x86)\Ask.com
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar" /f
C:\Program Files (x86)\BabylonToolbar
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry" /f
C:\Program Files (x86)\SmartTweak
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
Task: {0591EBC9-3181-45D8-B3C0-0B0A703DD58A} - System32\Tasks\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32} => pcalua.exe -a C:\Users\Petulka\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=smt
Task: {7AC23F15-A672-4504-9CDC-0FAC10856773} - System32\Tasks\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E} => pcalua.exe -a C:\Users\Petulka\Desktop\FRD_0.85u1-final\frd.exe -d C:\Users\Petulka\Desktop\FRD_0.85u1-final
Task: {CEE23E76-8135-44DF-99EA-C1A6A218D998} - System32\Tasks\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D2215550-7BDE-4540-B76E-B50FA8D96AE0} - System32\Tasks\NCH Software\WavePadReminder => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe
Task: {E66F4D57-69F7-45D6-B2C4-09C381FA6284} - System32\Tasks\{BDF41D5C-21CE-4920-AF6D-A505B2C33379} => pcalua.exe -a C:\Users\Petulka\Downloads\opera-lista-centrumcz.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-1920216681-166065492-3221773523-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc129c6-9a51-11e0-847e-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{2cc129c6-9a51-11e0-847e-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-1920216681-166065492-3221773523-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65557a67-1642-11e3-8f3e-f0def161f790}" => Key deleted successfully.
HKCR\CLSID\{65557a67-1642-11e3-8f3e-f0def161f790} => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8}" => Key deleted successfully.
HKCR\CLSID\{5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3E004C5A-2294-4321-B5D9-7B6CE4889D5A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3E004C5A-2294-4321-B5D9-7B6CE4889D5A} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml => Moved successfully.
"C:\Users\Lucky\Desktop\FRST.txt" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
C:\Users\Lucky\Desktop\adwcleaner_4.106.exe => Moved successfully.
C:\Users\Lucky\Desktop\Addition.zip => Moved successfully.
C:\Users\Lucky\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4 (3).exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4 (2).exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4 (1).exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4.exe => Moved successfully.
C:\Users\Lucky\Downloads\SpyHunter-installer.exe => Moved successfully.
C:\Program Files (x86)\BuyNsavee => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe => Moved successfully.
C:\Users\Petulka\SEUD.exe => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files (x86)\Ask.com" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files (x86)\BabylonToolbar" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files (x86)\SmartTweak" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0591EBC9-3181-45D8-B3C0-0B0A703DD58A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0591EBC9-3181-45D8-B3C0-0B0A703DD58A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AC23F15-A672-4504-9CDC-0FAC10856773}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC23F15-A672-4504-9CDC-0FAC10856773}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE23E76-8135-44DF-99EA-C1A6A218D998}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE23E76-8135-44DF-99EA-C1A6A218D998}" => Key deleted successfully.
C:\Windows\System32\Tasks\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2215550-7BDE-4540-B76E-B50FA8D96AE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2215550-7BDE-4540-B76E-B50FA8D96AE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\NCH Software\WavePadReminder => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NCH Software\WavePadReminder" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E66F4D57-69F7-45D6-B2C4-09C381FA6284}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66F4D57-69F7-45D6-B2C4-09C381FA6284}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BDF41D5C-21CE-4920-AF6D-A505B2C33379} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BDF41D5C-21CE-4920-AF6D-A505B2C33379}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => Moved successfully.
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => Moved successfully.
C:\Windows\Tasks\SystemToolsDailyTest.job => Moved successfully.
EmptyTemp: => Removed 736.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:10:59 ====
Ran by Lucky at 2014-12-30 21:09:55 Run:1
Running from C:\Users\Lucky\Desktop
Loaded Profile: Lucky (Available profiles: Petulka & Lucky)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\Run: [] => [X]
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {2cc129c6-9a51-11e0-847e-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\...\MountPoints2: {65557a67-1642-11e3-8f3e-f0def161f790} - F:\HTC_Sync_Manager_PC.exe
BootExecute: autocheck autochk /k:C * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {3E004C5A-2294-4321-B5D9-7B6CE4889D5A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
2014-12-30 15:45 - 2014-12-30 15:46 - 00017834 _____ () C:\Users\Lucky\Desktop\FRST.txt
2014-12-30 15:22 - 2014-12-30 15:26 - 00000000 ____D () C:\AdwCleaner
2014-12-30 15:18 - 2014-12-30 15:19 - 02173952 _____ () C:\Users\Lucky\Desktop\adwcleaner_4.106.exe
2014-12-30 11:34 - 2014-12-30 11:34 - 00008987 _____ () C:\Users\Lucky\Desktop\Addition.zip
2014-12-30 11:12 - 2014-12-30 11:13 - 00112640 _____ (forum.viry.cz) C:\Users\Lucky\Desktop\FRSTLauncher.exe
2014-12-28 22:52 - 2014-12-28 22:54 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (3).exe
2014-12-28 22:43 - 2014-12-28 22:44 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (2).exe
2014-12-23 14:39 - 2014-12-23 14:40 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4 (1).exe
2014-12-23 12:34 - 2014-12-23 12:34 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Lucky\Downloads\spybot-2.4.exe
2014-12-10 23:29 - 2014-12-10 23:29 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Lucky\Downloads\SpyHunter-installer.exe
2014-12-07 21:16 - 2014-12-07 21:16 - 00000000 ____D () C:\Program Files (x86)\BuyNsavee
2014-12-30 15:20 - 2014-08-26 22:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-12-23 12:35 - 2011-07-14 10:36 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe
C:\Users\Petulka\SEUD.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f
C:\Program Files (x86)\Ask.com
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar" /f
C:\Program Files (x86)\BabylonToolbar
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry" /f
C:\Program Files (x86)\SmartTweak
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f
Task: {0591EBC9-3181-45D8-B3C0-0B0A703DD58A} - System32\Tasks\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32} => pcalua.exe -a C:\Users\Petulka\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=smt
Task: {7AC23F15-A672-4504-9CDC-0FAC10856773} - System32\Tasks\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E} => pcalua.exe -a C:\Users\Petulka\Desktop\FRD_0.85u1-final\frd.exe -d C:\Users\Petulka\Desktop\FRD_0.85u1-final
Task: {CEE23E76-8135-44DF-99EA-C1A6A218D998} - System32\Tasks\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D2215550-7BDE-4540-B76E-B50FA8D96AE0} - System32\Tasks\NCH Software\WavePadReminder => C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe
Task: {E66F4D57-69F7-45D6-B2C4-09C381FA6284} - System32\Tasks\{BDF41D5C-21CE-4920-AF6D-A505B2C33379} => pcalua.exe -a C:\Users\Petulka\Downloads\opera-lista-centrumcz.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => C:\Users\Petulka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1920216681-166065492-3221773523-1007\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-1920216681-166065492-3221773523-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc129c6-9a51-11e0-847e-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{2cc129c6-9a51-11e0-847e-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-1920216681-166065492-3221773523-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65557a67-1642-11e3-8f3e-f0def161f790}" => Key deleted successfully.
HKCR\CLSID\{65557a67-1642-11e3-8f3e-f0def161f790} => Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8}" => Key deleted successfully.
HKCR\CLSID\{5B69C1D6-6A37-4B74-B3FD-3F23E8A1D5E8} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3E004C5A-2294-4321-B5D9-7B6CE4889D5A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3E004C5A-2294-4321-B5D9-7B6CE4889D5A} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml => Moved successfully.
"C:\Users\Lucky\Desktop\FRST.txt" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
C:\Users\Lucky\Desktop\adwcleaner_4.106.exe => Moved successfully.
C:\Users\Lucky\Desktop\Addition.zip => Moved successfully.
C:\Users\Lucky\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4 (3).exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4 (2).exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4 (1).exe => Moved successfully.
C:\Users\Lucky\Downloads\spybot-2.4.exe => Moved successfully.
C:\Users\Lucky\Downloads\SpyHunter-installer.exe => Moved successfully.
C:\Program Files (x86)\BuyNsavee => Moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy 2 => Moved successfully.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Users\Petulka\MyPhoneExplorer_Setup_1.8.4.exe => Moved successfully.
C:\Users\Petulka\SEUD.exe => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files (x86)\Ask.com" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files (x86)\BabylonToolbar" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixMyRegistry" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"C:\Program Files (x86)\SmartTweak" => File/Directory not found.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:b8a1a22a21f45685147979f55ff68bb1" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedUpMyComputer" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0591EBC9-3181-45D8-B3C0-0B0A703DD58A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0591EBC9-3181-45D8-B3C0-0B0A703DD58A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61D465C5-DE4A-46CF-A9CE-6ED67215BD32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AC23F15-A672-4504-9CDC-0FAC10856773}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AC23F15-A672-4504-9CDC-0FAC10856773}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A1F82D28-E212-4724-9B8C-23EEE6E41A1E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE23E76-8135-44DF-99EA-C1A6A218D998}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE23E76-8135-44DF-99EA-C1A6A218D998}" => Key deleted successfully.
C:\Windows\System32\Tasks\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{098D8DB8-E840-4A27-A0A7-92D9BB2E1006}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2215550-7BDE-4540-B76E-B50FA8D96AE0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2215550-7BDE-4540-B76E-B50FA8D96AE0}" => Key deleted successfully.
C:\Windows\System32\Tasks\NCH Software\WavePadReminder => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NCH Software\WavePadReminder" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E66F4D57-69F7-45D6-B2C4-09C381FA6284}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66F4D57-69F7-45D6-B2C4-09C381FA6284}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BDF41D5C-21CE-4920-AF6D-A505B2C33379} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BDF41D5C-21CE-4920-AF6D-A505B2C33379}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1920216681-166065492-3221773523-1000UA.job => Moved successfully.
C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => Moved successfully.
C:\Windows\Tasks\SystemToolsDailyTest.job => Moved successfully.
EmptyTemp: => Removed 736.2 MB temporary data.
The system needed a reboot.
==== End of Fixlog 21:10:59 ====
Re: Preventivka - pomalý notebook
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
Pribinacek
- Návštěvník
- Příspěvky: 5
- Registrován: 30 pro 2014 11:22
Re: Preventivka - pomalý notebook
Děkuji a přeji příjemný den.
Re: Preventivka - pomalý notebook
Nemate zac, rad jsem pomohl 
Stastny Novy rok a pak i tech zbylych 364 dni
Stastny Novy rok a pak i tech zbylych 364 dni
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?