Google chrome

[Rudy]

Koukneme, jestli tam není nějaký šmejd. Zkuste tento postup: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

[PavelP]

Omlouvám se ale odjel jsem na týden pryč, až přijedu tak se ozvu jestli mužu a dořešíme ten PC.

[Rudy]

OK.

[PavelP]

Dobrý večer tak jsem snad udělal vše jak má být tu je log.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014
Ran by Pavel (administrator) on PAVLOVO-PC on 27-01-2014 18:11:43
Running from C:\Users\Pavel\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(American Power Conversion Corporation) C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(Secunia) C:\Program Files\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DT Soft Ltd) E:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NEC Electronics Corporation) C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
() C:\Windows\vsnpstd3.exe
() C:\Windows\tsnpstd3.exe
() C:\Program Files\Mouse Driver\4DMAIN.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mgr. Tomáš Papoušek) C:\Program Files\ConMet\ConMet.exe
(Skillbrains) C:\Users\Pavel\AppData\Local\Skillbrains\lightshot\4.4.2.10\Lightshot.exe
() C:\Program Files\Canon\ImageBrowser EX\MFManager.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(American Power Conversion Corporation) C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_12_0_0_38_ActiveX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9210400 2010-04-30] (Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] - C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113296 2010-03-30] (NEC Electronics Corporation)
HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [6756048 2012-11-08] (COMODO)
HKLM\...\Run: [snpstd3] - C:\Windows\vsnpstd3.exe [835584 2007-05-10] ()
HKLM\...\Run: [tsnpstd3] - C:\Windows\tsnpstd3.exe [339968 2009-06-30] ()
HKLM\...\Run: [WheelMouse] - C:\Program Files\Mouse Driver\4DMAIN.EXE [61440 2000-05-08] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-18] (Adobe Systems Incorporated)
HKLM\...\Run: [MouseDriver] - C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap.dll [982232 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3764024 2014-01-06] (AVAST Software)
HKLM\...\Run: [NvBackend] - C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
HKCU\...\Run: [ConMet] - C:\Program Files\ConMet\ConMet.exe [4846080 2013-03-06] (Mgr. Tomáš Papoušek)
HKCU\...\Run: [LightShot] - C:\Users\Pavel\AppData\Local\Skillbrains\lightshot\LightShot.exe [226592 2013-09-27] ()
HKCU\...\Run: [GameXN GO] - C:\ProgramData\GameXN\GameXNGO.exe [347008 2012-07-07] (EasyBits Software AS)
AppInit_DLLs: C:\Windows\System32\guard32.dll => C:\Windows\System32\guard32.dll [301264 2012-11-08] (COMODO)
AppInit_DLLs: C:\Windows\System32\guard32.dll => C:\Windows\System32\guard32.dll [301264 2012-11-08] (COMODO)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKCU - videa.seznam.cz-194112 URL = http://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKCU - {14571F31-93F3-4571-AFD0-145D126153A7} URL = http://websearch.ask.com/redirect?clien ... A0E2F3E4AE
SearchScopes: HKCU - {17509d18-cab7-43e0-b12a-98d5fcff7e33} URL = http://www.mapy.cz/?query={searchTerms} ... kSearch_12
SearchScopes: HKCU - {60ce1bd1-eb69-4907-b828-7ae45ad264ab} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={se ... chr-comodo
SearchScopes: HKCU - {ff2797ba-cdf6-4abb-a61e-7aaaba968541} URL = http://www.firmy.cz/phr/{searchTerms}?s ... kSearch_12
BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll ()
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%203/Images/stg_drm.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%203/Images/armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-07-19] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 89.190.64.20 89.190.65.200

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2011-08-12] (SUPERAntiSpyware.com)
R2 APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [176241 2004-07-21] (American Power Conversion Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [1990464 2012-11-08] (COMODO)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14658848 2013-12-10] (NVIDIA Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S2 ssinstall; C:\Windows\System32\ssins.exe [2324216 2013-10-01] (PS Media s.r.o.)
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [x]
S3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-10-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-10-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [494416 2012-11-08] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [36072 2012-11-08] (COMODO)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [20992 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [13824 2011-04-12] (TPMX Electronics Ltd.)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [82952 2012-11-08] (COMODO)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-12-05] (NVIDIA Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-02-07] (Secunia)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-03-23] (Duplex Secure Ltd.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [5120 2012-12-19] ()
U3 afgexo4p; C:\Windows\System32\Drivers\afgexo4p.sys [0 ] (Advanced Micro Devices)
S3 EverestDriver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 18:11 - 2014-01-27 18:11 - 00014349 _____ C:\Users\Pavel\Desktop\FRST.txt
2014-01-27 18:11 - 2014-01-27 18:11 - 00000000 ____D C:\FRST
2014-01-27 18:08 - 2014-01-27 18:08 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2014-01-27 18:06 - 2014-01-27 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\trz656D.tmp
2014-01-27 18:02 - 2014-01-27 18:02 - 01223168 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2014-01-17 07:24 - 2014-01-27 15:54 - 00461836 _____ C:\Windows\WindowsUpdate.log
2014-01-17 07:21 - 2014-01-17 07:21 - 00005058 _____ C:\Windows\PFRO.log
2014-01-16 18:42 - 2014-01-16 18:42 - 00000000 ____D C:\Users\Google\AppData\Local\Google
2014-01-16 18:40 - 2014-01-16 18:40 - 04574168 _____ (TeamViewer) C:\Users\Google\Desktop\TeamViewerQS_cs.exe
2014-01-16 18:40 - 2014-01-16 18:40 - 00000000 ____D C:\Users\Google\AppData\Roaming\TeamViewer
2014-01-16 18:36 - 2014-01-16 18:36 - 00000000 ____D C:\Users\Google\AppData\Local\NVIDIA Corporation
2014-01-16 18:35 - 2014-01-16 18:35 - 00109280 _____ C:\Users\Google\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-16 18:35 - 2014-01-16 18:35 - 00000000 ____D C:\Users\Google\AppData\Roaming\AVAST Software
2014-01-16 18:35 - 2014-01-16 18:35 - 00000000 ____D C:\Users\Google\AppData\Local\NVIDIA
2014-01-16 18:34 - 2014-01-16 18:34 - 00001357 _____ C:\Users\Google\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-16 18:34 - 2014-01-16 18:34 - 00000020 ___SH C:\Users\Google\ntuser.ini
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Šablony
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Soubory cookie
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Poslední
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Okolní tiskárny
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Okolní síť
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Nabídka Start
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Dokumenty
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Documents\Obrázky
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Documents\Hudba
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Documents\Filmy
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Data aplikací
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\AppData\Local\Data aplikací
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google\AppData\Roaming\DAEMON Tools Pro
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google\AppData\Roaming\Adobe
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google\AppData\Local\VirtualStore
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google
2014-01-16 18:34 - 2013-10-04 15:57 - 00000000 ____D C:\Users\Google\AppData\Local\Microsoft Help
2014-01-16 18:34 - 2009-07-14 05:42 - 00000000 ___RD C:\Users\Google\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-16 18:34 - 2009-07-14 05:37 - 00000000 ___RD C:\Users\Google\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-15 21:58 - 2014-01-27 17:07 - 00006048 _____ C:\Windows\setupact.log
2014-01-15 21:58 - 2014-01-15 21:58 - 00000000 _____ C:\Windows\setuperr.log
2014-01-15 19:32 - 2014-01-15 19:32 - 00000956 _____ C:\Users\Public\Desktop\Total Uninstall 6.lnk
2014-01-15 19:32 - 2014-01-15 19:32 - 00000000 ____D C:\ProgramData\Martau
2014-01-15 19:32 - 2014-01-15 19:32 - 00000000 ____D C:\Program Files\Total Uninstall 6
2014-01-15 19:31 - 2014-01-15 19:32 - 17226248 _____ (Gavrila Martau ) C:\Users\Pavel\Downloads\Total-Uninstall-Setup-6.3.4.exe
2014-01-15 19:19 - 2014-01-15 20:14 - 00000000 ____D C:\Program Files\Opera
2014-01-15 19:19 - 2014-01-15 19:19 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Opera Software
2014-01-15 19:19 - 2014-01-15 19:19 - 00000000 ____D C:\Users\Pavel\AppData\Local\Opera Software
2014-01-15 19:06 - 2014-01-15 19:06 - 00443288 _____ C:\Users\Pavel\Downloads\VideoDownloadConvert.exe
2014-01-15 17:53 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-15 17:53 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-15 17:53 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-15 17:53 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-15 17:52 - 2014-01-15 17:53 - 00005134 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 17:12 - 2014-01-15 17:12 - 00000000 ____D C:\Program Files\Google
2014-01-15 12:42 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 12:42 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 12:42 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 12:42 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 12:42 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 12:42 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 12:42 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 12:42 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-13 18:24 - 2014-01-13 18:24 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2014-01-13 18:24 - 2014-01-13 18:24 - 00000000 ____D C:\Program Files\Nokia
2014-01-08 08:27 - 2013-12-19 21:26 - 22960416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 10471712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-08 08:27 - 2013-12-19 21:26 - 09700224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 09657464 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 02947872 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 02747680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 01049888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233221.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233221.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 00852768 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 00847648 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 00266984 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim32.dll
2014-01-08 08:27 - 2013-12-19 21:26 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2014-01-08 08:27 - 2013-11-28 14:38 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2014-01-08 08:27 - 2013-11-28 14:38 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2014-01-08 08:27 - 2013-11-22 09:36 - 00895264 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco3220103.dll
2014-01-08 08:25 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-01-08 08:25 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-01-08 08:25 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-01-08 08:24 - 2013-12-05 09:42 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2014-01-06 08:09 - 2014-01-06 08:10 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-05 22:31 - 2014-01-05 22:32 - 00000000 ____D C:\Users\Pavel\Desktop\NOKIA 625 PŘÍRUČKA

==================== One Month Modified Files and Folders =======

2014-01-27 18:11 - 2014-01-27 18:11 - 00014349 _____ C:\Users\Pavel\Desktop\FRST.txt
2014-01-27 18:11 - 2014-01-27 18:11 - 00000000 ____D C:\FRST
2014-01-27 18:11 - 2010-09-30 21:56 - 00000000 ____D C:\ProgramData\ConMet
2014-01-27 18:10 - 2010-09-30 20:10 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Skype
2014-01-27 18:08 - 2014-01-27 18:08 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\FRSTLauncher.exe
2014-01-27 18:04 - 2014-01-27 18:06 - 00112640 _____ (forum.viry.cz) C:\Users\Pavel\Desktop\trz656D.tmp
2014-01-27 18:02 - 2014-01-27 18:02 - 01223168 _____ (Farbar) C:\Users\Pavel\Desktop\FRST.exe
2014-01-27 18:00 - 2013-05-07 06:01 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-27 17:42 - 2013-01-02 05:08 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-27 17:36 - 2013-05-26 18:39 - 00000376 _____ C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job
2014-01-27 17:25 - 2013-05-26 18:39 - 00000376 _____ C:\Windows\Tasks\update-sys.job
2014-01-27 17:17 - 2009-07-14 05:34 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 17:17 - 2009-07-14 05:34 - 00014448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 17:08 - 2013-05-07 06:01 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 17:08 - 2010-09-30 21:56 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\ConMet
2014-01-27 17:07 - 2014-01-15 21:58 - 00006048 _____ C:\Windows\setupact.log
2014-01-27 17:07 - 2013-04-06 15:24 - 00000000 _____ C:\Windows\system32\sinstall.log
2014-01-27 17:07 - 2010-10-01 07:22 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-27 17:07 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 15:54 - 2014-01-17 07:24 - 00461836 _____ C:\Windows\WindowsUpdate.log
2014-01-27 12:48 - 2011-06-19 19:52 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\go
2014-01-27 07:06 - 2012-07-07 18:14 - 00000000 ____D C:\ProgramData\GameXN
2014-01-26 23:10 - 2010-10-01 08:21 - 00000000 ____D C:\Users\Public\Documents\Pavel
2014-01-17 07:21 - 2014-01-17 07:21 - 00005058 _____ C:\Windows\PFRO.log
2014-01-17 07:21 - 2009-07-14 05:53 - 00007466 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 18:42 - 2014-01-16 18:42 - 00000000 ____D C:\Users\Google\AppData\Local\Google
2014-01-16 18:40 - 2014-01-16 18:40 - 04574168 _____ (TeamViewer) C:\Users\Google\Desktop\TeamViewerQS_cs.exe
2014-01-16 18:40 - 2014-01-16 18:40 - 00000000 ____D C:\Users\Google\AppData\Roaming\TeamViewer
2014-01-16 18:36 - 2014-01-16 18:36 - 00000000 ____D C:\Users\Google\AppData\Local\NVIDIA Corporation
2014-01-16 18:35 - 2014-01-16 18:35 - 00109280 _____ C:\Users\Google\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-16 18:35 - 2014-01-16 18:35 - 00000000 ____D C:\Users\Google\AppData\Roaming\AVAST Software
2014-01-16 18:35 - 2014-01-16 18:35 - 00000000 ____D C:\Users\Google\AppData\Local\NVIDIA
2014-01-16 18:34 - 2014-01-16 18:34 - 00001357 _____ C:\Users\Google\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-16 18:34 - 2014-01-16 18:34 - 00000020 ___SH C:\Users\Google\ntuser.ini
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Šablony
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Soubory cookie
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Poslední
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Okolní tiskárny
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Okolní síť
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Nabídka Start
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Dokumenty
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Documents\Obrázky
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Documents\Hudba
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Documents\Filmy
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\Data aplikací
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 _SHDL C:\Users\Google\AppData\Local\Data aplikací
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google\AppData\Roaming\DAEMON Tools Pro
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google\AppData\Roaming\Adobe
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google\AppData\Local\VirtualStore
2014-01-16 18:34 - 2014-01-16 18:34 - 00000000 ____D C:\Users\Google
2014-01-16 18:10 - 2010-09-30 20:24 - 00000000 ____D C:\Users\Pavel\AppData\Local\Google
2014-01-16 16:19 - 2010-09-29 20:40 - 00000000 ____D C:\Windows\Panther
2014-01-16 15:00 - 2012-12-02 12:55 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-16 15:00 - 2012-12-02 12:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-16 15:00 - 2010-10-01 08:20 - 00000000 ____D C:\Users\Pavel\AppData\Local\Adobe
2014-01-15 21:58 - 2014-01-15 21:58 - 00000000 _____ C:\Windows\setuperr.log
2014-01-15 20:14 - 2014-01-15 19:19 - 00000000 ____D C:\Program Files\Opera
2014-01-15 19:32 - 2014-01-15 19:32 - 00000956 _____ C:\Users\Public\Desktop\Total Uninstall 6.lnk
2014-01-15 19:32 - 2014-01-15 19:32 - 00000000 ____D C:\ProgramData\Martau
2014-01-15 19:32 - 2014-01-15 19:32 - 00000000 ____D C:\Program Files\Total Uninstall 6
2014-01-15 19:32 - 2014-01-15 19:31 - 17226248 _____ (Gavrila Martau ) C:\Users\Pavel\Downloads\Total-Uninstall-Setup-6.3.4.exe
2014-01-15 19:19 - 2014-01-15 19:19 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\Opera Software
2014-01-15 19:19 - 2014-01-15 19:19 - 00000000 ____D C:\Users\Pavel\AppData\Local\Opera Software
2014-01-15 19:06 - 2014-01-15 19:06 - 00443288 _____ C:\Users\Pavel\Downloads\VideoDownloadConvert.exe
2014-01-15 17:54 - 2013-09-21 22:14 - 00000000 ____D C:\ProgramData\Oracle
2014-01-15 17:53 - 2014-01-15 17:52 - 00005134 _____ C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-15 17:53 - 2013-09-21 22:14 - 00000000 ____D C:\Program Files\Java
2014-01-15 17:12 - 2014-01-15 17:12 - 00000000 ____D C:\Program Files\Google
2014-01-15 17:11 - 2011-10-18 21:48 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2014-01-15 17:06 - 2010-10-01 08:21 - 00000000 ____D C:\Users\Pavel\AppData\Roaming\LangSoft
2014-01-15 16:38 - 2013-01-28 15:51 - 00000000 ____D C:\Windows\pss
2014-01-15 14:47 - 2009-07-14 05:33 - 00410672 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 14:10 - 2013-07-29 06:51 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 14:10 - 2010-10-01 08:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 14:08 - 2010-10-03 17:15 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 18:24 - 2014-01-13 18:24 - 00000000 ____D C:\ProgramData\NokiaInstallerCache
2014-01-13 18:24 - 2014-01-13 18:24 - 00000000 ____D C:\Program Files\Nokia
2014-01-10 22:42 - 2010-09-29 19:55 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 08:31 - 2010-10-01 07:21 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-06 08:10 - 2014-01-06 08:09 - 00064168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-06 08:10 - 2013-10-28 23:01 - 00002018 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-06 08:09 - 2013-03-02 20:23 - 00180248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2014-01-06 08:09 - 2011-05-11 19:55 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-06 08:09 - 2010-09-29 21:00 - 00410528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-06 08:09 - 2010-09-29 21:00 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-06 08:09 - 2010-09-29 21:00 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-06 08:09 - 2010-09-29 21:00 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-05 22:32 - 2014-01-05 22:31 - 00000000 ____D C:\Users\Pavel\Desktop\NOKIA 625 PŘÍRUČKA

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 09:49




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:596.07 GB) (Free:478.27 GB) NTFS
Drive e: () (Fixed) (Total:74.52 GB) (Free:22.42 GB) NTFS

Available physical RAM: 1819.49 MB
Total physical RAM: 3327.18 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 2C1A3CDB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
Disk: 1 (Size: 75 GB) (Disk ID: 31D631D5)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:2F4A0A6B
AlternateDataStreams: C:\ProgramData\TEMP:55422315
AlternateDataStreams: C:\ProgramData\TEMP:57DC3B52
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E7D2A25A

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Defense+ (Disabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: COMODO Firewall (Disabled) {7DB03214-694B-060B-1600-BD4715C36DBB}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Pavel\Desktop" je 633 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
"E:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameXN GO
"C:\ProgramData\GameXN\GameXNGO.exe" /startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pavel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x1
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {14571F31-93F3-4571-AFD0-145D126153A7} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=2823CF98-9AF8-4886-A003-8833488F02D6&apn_sauid=D66A8E0F-735C-485C-8157-1CA0E2F3E4AE
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll ()
C:\Program Files\Skype\Toolbars
C:\Program Files\Yandex
Toolbar: HKLM - Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll ()
C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job
C:\Windows\Tasks\update-sys.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
AlternateDataStreams: C:\ProgramData\TEMP:2F4A0A6B
AlternateDataStreams: C:\ProgramData\TEMP:55422315
AlternateDataStreams: C:\ProgramData\TEMP:57DC3B52
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E7D2A25A
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[PavelP]

Mám to pustit jako před tím a vše zaškrtat podle obrázku . A má pustit FRSTLauncher.

[Rudy]

Pouze toto:

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[PavelP]

jj

[PavelP]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-01-2014
Ran by Pavel at 2014-01-27 21:23:39 Run:1
Running from C:\Users\Pavel\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {14571F31-93F3-4571-AFD0-145D126153A7} URL = http://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^CZ&apn_uid=2823CF98-9AF8-4886-A003-8833488F02D6&apn_sauid=D66A8E0F-735C-485C-8157-1CA0E2F3E4AE
BHO: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Vizuální záložky - {C93F72A2-2162-4BBA-A07A-F13663C297A6} - C:\Program Files\Yandex\YandexBarIE\fastdial.dll ()
C:\Program Files\Skype\Toolbars
C:\Program Files\Yandex
Toolbar: HKLM - Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll ()
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Yandex.Bar - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files\Yandex\YandexBarIE\yndbar.dll ()
C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job
C:\Windows\Tasks\update-sys.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe
AlternateDataStreams: C:\ProgramData\TEMP:2F4A0A6B
AlternateDataStreams: C:\ProgramData\TEMP:55422315
AlternateDataStreams: C:\ProgramData\TEMP:57DC3B52
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E7D2A25A
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14571F31-93F3-4571-AFD0-145D126153A7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{14571F31-93F3-4571-AFD0-145D126153A7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6} => Key deleted successfully.
HKCR\CLSID\{C93F72A2-2162-4BBA-A07A-F13663C297A6} => Key deleted successfully.
C:\Program Files\Skype\Toolbars => Moved successfully.
C:\Program Files\Yandex => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => Value deleted successfully.
HKCR\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Value deleted successfully.
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{91397D20-1446-11D4-8AF4-0040CA1127B6} => Value deleted successfully.
HKCR\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} => Key not found.
C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job => Moved successfully.
C:\Windows\Tasks\update-sys.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\update-S-1-5-21-2779355019-2712571496-3250324536-1000.job not found.
C:\Windows\Tasks\update-sys.job not found.
C:\ProgramData\TEMP => ":2F4A0A6B" ADS removed successfully.
C:\ProgramData\TEMP => ":55422315" ADS removed successfully.
C:\ProgramData\TEMP => ":57DC3B52" ADS removed successfully.
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\TEMP => ":E7D2A25A" ADS removed successfully.

==== End of Fixlog ====

[Rudy]

Smazáno, vyčištěno.

[PavelP]

Tak jsem zkoušel nainstaloval Google a nešlo to píše to pořád tu samou hlášku....Instalace se nezdařila. Instalační program aplikace Google Chrome se nespustila.

[Rudy]

Zkusíme hloubkový sken na viry. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[PavelP]

Log se nevejde na jednu stránku tak jsem ho zabalil do raru.

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

Reboot::

Uložte na plochu jako CFSript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[PavelP]

zase se to nevešlo