Prosím o kontrolu logu

[postak4]

Dobrý den, prosím o kontrolu logu. AVAST hlásí pokaždé, když spustím prohlížeč chrom zachycení breberky. Pokaždé je ale detekována jiná www adresa. Pokoušel jsem se vyčistit ccleanerem, proskenoval jsem nb AVASTem s testem po restartu a ještě jsem použil superantispyware. Něco mi našel AVAST něco superantispyware. Ale výsledek je zdá se stejný. Nakonec jsem odinstaloval Chrome. Děkuji Postak4


Logfile of random's system information tool 1.10 (written by random/random)
Run by kindl_000 at 2014-08-09 19:51:32
Microsoft Windows 8.1
System drive C: has 175 GB (38%) free of 460 GB
Total RAM: 3911 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:38, on 9. 8. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\kindl_000\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\kindl_000.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [icq] C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\kindl_000\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [f.lux] "C:\Users\kindl_000\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9226 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
dashost.exe {9542cf60-50de-4d7f-9867993964fd8c61}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\System32\rpcnetp.exe
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\WINDOWS\system32\igfxext.exe -Embedding
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
igfxHK.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Elantech\ETDTouch.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
szndesktop.exe default start
"C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\skydrive.exe -Embedding
"C:\Users\kindl_000\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:208 CREDAT:267521 /prefetch:2
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1039541098-394477440-1502229893-10036_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1039541098-394477440-1502229893-10036 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 552 568 580 65536 576
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\kindl_000\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:28a00c95-8041-4955-bab0-2fab984f03a7
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job - C:\Program Files\SUPERAntiSpyware\SASTask.exe "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:321ec786-f979-40f5-a753-dca58511cefb

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-13 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-09 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-13 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-09 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-07-18 2894664]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-05-31 133248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe [2014-03-06 33664344]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\kindl_000\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"f.lux"=C:\Users\kindl_000\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2013-11-14 457728]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2014-08-08 7762712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-12-04 111216]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-08-03 4085896]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-05-31 133248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Program Files (x86)\SW-Booster\Assistant_x64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-08-09 19:51:32 ----D---- C:\rsit
2014-08-09 19:51:32 ----D---- C:\Program Files\trend micro
2014-08-09 19:35:14 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-09 19:03:24 ----D---- C:\Users\kindl_000\AppData\Roaming\SUPERAntiSpyware.com
2014-08-09 19:02:59 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-08-09 19:02:59 ----D---- C:\Program Files\SUPERAntiSpyware
2014-08-09 12:26:02 ----A---- C:\WINDOWS\SYSWOW64\javaws.exe
2014-08-09 12:25:57 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2014-08-09 12:25:57 ----A---- C:\WINDOWS\SYSWOW64\javaw.exe
2014-08-09 12:25:57 ----A---- C:\WINDOWS\SYSWOW64\java.exe
2014-08-09 12:25:42 ----D---- C:\Program Files (x86)\Java
2014-08-07 23:45:01 ----A---- C:\WINDOWS\SYSWOW64\rpcnetp.dll
2014-08-07 23:44:16 ----A---- C:\WINDOWS\SYSWOW64\rpcnetp.exe
2014-08-07 14:48:36 ----A---- C:\WINDOWS\SYSWOW64\agremove.exe
2014-08-01 11:19:02 ----D---- C:\ProgramData\Riot Games
2014-08-01 11:16:39 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_39.dll
2014-08-01 11:16:38 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_39.dll
2014-08-01 11:16:37 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_39.dll
2014-08-01 11:16:27 ----SHD---- C:\WINDOWS\SYSWOW64\AI_RecycleBin
2014-08-01 11:16:23 ----D---- C:\Program Files (x86)\League of Legends
2014-08-01 11:12:20 ----D---- C:\Users\kindl_000\AppData\Roaming\Riot Games
2014-07-27 18:49:20 ----RHD---- C:\Users\kindl_000\AppData\Roaming\SecuROM
2014-07-25 17:39:20 ----A---- C:\WINDOWS\SYSWOW64\insugf64.exe
2014-07-24 20:28:02 ----D---- C:\Program Files (x86)\Origin Games
2014-07-24 20:18:56 ----D---- C:\Users\kindl_000\AppData\Roaming\Origin
2014-07-24 20:03:06 ----D---- C:\ProgramData\Origin
2014-07-24 20:03:04 ----D---- C:\ProgramData\Electronic Arts
2014-07-24 20:03:00 ----D---- C:\Program Files (x86)\Origin
2014-07-22 19:54:19 ----A---- C:\WINDOWS\system32\SyncEngine.dll
2014-07-22 19:54:18 ----A---- C:\WINDOWS\system32\SkyDrive.exe
2014-07-22 19:54:17 ----A---- C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-07-20 19:47:14 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2014-07-20 19:47:14 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2014-07-20 19:47:14 ----A---- C:\WINDOWS\system32\mfcore.dll
2014-07-20 19:47:14 ----A---- C:\WINDOWS\system32\d3d9.dll
2014-07-20 19:47:13 ----A---- C:\WINDOWS\system32\authui.dll
2014-07-20 19:47:12 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2014-07-20 19:47:11 ----A---- C:\WINDOWS\system32\vpnike.dll
2014-07-20 19:47:11 ----A---- C:\WINDOWS\system32\localspl.dll
2014-07-20 19:47:10 ----A---- C:\WINDOWS\system32\fveapi.dll
2014-07-20 19:47:09 ----A---- C:\WINDOWS\system32\ntdll.dll
2014-07-20 19:47:09 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2014-07-20 19:47:08 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2014-07-20 19:47:07 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2014-07-20 19:47:07 ----A---- C:\WINDOWS\system32\SkyDriveShell.dll
2014-07-20 19:47:07 ----A---- C:\WINDOWS\system32\framedynos.dll
2014-07-20 19:47:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2014-07-20 19:47:07 ----A---- C:\WINDOWS\system32\actxprxy.dll
2014-07-20 19:47:06 ----A---- C:\WINDOWS\SYSWOW64\SkyDriveShell.dll
2014-07-20 19:47:06 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2014-07-20 19:47:05 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2014-07-20 19:47:05 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2014-07-20 19:47:05 ----A---- C:\WINDOWS\system32\bdesvc.dll
2014-07-20 19:47:04 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2014-07-20 19:47:04 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2014-07-20 19:47:04 ----A---- C:\WINDOWS\system32\BFE.DLL
2014-07-20 19:47:03 ----A---- C:\WINDOWS\system32\winbici.dll
2014-07-20 19:47:03 ----A---- C:\WINDOWS\system32\framedyn.dll
2014-07-20 19:47:02 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2014-07-20 19:47:01 ----A---- C:\WINDOWS\system32\drivers\vwifimp.sys
2014-07-20 19:47:00 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2014-07-20 19:47:00 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2014-07-20 19:47:00 ----A---- C:\WINDOWS\system32\WebClnt.dll
2014-07-20 19:47:00 ----A---- C:\WINDOWS\system32\Robocopy.exe
2014-07-20 19:47:00 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2014-07-20 19:47:00 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2014-07-20 19:46:59 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2014-07-20 19:46:56 ----A---- C:\WINDOWS\SYSWOW64\framedyn.dll
2014-07-20 19:46:56 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2014-07-20 19:46:56 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2014-07-20 19:46:56 ----A---- C:\WINDOWS\system32\BulkOperationHost.exe
2014-07-20 19:46:55 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2014-07-20 19:46:55 ----A---- C:\WINDOWS\system32\drivers\vwififlt.sys
2014-07-20 19:46:54 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2014-07-20 19:46:54 ----A---- C:\WINDOWS\system32\srms.dat
2014-07-20 19:46:54 ----A---- C:\WINDOWS\system32\reseteng.dll
2014-07-20 19:46:26 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-20 19:46:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2014-07-20 19:46:20 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2014-07-20 19:46:18 ----AC---- C:\WINDOWS\system32\drivers\usbport.sys
2014-07-20 19:46:18 ----AC---- C:\WINDOWS\system32\drivers\usbhub.sys
2014-07-20 19:46:18 ----A---- C:\WINDOWS\system32\rsaenh.dll
2014-07-20 19:46:17 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2014-07-20 19:46:17 ----A---- C:\WINDOWS\SYSWOW64\rsaenh.dll
2014-07-20 19:46:17 ----A---- C:\WINDOWS\system32\WUDFSvc.dll
2014-07-20 19:46:17 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2014-07-20 19:46:17 ----A---- C:\WINDOWS\system32\WUDFHost.exe
2014-07-20 19:46:17 ----A---- C:\WINDOWS\system32\drivers\WUDFRd.sys
2014-07-20 19:46:17 ----A---- C:\WINDOWS\system32\drivers\WUDFPf.sys
2014-07-20 19:46:16 ----AC---- C:\WINDOWS\system32\drivers\usbehci.sys
2014-07-20 19:46:15 ----AC---- C:\WINDOWS\system32\drivers\usbuhci.sys
2014-07-20 19:46:15 ----AC---- C:\WINDOWS\system32\drivers\usbd.sys
2014-07-20 19:46:15 ----A---- C:\WINDOWS\SYSWOW64\DaOtpCredentialProvider.dll
2014-07-20 19:46:15 ----A---- C:\WINDOWS\system32\hal.dll
2014-07-20 19:46:15 ----A---- C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-07-19 08:09:32 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2014-07-13 14:15:03 ----A---- C:\WINDOWS\system32\termsrv.dll
2014-07-13 10:41:37 ----A---- C:\WINDOWS\system32\win32k.sys
2014-07-13 10:41:35 ----A---- C:\WINDOWS\SYSWOW64\osk.exe
2014-07-13 10:41:35 ----A---- C:\WINDOWS\system32\osk.exe
2014-07-13 10:41:34 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2014-07-13 10:41:31 ----A---- C:\WINDOWS\system32\lsasrv.dll
2014-07-13 10:41:31 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2014-07-13 10:41:31 ----A---- C:\WINDOWS\system32\certcli.dll
2014-07-13 10:41:30 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2014-07-13 10:41:30 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2014-07-13 10:41:30 ----A---- C:\WINDOWS\system32\adtschema.dll
2014-07-13 10:41:17 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2014-07-13 10:41:17 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2014-07-13 10:41:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-07-13 10:41:14 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2014-07-13 10:40:56 ----A---- C:\WINDOWS\system32\jscript9.dll
2014-07-13 10:40:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-07-13 10:40:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2014-07-13 10:40:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2014-07-13 10:40:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-07-13 10:40:40 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2014-07-13 10:40:40 ----A---- C:\WINDOWS\system32\wininet.dll
2014-07-13 10:40:39 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-07-13 10:40:39 ----A---- C:\WINDOWS\system32\dxtrans.dll
2014-07-13 10:40:38 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2014-07-13 10:40:38 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2014-07-13 10:40:38 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2014-07-13 10:40:38 ----A---- C:\WINDOWS\SYSWOW64\dxtmsft.dll
2014-07-13 10:40:38 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2014-07-13 10:40:37 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2014-07-13 10:40:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-07-13 10:40:36 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2014-07-13 10:40:36 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-07-13 10:40:36 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2014-07-13 10:40:36 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2014-07-13 10:40:35 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2014-07-13 10:39:56 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2014-07-13 10:39:56 ----A---- C:\WINDOWS\system32\qedit.dll
2014-07-13 10:39:49 ----A---- C:\WINDOWS\system32\WSShared.dll
2014-07-13 10:39:49 ----A---- C:\WINDOWS\system32\twinui.dll
2014-07-13 10:39:48 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2014-07-13 10:39:47 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2014-07-13 10:39:47 ----A---- C:\WINDOWS\system32\wuaueng.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\system32\wudriver.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\system32\wuauclt.exe
2014-07-13 10:39:46 ----A---- C:\WINDOWS\system32\wuapi.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2014-07-13 10:39:46 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-13 10:34:38 ----A---- C:\WINDOWS\avastSS.scr
2014-07-13 10:32:17 ----A---- C:\WINDOWS\system32\WSReset.exe

======List of files/folders modified in the last 1 month======

2014-08-09 19:51:32 ----D---- C:\Program Files
2014-08-09 19:49:54 ----D---- C:\Program Files (x86)\Google
2014-08-09 19:42:37 ----D---- C:\Users\kindl_000\AppData\Roaming\Seznam.cz
2014-08-09 19:38:52 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2014-08-09 19:36:21 ----D---- C:\WINDOWS\debug
2014-08-09 19:35:14 ----RD---- C:\WINDOWS\System32
2014-08-09 19:35:09 ----D---- C:\Windows
2014-08-09 19:35:08 ----A---- C:\WINDOWS\system32\rpcnetp.exe
2014-08-09 19:35:05 ----A---- C:\WINDOWS\system32\wpbbin.exe
2014-08-09 19:34:38 ----D---- C:\WINDOWS\system32\catroot2
2014-08-09 19:21:28 ----D---- C:\Users\kindl_000\AppData\Roaming\Wise Disk Cleaner
2014-08-09 19:19:32 ----D---- C:\WINDOWS\SoftwareDistribution
2014-08-09 19:11:10 ----D---- C:\WINDOWS\Tasks
2014-08-09 19:11:10 ----D---- C:\WINDOWS\system32\Tasks
2014-08-09 19:04:57 ----D---- C:\Program Files (x86)\Steam
2014-08-09 19:04:18 ----D---- C:\WINDOWS\Inf
2014-08-09 19:04:17 ----D---- C:\WINDOWS\Minidump
2014-08-09 19:04:17 ----D---- C:\WINDOWS\Logs
2014-08-09 19:04:16 ----D---- C:\WINDOWS\Temp
2014-08-09 19:03:24 ----HD---- C:\ProgramData
2014-08-09 19:02:01 ----D---- C:\WINDOWS\system32\sru
2014-08-09 18:56:56 ----D---- C:\Program Files (x86)
2014-08-09 18:49:19 ----D---- C:\WINDOWS\AppReadiness
2014-08-09 18:49:18 ----HD---- C:\Program Files\WindowsApps
2014-08-09 17:00:15 ----D---- C:\WINDOWS\Microsoft.NET
2014-08-09 15:48:01 ----D---- C:\ProgramData\save ona
2014-08-09 14:03:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-09 13:59:16 ----D---- C:\Users\kindl_000\AppData\Roaming\vlc
2014-08-09 12:26:21 ----D---- C:\ProgramData\Oracle
2014-08-09 12:26:09 ----SHD---- C:\WINDOWS\Installer
2014-08-09 12:26:08 ----D---- C:\Program Files (x86)\Common Files
2014-08-09 12:26:02 ----D---- C:\WINDOWS\SysWOW64
2014-08-09 12:25:01 ----SHD---- C:\System Volume Information
2014-08-09 12:16:41 ----D---- C:\WINDOWS\system32\config
2014-08-07 17:41:15 ----D---- C:\WINDOWS\rescache
2014-08-07 14:28:20 ----D---- C:\WINDOWS\system32\DriverStore
2014-08-05 20:38:32 ----D---- C:\Users\kindl_000\AppData\Roaming\.minecraft
2014-08-03 20:21:46 ----D---- C:\WINDOWS\WinSxS
2014-08-03 11:46:46 ----D---- C:\Users\kindl_000\AppData\Roaming\Skype
2014-07-30 12:06:01 ----D---- C:\WINDOWS\Prefetch
2014-07-30 11:57:38 ----D---- C:\Program Files (x86)\Hry
2014-07-28 21:01:11 ----SD---- C:\Users\kindl_000\AppData\Roaming\Microsoft
2014-07-28 20:21:33 ----D---- C:\WINDOWS\CbsTemp
2014-07-20 19:57:15 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-20 19:53:45 ----D---- C:\WINDOWS\system32\catroot
2014-07-20 19:53:14 ----D---- C:\WINDOWS\system32\drivers
2014-07-20 19:53:13 ----D---- C:\WINDOWS\SYSWOW64\wbem
2014-07-20 19:53:13 ----D---- C:\WINDOWS\SYSWOW64\migration
2014-07-20 19:53:13 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2014-07-20 19:53:13 ----D---- C:\WINDOWS\system32\wbem
2014-07-20 19:53:13 ----D---- C:\WINDOWS\system32\en-US
2014-07-20 19:53:13 ----D---- C:\WINDOWS\system32\cs-CZ
2014-07-20 19:53:13 ----D---- C:\WINDOWS\MediaViewer
2014-07-20 19:53:13 ----D---- C:\WINDOWS\Camera
2014-07-20 19:53:12 ----D---- C:\WINDOWS\FileManager
2014-07-19 07:24:44 ----D---- C:\ProgramData\Adblocker
2014-07-18 20:05:55 ----D---- C:\ProgramData\ssaave on
2014-07-18 19:59:44 ----D---- C:\Users\kindl_000\AppData\Roaming\BitTorrent
2014-07-18 17:42:32 ----RSD---- C:\WINDOWS\Fonts
2014-07-13 20:50:29 ----D---- C:\Users\kindl_000\AppData\Roaming\ESTsoft
2014-07-13 14:19:51 ----D---- C:\Program Files\Windows Journal
2014-07-13 14:19:51 ----D---- C:\Program Files\Internet Explorer
2014-07-13 14:19:51 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-13 14:19:50 ----RD---- C:\WINDOWS\ToastData
2014-07-13 14:19:49 ----D---- C:\WINDOWS\WinStore
2014-07-13 14:19:45 ----D---- C:\WINDOWS\system32\MRT
2014-07-13 14:16:18 ----A---- C:\WINDOWS\system32\MRT.exe
2014-07-13 10:34:39 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-07-13 65776]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-07-13 224896]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2014-07-13 93568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2014-07-13 1041168]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2014-07-13 427360]
R1 dtsoftbus01;@oem42.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-06-07 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2014-07-13 29208]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2014-07-13 79184]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2014-07-13 92008]
R3 athr;@oem5.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-05-17 3847168]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-01-31 81920]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2013-07-18 381768]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-05-21 3791872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem35.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem25.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MEIx64;@oem21.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 Ps2Kb2Hid;@oem22.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-12-04 26736]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 AthBTPort;@oem10.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-05-31 89800]
S3 BTATH_A2DP;@oem9.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-05-31 347336]
S3 btath_avdt;@oem9.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-05-31 115912]
S3 BTATH_HCRP;@oem11.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-05-31 179432]
S3 BTATH_LWFLT;@oem13.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-05-31 77464]
S3 BTATH_RCP;@oem14.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-05-31 136784]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2013-08-22 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-04-11 1200128]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2012-04-21 196440]
S3 intaud_WaveExtensible;@oem24.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2012-06-22 106112]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2014-01-27 167424]
S3 SensorsSimulatorDriver;@oem33.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-05-31 310912]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-13 50344]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-02-28 2615368]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-10 350544]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-05-21 314696]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-21 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-12-04 96880]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-10-20 130024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-05-21 278344]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-05-01 470056]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 VsEtwService120;Visual Studio ETW Event Collection Service; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [2013-10-04 87728]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[postak4]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by kindl_000 on Łt 12. 08. 2014 at 21:01:16,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\optimizer pro_is1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F502BAF9-2EB0-4814-AC81-FA7D37D41623}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 12. 08. 2014 at 21:10:29,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[postak4]

# AdwCleaner v3.304 - Report created 12/08/2014 at 21:21:35
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1 (64 bits)
# Username : kindl_000 - CROCKER
# Running from : C:\Users\kindl_000\Downloads\adwcleaner_3.304.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\Pokki
Folder Deleted : C:\ProgramData\save ona
Folder Deleted : C:\ProgramData\ssaave on
Folder Deleted : C:\Program Files (x86)\Adblocker
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\kindl_000\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\kindl_000\AppData\Local\Pokki
Folder Deleted : C:\Users\kindl_000\AppData\Local\torch

***** [ Scheduled Tasks ] *****

Task Deleted : SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7
Task Deleted : SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SW-Booster\Assistant_x64.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


*************************

AdwCleaner[R0].txt - [2261 octets] - [12/08/2014 21:17:44]
AdwCleaner[S0].txt - [1995 octets] - [12/08/2014 21:21:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2055 octets] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  emptyclsid;
  iedefaults;
  FFdefaults;
  CHRdefaults;
  emptyalltemp;
  resethosts;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[postak4]

Zoek.exe v5.0.0.0 Updated 11-August-2014
Tool run by kindl_000 on Łt 12. 08. 2014 at 22:10:51,86.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\kindl_000\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12. 8. 2014 22:12:19 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Wise\Wise Registry Cleaner deleted
C:\Users\kindl_000\AppData\Roaming\Network Meter_Usage.ini deleted
C:\Users\kindl_000\AppData\Roaming\Network Monitor II_Traffic.ini deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\kindl_000\Searches deleted
"C:\Windows\Installer\39f59.msi" deleted
"C:\PROGRA~3\aedadec1251f4555\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140622123639" deleted
"C:\PROGRA~3\aedadec1251f4555\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}" deleted
"C:\PROGRA~3\aedadec1251f4555\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.20140622123609" deleted
"C:\PROGRA~3\aedadec1251f4555\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9}.old" deleted
"C:\PROGRA~3\aedadec1251f4555\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140622123706" deleted
"C:\PROGRA~3\aedadec1251f4555" deleted
"C:\PROGRA~3\Package Cache" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [13. 07. 2014 10:34]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[13. 07. 2014 10:34]

ssaave on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - kindl_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - kindl_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - kindl_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk
ssaave on - kindl_000\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj
save on - kindl_000\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo
Cirrus Insight - kindl_000\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk

==== Chrome Fix ======================

C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\kindl_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\kindl_000\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bgklalfonjpeomjkjmcleckokcedpacj deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\kindl_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\kindl_000\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bpjhmcinlpnpdccllpodpjnhkmiomnjo deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\kindl_000\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully
C:\Users\kindl_000\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fmdomiplhgolgpibfdjjhgbcbkdcfkmk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=13415"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{116C4EB4-368F-48C7-BBA1-4FC99D4AC659}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/?clid=13415"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{01CF43B8-6088-484E-ACDC-5AFE853CF0A8} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{116C4EB4-368F-48C7-BBA1-4FC99D4AC659} Unknown Url="Not_Found"
{25D7DCEC-E21D-4AB4-B672-7ED0C518E5D4} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415"
{43F8FC6B-041B-47CB-804C-B86AF2FCE8B4} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
{6D6AE731-4C74-4E10-B468-C41DE22A00E9} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13415"
{8F9EDAB1-7321-48D2-A840-9A196344E81C} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13415"
{CDAD6865-B435-4B9E-8886-E2AD3C223589} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13415"
{D3132FF8-928F-4D76-AC62-20056A254FA6} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13415"
{F07FC7B0-3629-4409-BC07-A8395AB29C69} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13415"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Internet Explorer\SearchScopes\{116C4EB4-368F-48C7-BBA1-4FC99D4AC659} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\kindl_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\kindl_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1420 folders=525 982090460 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\kindl_000\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\KINDL_~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 12. 08. 2014 at 22:34:01,63 ======================

[vyosek]

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

[postak4]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014
Ran by kindl_000 (administrator) on CROCKER on 13-08-2014 12:08:21
Running from C:\Users\kindl_000\Desktop
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
() C:\Windows\System32\rpcnetp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Flux Software LLC) C:\Users\kindl_000\AppData\Local\FluxSoftware\Flux\flux.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Farbar) C:\Users\kindl_000\Downloads\FRST64 (2).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-07-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-12-04] (Dritek System Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-03] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [icq] => C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe [33664344 2014-03-06] (ICQ)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\kindl_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [f.lux] => C:\Users\kindl_000\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [457728 2013-11-14] (Microsoft Corporation)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-08] (SUPERAntiSpyware)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-08-09] ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {01CF43B8-6088-484E-ACDC-5AFE853CF0A8} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {25D7DCEC-E21D-4AB4-B672-7ED0C518E5D4} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {43F8FC6B-041B-47CB-804C-B86AF2FCE8B4} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {6D6AE731-4C74-4E10-B468-C41DE22A00E9} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {8F9EDAB1-7321-48D2-A840-9A196344E81C} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {CDAD6865-B435-4B9E-8886-E2AD3C223589} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
SearchScopes: HKCU - {D3132FF8-928F-4D76-AC62-20056A254FA6} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {F07FC7B0-3629-4409-BC07-A8395AB29C69} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\kindl_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-13]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-13] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-28] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-12-04] (Dritek System INC.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-13] ()
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-31] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-06-07] (Disc Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-21] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-12-04] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-13 12:08 - 2014-08-13 12:08 - 00014861 _____ () C:\Users\kindl_000\Desktop\FRST.txt
2014-08-13 12:06 - 2014-08-13 12:08 - 00000000 ____D () C:\FRST
2014-08-13 11:59 - 2014-08-13 11:59 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (2).exe
2014-08-13 11:58 - 2014-08-13 11:58 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (1).exe
2014-08-13 11:57 - 2014-08-13 11:57 - 02100224 _____ (Farbar) C:\Users\kindl_000\Desktop\FRST64.exe
2014-08-12 22:31 - 2014-08-12 22:10 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-12 22:11 - 2014-08-12 22:34 - 00013828 _____ () C:\zoek-results.log
2014-08-12 22:08 - 2014-08-12 22:28 - 00000000 ____D () C:\zoek_backup
2014-08-12 22:08 - 2014-08-12 22:08 - 01288704 _____ () C:\Users\kindl_000\Desktop\zoek.exe
2014-08-12 21:26 - 2014-08-12 22:33 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job
2014-08-12 21:26 - 2014-08-12 22:33 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job
2014-08-12 21:26 - 2014-08-12 21:26 - 00003594 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7
2014-08-12 21:26 - 2014-08-12 21:26 - 00003512 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb
2014-08-12 21:17 - 2014-08-12 21:21 - 00000000 ____D () C:\AdwCleaner
2014-08-12 21:16 - 2014-08-12 21:16 - 01366203 _____ () C:\Users\kindl_000\Downloads\adwcleaner_3.304.exe
2014-08-12 21:10 - 2014-08-12 21:10 - 00001116 _____ () C:\Users\kindl_000\Desktop\JRT.txt
2014-08-12 21:00 - 2014-08-12 21:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-12 20:58 - 2014-08-12 20:58 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT (1).exe
2014-08-12 20:56 - 2014-08-12 20:56 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT.exe.0yln48p.partial
2014-08-10 21:16 - 2014-08-10 21:16 - 170983624 _____ () C:\Users\kindl_000\Desktop\FotkyStory - Naše rodinka.wp3
2014-08-09 21:12 - 2014-08-09 21:12 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-09 21:12 - 2014-08-09 21:12 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-08-09 20:11 - 2014-08-09 21:56 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Deployment
2014-08-09 20:11 - 2014-08-09 20:11 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Apps\2.0
2014-08-09 20:10 - 2014-08-09 20:10 - 04523576 _____ (DevAge, Vestris Inc. & Contributors) C:\Users\kindl_000\Downloads\GhostReconPhantoms_Setup(EU).exe
2014-08-09 19:51 - 2014-08-09 19:51 - 01222144 _____ () C:\Users\kindl_000\Downloads\RSITx64.exe
2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\rsit
2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\Program Files\trend micro
2014-08-09 19:35 - 2014-08-12 22:33 - 00001270 _____ () C:\WINDOWS\PFRO.log
2014-08-09 19:35 - 2014-08-09 19:36 - 00392776 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-09 19:03 - 2014-08-09 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-09 19:03 - 2014-08-09 19:03 - 00001784 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-09 19:03 - 2014-08-09 19:03 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\SUPERAntiSpyware.com
2014-08-09 19:02 - 2014-08-12 22:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-09 19:02 - 2014-08-09 19:02 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-09 12:26 - 2014-08-09 12:25 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-09 12:25 - 2014-08-09 12:25 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-09 12:25 - 2014-08-09 12:25 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-09 12:25 - 2014-08-09 12:25 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 12:25 - 2014-08-09 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-09 12:25 - 2014-08-09 12:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 23:45 - 2014-08-12 22:33 - 00017408 _____ () C:\WINDOWS\SysWOW64\rpcnetp.dll
2014-08-07 23:44 - 2014-08-12 22:33 - 00017408 _____ () C:\WINDOWS\SysWOW64\rpcnetp.exe
2014-08-07 14:48 - 2014-08-13 11:59 - 00043008 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\agremove.exe
2014-08-01 11:19 - 2014-08-01 11:19 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-01 11:16 - 2014-08-01 11:19 - 00000000 ____D () C:\Program Files (x86)\League of Legends
2014-08-01 11:16 - 2014-08-01 11:16 - 00001768 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-08-01 11:16 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2014-08-01 11:16 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2014-08-01 11:16 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2014-08-01 11:12 - 2014-08-01 11:13 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Riot Games
2014-07-28 20:34 - 2014-07-28 20:34 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Wooky_s.r.o
2014-07-28 19:52 - 2014-08-09 19:04 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wooky
2014-07-28 19:52 - 2014-07-28 19:52 - 00001181 _____ () C:\Users\kindl_000\Desktop\Wooky.lnk
2014-07-28 19:52 - 2014-07-28 19:52 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Mobilbonus
2014-07-27 18:49 - 2014-07-27 18:49 - 00000000 __RHD () C:\Users\kindl_000\AppData\Roaming\SecuROM
2014-07-27 18:49 - 2014-07-27 18:49 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-07-27 18:49 - 2014-07-27 18:49 - 00000000 ____D () C:\Users\kindl_000\Documents\EA Games
2014-07-26 22:06 - 2014-07-26 22:06 - 00787997 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl+pohovka+kniha+papíry+muž.skp
2014-07-26 19:32 - 2014-07-26 19:32 - 00392963 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl - porovnání.skp
2014-07-26 19:18 - 2014-07-26 19:18 - 00087370 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl 2 (ochrana na rohy- dřevo).skp
2014-07-26 19:06 - 2014-07-26 19:06 - 00085556 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl.skp
2014-07-26 17:16 - 2014-07-26 17:16 - 00001832 _____ () C:\Users\kindl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-07-25 17:39 - 2014-07-18 20:42 - 00026496 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\insugf64.exe
2014-07-24 21:36 - 2014-07-28 19:50 - 00002693 _____ () C:\Users\kindl_000\Desktop\Poznámky.odt
2014-07-24 20:28 - 2014-07-25 17:04 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-24 20:18 - 2014-07-25 17:02 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Origin
2014-07-24 20:18 - 2014-07-24 20:28 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Origin
2014-07-24 20:03 - 2014-07-27 10:39 - 00000000 ____D () C:\ProgramData\Origin
2014-07-24 20:03 - 2014-07-27 10:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-24 20:03 - 2014-07-24 20:03 - 00000955 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-07-24 20:03 - 2014-07-24 20:03 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-22 22:18 - 2014-08-10 21:21 - 00000000 ___RD () C:\Users\kindl_000\Desktop\Kniha
2014-07-22 19:54 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-07-22 19:54 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-07-22 19:54 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-07-20 19:47 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-07-20 19:47 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-07-20 19:47 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-07-20 19:47 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-07-20 19:47 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-20 19:47 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-20 19:47 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-07-20 19:47 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-07-20 19:47 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-07-20 19:47 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-07-20 19:47 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-07-20 19:47 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-07-20 19:47 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-07-20 19:47 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-20 19:47 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-07-20 19:47 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-07-20 19:47 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-07-20 19:47 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-20 19:47 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-20 19:47 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-07-20 19:47 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-07-20 19:47 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-07-20 19:47 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-07-20 19:47 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-07-20 19:47 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-07-20 19:47 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-07-20 19:47 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-07-20 19:47 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-07-20 19:47 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-07-20 19:47 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-07-20 19:47 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-07-20 19:47 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-07-20 19:47 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-07-20 19:47 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-07-20 19:47 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-07-20 19:46 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-07-20 19:46 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-07-20 19:46 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-07-20 19:46 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-07-20 19:46 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-20 19:46 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-20 19:46 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-20 19:46 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-20 19:46 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-20 19:46 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-07-20 19:46 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-07-20 19:46 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-07-20 19:46 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-07-20 19:46 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-07-20 19:46 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-20 19:46 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-07-20 19:46 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-07-20 19:46 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-20 19:46 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-20 19:46 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-07-20 19:46 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-07-20 19:46 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-07-20 19:46 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-07-20 19:46 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-07-20 19:46 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-07-20 19:46 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-07-20 19:46 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-07-20 19:46 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-07-20 19:46 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-07-19 08:09 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-07-15 09:07 - 2014-07-15 09:23 - 00000000 ____D () C:\Users\kindl_000\Documents\Mobil2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-13 12:08 - 2014-08-13 12:08 - 00014861 _____ () C:\Users\kindl_000\Desktop\FRST.txt
2014-08-13 12:08 - 2014-08-13 12:06 - 00000000 ____D () C:\FRST
2014-08-13 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-13 11:59 - 2014-08-13 11:59 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (2).exe
2014-08-13 11:59 - 2014-08-07 14:48 - 00043008 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\agremove.exe
2014-08-13 11:58 - 2014-08-13 11:58 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (1).exe
2014-08-13 11:57 - 2014-08-13 11:57 - 02100224 _____ (Farbar) C:\Users\kindl_000\Desktop\FRST64.exe
2014-08-13 11:51 - 2014-02-18 17:59 - 00000000 __RDO () C:\Users\kindl_000\SkyDrive
2014-08-13 11:51 - 2014-02-13 21:11 - 00003982 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E0B58A7-1D96-466F-8588-3C2701967C98}
2014-08-13 11:48 - 2014-06-07 13:16 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Seznam.cz
2014-08-13 11:43 - 2014-02-13 15:27 - 00000966 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-13 11:43 - 2014-02-13 15:27 - 00000962 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-12 22:40 - 2014-02-13 22:34 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-12 22:34 - 2014-08-12 22:11 - 00013828 _____ () C:\zoek-results.log
2014-08-12 22:34 - 2014-08-09 19:02 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-12 22:34 - 2014-02-13 20:58 - 00000000 ____D () C:\Users\kindl_000
2014-08-12 22:33 - 2014-08-12 21:26 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job
2014-08-12 22:33 - 2014-08-12 21:26 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job
2014-08-12 22:33 - 2014-08-09 19:35 - 00001270 _____ () C:\WINDOWS\PFRO.log
2014-08-12 22:33 - 2014-08-07 23:45 - 00017408 _____ () C:\WINDOWS\SysWOW64\rpcnetp.dll
2014-08-12 22:33 - 2014-08-07 23:44 - 00017408 _____ () C:\WINDOWS\SysWOW64\rpcnetp.exe
2014-08-12 22:33 - 2014-02-13 18:29 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.exe
2014-08-12 22:33 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-12 22:32 - 2014-02-13 18:29 - 00029336 _____ () C:\WINDOWS\system32\wpbbin.exe
2014-08-12 22:32 - 2013-08-22 15:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-12 22:28 - 2014-08-12 22:08 - 00000000 ____D () C:\zoek_backup
2014-08-12 22:27 - 2014-05-02 19:15 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-08-12 22:10 - 2014-08-12 22:31 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-12 22:08 - 2014-08-12 22:08 - 01288704 _____ () C:\Users\kindl_000\Desktop\zoek.exe
2014-08-12 21:26 - 2014-08-12 21:26 - 00003594 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7
2014-08-12 21:26 - 2014-08-12 21:26 - 00003512 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb
2014-08-12 21:21 - 2014-08-12 21:17 - 00000000 ____D () C:\AdwCleaner
2014-08-12 21:16 - 2014-08-12 21:16 - 01366203 _____ () C:\Users\kindl_000\Downloads\adwcleaner_3.304.exe
2014-08-12 21:11 - 2014-02-13 21:13 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1039541098-394477440-1502229893-1003
2014-08-12 21:10 - 2014-08-12 21:10 - 00001116 _____ () C:\Users\kindl_000\Desktop\JRT.txt
2014-08-12 21:00 - 2014-08-12 21:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-12 20:59 - 2014-03-06 14:07 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Skype
2014-08-12 20:58 - 2014-08-12 20:58 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT (1).exe
2014-08-12 20:56 - 2014-08-12 20:56 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT.exe.0yln48p.partial
2014-08-12 20:43 - 2014-06-07 17:32 - 01575131 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-11 17:30 - 2014-05-17 21:20 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-10 21:21 - 2014-07-22 22:18 - 00000000 ___RD () C:\Users\kindl_000\Desktop\Kniha
2014-08-10 21:21 - 2014-03-07 00:57 - 00000000 ____D () C:\Users\kindl_000\Documents\Hry
2014-08-10 21:16 - 2014-08-10 21:16 - 170983624 _____ () C:\Users\kindl_000\Desktop\FotkyStory - Naše rodinka.wp3
2014-08-10 21:06 - 2014-03-23 14:10 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\vlc
2014-08-10 20:50 - 2014-05-01 09:43 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Audacity
2014-08-09 21:56 - 2014-08-09 20:11 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Deployment
2014-08-09 21:12 - 2014-08-09 21:12 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-09 21:12 - 2014-08-09 21:12 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-08-09 20:13 - 2014-02-23 16:59 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-09 20:13 - 2014-02-23 16:59 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-09 20:11 - 2014-08-09 20:11 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Apps\2.0
2014-08-09 20:10 - 2014-08-09 20:10 - 04523576 _____ (DevAge, Vestris Inc. & Contributors) C:\Users\kindl_000\Downloads\GhostReconPhantoms_Setup(EU).exe
2014-08-09 19:51 - 2014-08-09 19:51 - 01222144 _____ () C:\Users\kindl_000\Downloads\RSITx64.exe
2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\rsit
2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\Program Files\trend micro
2014-08-09 19:49 - 2014-02-13 21:24 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Google
2014-08-09 19:49 - 2014-02-13 15:27 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-09 19:36 - 2014-08-09 19:35 - 00392776 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-09 19:21 - 2014-05-02 19:15 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Wise Disk Cleaner
2014-08-09 19:04 - 2014-08-09 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-09 19:04 - 2014-07-28 19:52 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wooky
2014-08-09 19:04 - 2014-02-17 20:45 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-09 19:03 - 2014-08-09 19:03 - 00001784 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-08-09 19:03 - 2014-08-09 19:03 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\SUPERAntiSpyware.com
2014-08-09 19:02 - 2014-08-09 19:02 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-08-09 18:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-09 14:03 - 2013-11-14 14:40 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-09 14:03 - 2013-11-14 14:24 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-08-09 14:03 - 2013-11-14 14:24 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-08-09 12:26 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 12:25 - 2014-08-09 12:26 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-09 12:25 - 2014-08-09 12:25 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-09 12:25 - 2014-08-09 12:25 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-09 12:25 - 2014-08-09 12:25 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 12:25 - 2014-08-09 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-09 12:25 - 2014-08-09 12:25 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 17:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-05 20:38 - 2014-03-01 14:07 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\.minecraft
2014-08-05 14:09 - 2014-05-19 09:53 - 00000000 ____D () C:\Users\kindl_000\Documents\Mobil
2014-08-02 19:59 - 2014-02-13 20:58 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Packages
2014-08-01 20:18 - 2014-02-15 11:33 - 00000000 ____D () C:\Users\kindl_000\Documents\Thief - Deadly Shadows
2014-08-01 11:19 - 2014-08-01 11:19 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-01 11:19 - 2014-08-01 11:16 - 00000000 ____D () C:\Program Files (x86)\League of Legends
2014-08-01 11:16 - 2014-08-01 11:16 - 00001768 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-08-01 11:13 - 2014-08-01 11:12 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Riot Games
2014-07-30 20:11 - 2014-03-23 13:53 - 00001046 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-07-30 11:57 - 2014-03-08 21:03 - 00000000 ____D () C:\Program Files (x86)\Hry
2014-07-28 20:34 - 2014-07-28 20:34 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Wooky_s.r.o
2014-07-28 20:21 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-28 19:52 - 2014-07-28 19:52 - 00001181 _____ () C:\Users\kindl_000\Desktop\Wooky.lnk
2014-07-28 19:52 - 2014-07-28 19:52 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Mobilbonus
2014-07-28 19:50 - 2014-07-24 21:36 - 00002693 _____ () C:\Users\kindl_000\Desktop\Poznámky.odt
2014-07-27 18:49 - 2014-07-27 18:49 - 00000000 __RHD () C:\Users\kindl_000\AppData\Roaming\SecuROM
2014-07-27 18:49 - 2014-07-27 18:49 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-07-27 18:49 - 2014-07-27 18:49 - 00000000 ____D () C:\Users\kindl_000\Documents\EA Games
2014-07-27 10:39 - 2014-07-24 20:03 - 00000000 ____D () C:\ProgramData\Origin
2014-07-27 10:39 - 2014-07-24 20:03 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-26 22:06 - 2014-07-26 22:06 - 00787997 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl+pohovka+kniha+papíry+muž.skp
2014-07-26 19:34 - 2014-04-08 15:56 - 00000000 ____D () C:\Users\kindl_000\Documents\Visual Studio 2013
2014-07-26 19:32 - 2014-07-26 19:32 - 00392963 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl - porovnání.skp
2014-07-26 19:18 - 2014-07-26 19:18 - 00087370 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl 2 (ochrana na rohy- dřevo).skp
2014-07-26 19:06 - 2014-07-26 19:06 - 00085556 _____ () C:\Users\kindl_000\Documents\Taťkův konf. stůl.skp
2014-07-26 17:16 - 2014-07-26 17:16 - 00001832 _____ () C:\Users\kindl_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2014-07-25 17:04 - 2014-07-24 20:28 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-25 17:02 - 2014-07-24 20:18 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\Origin
2014-07-24 20:28 - 2014-07-24 20:18 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Origin
2014-07-24 20:03 - 2014-07-24 20:03 - 00000955 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-07-24 20:03 - 2014-07-24 20:03 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-07-22 22:16 - 2014-05-20 08:48 - 00000000 ____D () C:\Users\kindl_000\Documents\Sketch UP
2014-07-20 19:57 - 2014-04-19 17:13 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-20 19:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-07-20 19:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-07-20 19:53 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-07-20 19:43 - 2014-05-15 18:57 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-19 08:36 - 2014-05-24 09:12 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\Ashampoo
2014-07-18 20:42 - 2014-07-25 17:39 - 00026496 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\insugf64.exe
2014-07-18 19:59 - 2014-06-22 12:24 - 00000000 ____D () C:\Users\kindl_000\AppData\Roaming\BitTorrent
2014-07-18 18:00 - 2014-02-13 20:58 - 00000000 ____D () C:\Users\kindl_000\AppData\Local\VirtualStore
2014-07-15 09:23 - 2014-07-15 09:07 - 00000000 ____D () C:\Users\kindl_000\Documents\Mobil2

Files to move or delete:
====================
C:\Users\kindl_000\IP_Log_Data.js
C:\Users\kindl_000\Network_Meter_Data.js


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-07 13:57

==================== End Of Log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
  HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
  HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [icq] => C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe [33664344 2014-03-06] (ICQ)
  HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
  HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\kindl_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
  HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-08] (SUPERAntiSpyware)
  HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
  AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-08-09] ()
  GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
  
  Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
  
  CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
  
  2014-08-13 12:08 - 2014-08-13 12:08 - 00014861 _____ () C:\Users\kindl_000\Desktop\FRST.txt
  2014-08-13 11:59 - 2014-08-13 11:59 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (2).exe
  2014-08-13 11:58 - 2014-08-13 11:58 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (1).exe
  2014-08-12 22:31 - 2014-08-12 22:10 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
  2014-08-12 22:11 - 2014-08-12 22:34 - 00013828 _____ () C:\zoek-results.log
  2014-08-12 22:08 - 2014-08-12 22:28 - 00000000 ____D () C:\zoek_backup
  2014-08-12 22:08 - 2014-08-12 22:08 - 01288704 _____ () C:\Users\kindl_000\Desktop\zoek.exe
  2014-08-12 21:26 - 2014-08-12 22:33 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job
  2014-08-12 21:26 - 2014-08-12 22:33 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job
  2014-08-12 21:26 - 2014-08-12 21:26 - 00003594 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7
  2014-08-12 21:26 - 2014-08-12 21:26 - 00003512 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb
  2014-08-12 21:17 - 2014-08-12 21:21 - 00000000 ____D () C:\AdwCleaner
  2014-08-12 21:16 - 2014-08-12 21:16 - 01366203 _____ () C:\Users\kindl_000\Downloads\adwcleaner_3.304.exe
  2014-08-12 21:10 - 2014-08-12 21:10 - 00001116 _____ () C:\Users\kindl_000\Desktop\JRT.txt
  2014-08-12 21:00 - 2014-08-12 21:00 - 00000000 ____D () C:\WINDOWS\ERUNT
  2014-08-12 20:58 - 2014-08-12 20:58 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT (1).exe
  2014-08-12 20:56 - 2014-08-12 20:56 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT.exe.0yln48p.partial
  2014-08-09 19:51 - 2014-08-09 19:51 - 01222144 _____ () C:\Users\kindl_000\Downloads\RSITx64.exe
  2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\rsit
  2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\Program Files\trend micro
  C:\Users\kindl_000\IP_Log_Data.js
  C:\Users\kindl_000\Network_Meter_Data.js
  
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
  Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
  
  Hosts:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[postak4]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-08-2014
Ran by kindl_000 at 2014-08-15 08:10:18 Run:1
Running from C:\Users\kindl_000\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [icq] => C:\Users\kindl_000\AppData\Roaming\ICQM\icq.exe [33664344 2014-03-06] (ICQ)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [cz.seznam.software.autoupdate] => C:\Users\kindl_000\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [cz.seznam.software.szndesktop] => C:\Users\kindl_000\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7762712 2014-08-08] (SUPERAntiSpyware)
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-08-09] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

2014-08-13 12:08 - 2014-08-13 12:08 - 00014861 _____ () C:\Users\kindl_000\Desktop\FRST.txt
2014-08-13 11:59 - 2014-08-13 11:59 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (2).exe
2014-08-13 11:58 - 2014-08-13 11:58 - 02100224 _____ (Farbar) C:\Users\kindl_000\Downloads\FRST64 (1).exe
2014-08-12 22:31 - 2014-08-12 22:10 - 00024064 _____ () C:\WINDOWS\zoek-delete.exe
2014-08-12 22:11 - 2014-08-12 22:34 - 00013828 _____ () C:\zoek-results.log
2014-08-12 22:08 - 2014-08-12 22:28 - 00000000 ____D () C:\zoek_backup
2014-08-12 22:08 - 2014-08-12 22:08 - 01288704 _____ () C:\Users\kindl_000\Desktop\zoek.exe
2014-08-12 21:26 - 2014-08-12 22:33 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job
2014-08-12 21:26 - 2014-08-12 22:33 - 00000534 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job
2014-08-12 21:26 - 2014-08-12 21:26 - 00003594 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7
2014-08-12 21:26 - 2014-08-12 21:26 - 00003512 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb
2014-08-12 21:17 - 2014-08-12 21:21 - 00000000 ____D () C:\AdwCleaner
2014-08-12 21:16 - 2014-08-12 21:16 - 01366203 _____ () C:\Users\kindl_000\Downloads\adwcleaner_3.304.exe
2014-08-12 21:10 - 2014-08-12 21:10 - 00001116 _____ () C:\Users\kindl_000\Desktop\JRT.txt
2014-08-12 21:00 - 2014-08-12 21:00 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-12 20:58 - 2014-08-12 20:58 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT (1).exe
2014-08-12 20:56 - 2014-08-12 20:56 - 01016261 _____ (Thisisu) C:\Users\kindl_000\Downloads\JRT.exe.0yln48p.partial
2014-08-09 19:51 - 2014-08-09 19:51 - 01222144 _____ () C:\Users\kindl_000\Downloads\RSITx64.exe
2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\rsit
2014-08-09 19:51 - 2014-08-09 19:51 - 00000000 ____D () C:\Program Files\trend micro
C:\Users\kindl_000\IP_Log_Data.js
C:\Users\kindl_000\Network_Meter_Data.js

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

Hosts:
Reboot:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Windows\CurrentVersion\Run\\icq => value deleted successfully.
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value deleted successfully.
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value deleted successfully.
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value deleted successfully.
HKU\S-1-5-21-1039541098-394477440-1502229893-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks => value deleted successfully.
"C:\Program Files" => Value Data removed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
"HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\kindl_000\Desktop\FRST.txt => Moved successfully.
C:\Users\kindl_000\Downloads\FRST64 (2).exe => Moved successfully.
C:\Users\kindl_000\Downloads\FRST64 (1).exe => Moved successfully.
C:\WINDOWS\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\kindl_000\Desktop\zoek.exe => Moved successfully.
C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job => Moved successfully.
C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job => Moved successfully.
C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7 => Moved successfully.
C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\kindl_000\Downloads\adwcleaner_3.304.exe => Moved successfully.
C:\Users\kindl_000\Desktop\JRT.txt => Moved successfully.
C:\WINDOWS\ERUNT => Moved successfully.
C:\Users\kindl_000\Downloads\JRT (1).exe => Moved successfully.
C:\Users\kindl_000\Downloads\JRT.exe.0yln48p.partial => Moved successfully.
C:\Users\kindl_000\Downloads\RSITx64.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\kindl_000\IP_Log_Data.js => Moved successfully.
C:\Users\kindl_000\Network_Meter_Data.js => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 28a00c95-8041-4955-bab0-2fab984f03a7.job not found.
C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 321ec786-f979-40f5-a753-dca58511cefb.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.


The system needed a reboot.

==== End of Fixlog ====

[vyosek]

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

[postak4]

Tak jsem provedl Váš postup a zjistil jsem, že nejdou spustit metro appky. Nevíte jak restartovat jen metro aplikace, protože ostatní aplikace s klasickou instalací jedou. Děkuji jinak za pomoc !!!

[vyosek]

Toto me ani nenapada, co by to mohlo zpusobit...zkuste podporu mcirosoftu, urcite na to maji nejaky HotFix