Kontrola logu - delta-search

Zpráva

Hryzon · #1 Příspěvek od **Hryzon** » 01 zář 2013 19:53

Dobrý večer, prosím o kontrolu logu. Začala mi při spuštění Mozzily nabíhat stránka delta-search...

Tady je log RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavla at 2013-09-01 20:36:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 225 GB (77%) free of 292 GB
Total RAM: 3001 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:41:39, on 1.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\trend micro\Pavla.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com/?babsrc=HP ... 1&tsp=4992
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{C9683CBD-4E3A-4C70-9858-85AA0B824AB0}: NameServer = 192.168.0.100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14011 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe"
"taskhost.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2992
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\WindowsMobile\wmdc.exe"
"C:\Windows\System32\hkcmd.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
C:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4500.10e82300.1459197144 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4500 "\\.\pipe\gecko-crash-server-pipe.4500" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash972.6F67A550.26163 --host-broker-channel=Flash972.6F67A550.10802 --host-pid=972 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=4708.0018F640.1286230965 --proxy-stub-channel=Flash972.6F67A550.26163 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
"taskhost.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Pavla\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\RMSchedule.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll [2011-09-09 3561824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-08-22 346736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14 6307960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll [2010-09-12 317496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG10\avgssie.dll [2011-09-09 2276704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-30 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-22 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-12 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-22 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-30 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2009-08-22 346736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-22 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-07 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-19 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-30 200704]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 159232]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 380928]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 358912]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-22 39408]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21 19875432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-21 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-08-01 128296]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-08-05 181480]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\ssmmgr.exe [2009-08-15 614400]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-01-04 103896]
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2012-08-01 2345592]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-09-01 20:36:19 ----D---- C:\Program Files\trend micro
2013-09-01 20:36:18 ----D---- C:\rsit
2013-09-01 20:18:40 ----D---- C:\Program Files\GridinSoft Trojan Killer
2013-09-01 10:22:35 ----D---- C:\Users\Pavla\AppData\Roaming\SeeSimilar02
2013-09-01 10:22:18 ----D---- C:\Users\Pavla\AppData\Roaming\PerformerSoft
2013-09-01 10:22:16 ----A---- C:\Windows\system32\roboot64.exe
2013-09-01 10:22:01 ----D---- C:\Users\Pavla\AppData\Roaming\SpeedAnalysis3
2013-09-01 10:21:54 ----D---- C:\Users\Pavla\AppData\Roaming\7go
2013-09-01 10:21:53 ----D---- C:\Users\Pavla\AppData\Roaming\Babylon
2013-09-01 10:21:53 ----D---- C:\ProgramData\Babylon
2013-09-01 10:21:51 ----D---- C:\ProgramData\IBUpdaterService
2013-09-01 10:21:46 ----D---- C:\Users\Pavla\AppData\Roaming\File Scout
2013-08-30 16:55:20 ----A---- C:\Windows\system32\drivers\gtkdrv.sys
2013-08-17 07:57:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-14 22:36:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-08-14 22:36:27 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 22:36:26 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-08-14 22:36:26 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-08-14 22:36:26 ----A---- C:\Windows\system32\iesetup.dll
2013-08-14 22:36:26 ----A---- C:\Windows\system32\iernonce.dll
2013-08-14 22:36:25 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-08-14 22:36:25 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-08-14 22:36:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:36:25 ----A---- C:\Windows\system32\iesysprep.dll
2013-08-14 22:36:25 ----A---- C:\Windows\system32\ie4uinit.exe
2013-08-14 22:36:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-08-14 22:36:24 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 22:36:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-08-14 22:36:22 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 22:36:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-08-14 22:36:21 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 22:36:21 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 22:36:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-08-14 22:36:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-08-14 22:36:18 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 22:36:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-08-14 22:36:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-08-14 22:36:17 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 22:36:16 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 22:36:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-08-14 22:36:13 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 22:36:12 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 22:36:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-08-14 22:28:39 ----D---- C:\Windows\system32\MRT
2013-08-14 21:02:56 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-08-14 21:02:56 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 21:02:55 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-08-14 21:02:55 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-08-14 21:02:55 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-08-14 21:02:55 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 21:02:55 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 21:02:55 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-14 21:02:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-08-14 21:02:39 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 21:02:28 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-14 21:02:27 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-08-14 21:02:26 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 21:02:25 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-08-14 21:02:22 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-08-14 21:02:21 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-08-14 21:02:21 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 21:02:20 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-08-14 21:02:20 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 21:02:19 ----A---- C:\Windows\system32\wow64.dll
2013-08-14 21:02:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-08-14 21:02:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-08-14 21:02:14 ----A---- C:\Windows\SYSWOW64\user.exe
2013-08-14 21:02:14 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-08-14 21:02:14 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-08-14 21:02:11 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-14 21:02:09 ----A---- C:\Windows\system32\drivers\tcpip.sys

======List of files/folders modified in the last 1 months======

2013-09-01 20:36:19 ----RD---- C:\Program Files
2013-09-01 20:35:48 ----D---- C:\Windows\Temp
2013-09-01 20:28:01 ----D---- C:\Users\Pavla\AppData\Roaming\Skype
2013-09-01 20:18:50 ----D---- C:\Windows\system32\drivers
2013-09-01 20:18:41 ----D---- C:\Windows\Prefetch
2013-09-01 19:33:43 ----D---- C:\Windows\system32\config
2013-09-01 19:23:44 ----D---- C:\Windows\Microsoft.NET
2013-09-01 19:23:39 ----RSD---- C:\Windows\assembly
2013-09-01 19:18:47 ----AD---- C:\ProgramData\Temp
2013-09-01 19:17:50 ----D---- C:\Windows\SysWOW64
2013-09-01 19:06:35 ----D---- C:\Windows\winsxs
2013-09-01 19:05:57 ----SHD---- C:\Windows\Installer
2013-09-01 19:05:57 ----SHD---- C:\Config.Msi
2013-09-01 19:04:26 ----D---- C:\Windows\System32
2013-09-01 19:04:26 ----D---- C:\Windows\inf
2013-09-01 19:04:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-09-01 19:02:17 ----SHD---- C:\System Volume Information
2013-09-01 18:48:45 ----D---- C:\Windows
2013-09-01 18:40:07 ----RD---- C:\Program Files (x86)
2013-09-01 18:39:44 ----D---- C:\Windows\system32\Tasks
2013-09-01 18:39:42 ----D---- C:\Windows\Tasks
2013-09-01 10:21:53 ----HD---- C:\ProgramData
2013-09-01 10:08:19 ----D---- C:\Windows\system32\catroot
2013-09-01 10:06:33 ----D---- C:\Windows\system32\catroot2
2013-08-24 07:44:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-08-18 11:58:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 08:55:46 ----D---- C:\Windows\rescache
2013-08-15 20:43:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-08-15 20:43:52 ----D---- C:\Windows\system32\cs-CZ
2013-08-15 20:43:49 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-15 20:43:46 ----D---- C:\Program Files\Internet Explorer
2013-08-15 20:43:42 ----D---- C:\Windows\AppPatch
2013-08-14 22:28:30 ----A---- C:\Windows\system32\MRT.exe
2013-08-11 13:07:08 ----D---- C:\ProgramData\Skype
2013-08-11 13:07:04 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2010-07-12 57696]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2012-11-12 312160]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-04-05 377936]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2008-01-10 11576]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-04-07 1208320]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-27 118864]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-19 272432]
R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\Windows\system32\DRIVERS\gtkdrv.sys [2013-08-30 16640]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-06-09 53816]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-02 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-02 21160]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-01-04 793048]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG10\avgfws.exe [2011-03-09 2708024]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-22 182768]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-09 1255736]

-----------------EOF-----------------

Předem díky za odpovědi.

#2 Příspěvek od **vyosek** » 01 zář 2013 19:55

Zdravim

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Spustte tradicne dvouklikem
Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Hryzon · #3 Příspěvek od **Hryzon** » 01 zář 2013 20:17

Zatím posílám logy z Shortcut Cleaner a JRT:

Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Windows Version: Windows 7 Home Premium Service Pack 1
Program started at: 09/01/2013 09:04:33 PM.

Scanning for registry hijacks:

* No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Pavla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Pavla\Desktop

0 bad shortcuts found.

Program finished at: 09/01/2013 09:04:37 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Home Premium x64
Ran by Pavla on ne 01.09.2013 at 21:07:40,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3528134589-182185040-1577807459-1001\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\rmschedule.job

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\Pavla\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Pavla\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Pavla\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Pavla\AppData\Roaming\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files (x86)\registry mechanic"
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{00BF2C86-0943-4056-A6C5-5D55EF027D85}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{019209EE-8DA1-4AAB-B26D-DF35DE966F99}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{03C4A456-8088-40FF-9AC0-E6C2A72BB80D}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{0789772C-0F5B-427D-A804-BE0A850DAE0A}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{083BC7B7-BC17-4E33-BF5F-BEA7F121C964}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{09DFCBA4-ADD4-434B-9185-7D6C4126C205}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{0C3CA2FF-396F-44D0-93C8-2D61ADFCC9D8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{0FC4AB91-E945-4ABD-AD2E-4E1993A02B5E}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{10AD8024-8199-4DB0-A255-D4302FA93070}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{18022FDE-83A7-43B0-B93A-FE417DA4C378}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1863BDF7-7AA5-466E-87B2-89A7D294CF3F}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1934A3FB-8CAD-40FC-A3B1-7D355ADCC9C3}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1B561C82-8D48-4A18-AB25-8C17224EBA24}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1C6C1C28-F6EB-4871-9334-49059BD7333C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1D2BA910-EB90-40F7-BF8B-670DF1F7BA4F}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1DFCE5E4-DE4B-41B7-94B0-7F258C798899}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1FAA52B1-F7A2-40D9-B75C-2470803C9442}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{1FB8BD9E-BDD5-4923-A651-8F955EF9D99D}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{240526A8-3038-4D5D-8768-0004EAEA694C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{26299BB5-522B-47A1-9C1D-204AFF6AD9A1}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{2D03946D-AF9C-4CA3-A886-B0A978ACB941}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{2D47F16D-E206-4DD8-BF8D-66D440AAADC9}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{2DB1881D-E5D1-41E8-9C23-C92226D97084}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{2E140636-829C-4E03-9F81-915BC1AC6978}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{2EC2731C-E71D-4781-B598-328F49AD2765}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{2FE383E5-4483-43B1-8B49-7A867B49B298}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{304219FE-1607-4B4A-94FA-584C19C43686}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{30AFE6E5-2C91-42D4-9A87-155D3D5F94F2}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{34D31BF4-C22C-44A9-B7A8-34CA9F05DF90}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{35C9AC28-5593-4E3C-8328-E8E60522E11B}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{362C52F8-9686-4BDF-8BC2-5CE7B532280D}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{3795695A-9898-4A9E-AC1E-200F0329C31B}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{37B25F8B-06FD-4F05-BA4F-ECB0E7A55EBC}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{3947E1CA-5A86-4126-98A7-CF58D70FDEFD}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{3ABA3D1B-6D99-4F16-BC8D-C0D9F6C350AD}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{3B6EE172-92C1-4603-B4F6-BDAEE86F6419}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{3BABCD46-AE78-49CC-9762-54C4341724CD}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4068B1D3-AA12-4D47-9ABA-ED36FC7CA9CE}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4237BB90-24B9-4AEE-8649-06CE91BE2AA9}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{43E48031-CCA1-49B4-B45C-FB25B90FC2EF}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{46118A24-0B19-4C81-A9D3-B271A94221C0}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{46B54A4D-6886-437F-A8E0-4076BB467692}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{46D91757-9E8C-4CDA-8C65-DD1EB1BDDA7A}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{49180CBB-D4B3-4B60-ABBC-B524984808DF}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4BDA1BE3-0C67-4EF1-960E-4CD26965CA25}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4C1A870F-33F1-4453-97B6-C31C37E1EF8C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4E98C821-E43A-49B8-818F-E621E2FB4CBF}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4F848A41-E6CE-471F-9E43-5632407A3C5C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{4F93E239-71C2-4135-9F95-DBDC04EECE14}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{50D50E3D-15EF-4C74-81D1-449045152D75}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{5380CECA-AA98-4A79-8E56-A5DFCAFCEDD5}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{56C069D7-75D9-4AE2-B2F2-A7D634B515AB}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{5753045D-846C-404C-AAC2-65FE6BF45869}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{57E995DF-59D3-4FCE-A66E-1483A634A71B}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{596C7C56-34EF-47C1-9C6E-687C65BCC852}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{5A28B955-D839-4BAF-A11F-A2B0B98D4110}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{608B8D5A-AC05-4472-BBF5-E6DFF92CD900}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{630AFE24-63B7-45F8-9103-3D75A658133D}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{6370372D-C278-4D9D-BA98-2B9109C4DC62}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{6374821C-32D5-4435-A4B2-137CB13DED03}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{68768608-6698-4FDE-B538-54721D4E9BA8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{69B74AB8-6250-4ADB-9264-3607028EA672}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{6ACE528E-F822-45F9-9335-94A140E2A892}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{6D2DFFCC-9B89-40E0-A269-CF265405F4AB}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{6DDC5B5A-0375-49C0-B8D8-43E14BCD3A70}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{6F187860-1876-4C54-9D63-970E0D29130F}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{73C434D1-FEDE-4195-940A-5DC578BB0DAE}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{77AD2766-925C-4CE1-B65F-C046157E0332}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{77CD18C8-584A-45F7-948B-512D00B7BEE1}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7948C143-6820-4E76-A610-09A599DD49A7}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7A3738E2-A8CE-4F41-B4B5-1DDE8F1DEA3D}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7AC27668-DD1F-4329-9837-CCF27CC68EC8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7B99A0CC-87CD-4D8F-A5FE-33841E00E050}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7CA861F8-15A6-4A68-A7D2-0F8B935914D0}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7CF00A84-5155-486A-B0C7-59955D5E7DFE}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7E3D2669-CCC2-435A-A73F-39324DAB7F41}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7F4B6ACF-BC7F-4169-8A21-909342A8B569}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7F55A982-1C65-495E-8537-B6599F2E6762}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{7FCB9B33-1295-4982-B9D9-3228DA7B4506}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{80EDF57C-E443-41D2-8DC3-E1218CC49A58}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{81F27F6A-4DDB-4A1F-9918-8F6757D790E9}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{86532BD9-7745-45E8-B13E-E07C0DB21690}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{88D28FFC-16E0-4D57-9D6D-0C94B8A841A4}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{8A72BFCB-7826-4E7B-A096-1A3034E54632}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{8BE6AA92-E319-4E7C-AB51-5ED2D991637E}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{8C0B2877-307C-4674-8B13-F29CE155E6B3}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{8C700645-7006-4069-90F4-45927B07D4FE}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{8FFEB3DA-F5C9-44A3-8342-4D790F3F5D96}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{90D74AAF-5FF8-44C2-9C9F-BA1A6B5A38C8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{922A1DBD-48B7-4692-8FD7-21416365F2B3}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{9553A753-46CB-49BC-BFF1-82C60A71985C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{95A7939A-3E41-41E1-961C-5AFB69D147B8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{9746C2EE-BCD5-44CB-82BC-952B667F719F}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{9892AFF1-FC1C-4804-898F-D33B1967D671}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{9ADA5433-269F-44F8-A854-F865257BD77A}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{9D2143E6-D758-4A81-AD15-97CCF6284394}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{A0386DD5-9C94-4DF1-AD8E-BD70AE094C37}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{A2E3B79E-0D0B-4192-A692-2ED4095078EE}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{A309570A-92C9-431B-82F3-64E7040DE9A7}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{A3292745-CCF6-4058-8102-A88944A9F9A8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{A35F0229-7ACA-4552-873F-4696AEDADADA}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{A9596807-23E4-494B-984E-7CAFF732D2FB}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{ACCF588C-A5CC-46B5-A81A-AAA800E2102F}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{ADDC8F30-C92A-4CB9-94DC-A43C2B2393CB}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B079C082-2BCF-47B4-A91F-1014321846D3}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B086560A-C75C-459D-B564-4BF713B2B1B6}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B3634EBE-CF9C-4453-9FED-8DD477302BA0}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B37AEA94-B4E4-46A8-863A-081C4A40A090}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B3B05E90-250D-49DD-8C4E-ECD3DD23CE57}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B421E3E8-2A65-4489-B842-D304AB066EBC}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{B8B283EA-D9BF-4648-A5E4-1C4FD6581E81}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{BB0FB606-4EA6-4A17-BF3E-A934D1A0DA7E}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{BBA03008-619E-41E3-AD3A-8AB252147D60}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{BE957B4C-F577-4167-9979-DDA328329AD5}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{BF66CC01-7113-4068-8294-730674756BF6}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{C005C3A2-F3E7-45FE-9C7E-F51693AA58F2}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{C0C99B97-DEB9-4F7E-89B8-974473AEDB1B}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{C138637C-DCEF-4943-8818-15B5FCF6E19E}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{C28099B0-6E77-4705-BBC9-9AF226398126}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{C6799EBB-9145-49E0-A164-8660C4961313}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{CA003DDB-0542-4995-AC4F-EA7B42595ADB}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{CA9CEECD-9345-4543-B3CC-7FE25FA91EF6}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{CAFB16A1-F8CA-4210-96EC-ED250FB966E3}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{CDE1562F-2357-42D9-A3EC-BC7A12946E52}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{CED799AA-D81E-48DC-A7CA-8CF2E1C40657}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{CFC166F5-525C-4418-8466-3856956426AF}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D094C160-0055-428B-95C3-85FCFDAFF649}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D170EA8C-F60B-4A38-9B79-B2FC0E72935C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D1B2A571-2066-4428-B96B-B7791EE75800}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D4305B54-9B3E-4C06-B248-93F815A596BB}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D63B081A-4D9E-47BF-BE27-230D56E4562C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D7C7C8CE-A9E4-40D2-B7F9-476EDC16D654}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D7F9462D-9530-4E07-BBFC-4836B28574AD}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{D87047DA-7846-486D-8BC5-6A81141EC932}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{DD904C5F-032C-45F4-80B4-E72F8673E76C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{DDC22B4D-8609-4A31-9280-E79A72D7B7B1}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{DF0A95EE-7827-4A3F-9485-935AD067FAA5}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{E0D39319-2089-4A1C-88DF-AFB9E52EB2C8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{E1FBCC5F-E2B6-473A-ADB5-C1AA8B5BEE0D}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{E4098F14-0FE1-42D4-9A87-FDA3ADE6205E}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{E68BD903-AC67-4CE5-B39C-871F2A2FE7D3}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{EAA87003-B413-4955-8096-8F8F78A1660C}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{EBD973E7-36F3-4B38-AB0C-A80ABF330BFD}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{EC85FC4D-FEA7-4989-80D4-46019ED2DBA8}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{ECFAC3BA-506F-4FFA-9AD3-963BA72E3D44}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{EFDFDEF1-33E1-4B4F-9E38-2EA04AE8B3B7}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{F1FF24D0-5E2B-4DCD-B15C-31EF9DF6AF18}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{F3AE23C3-7F07-4B9C-A266-BA2D5C956F2F}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{F5426EEE-5EE4-45B4-B8E4-D6C82D18147B}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{F62FFFC4-7BE7-4D3B-AE96-2BFDF963B4CC}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{F82EBA9B-E99C-4587-AB0C-F299958DD9F4}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{FA7C94B6-E93D-4259-8FE0-ECDE05772E94}
Successfully deleted: [Empty Folder] C:\Users\Pavla\appdata\local\{FE548CF5-FE43-4FB3-B406-1EEA1BA1A8D0}

~~~ FireFox

Successfully deleted: [Folder] C:\Users\Pavla\AppData\Roaming\mozilla\firefox\profiles\oivyyq21.default\extensions\staged
Successfully deleted the following from C:\Users\Pavla\AppData\Roaming\mozilla\firefox\profiles\oivyyq21.default\prefs.js

user_pref("browser.newtab.url", "hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=A4360017C4B01079&affID=124191&tsp=4992");
Emptied folder: C:\Users\Pavla\AppData\Roaming\mozilla\firefox\profiles\oivyyq21.default\minidumps [569 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 01.09.2013 at 21:15:42,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#4 Příspěvek od **vyosek** » 01 zář 2013 20:30

OK, jeste udelejte AdwCleaner

Hryzon · #5 Příspěvek od **Hryzon** » 01 zář 2013 20:32

Tady je:

# AdwCleaner v3.001 - Report created 01/09/2013 at 21:24:07
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Pavla - PAVLA_ACER
# Running from : C:\Users\Pavla\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Folder Deleted : C:\Users\Pavla\AppData\Local\Temp\boost_interprocess
File Deleted : C:\Windows\System32\roboot64.exe

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\oivyyq21.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [2447 octets] - [01/09/2013 21:20:44]
AdwCleaner[S0].txt - [2386 octets] - [01/09/2013 21:24:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2446 octets] ##########

#6 Příspěvek od **vyosek** » 01 zář 2013 20:34

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

Hryzon · #7 Příspěvek od **Hryzon** » 01 zář 2013 20:39

Ještě z :

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Pavla [Práva správce]
Mód : Kontrola -- Datum : 09/01/2013 21:37:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] {F55C0CF4-2F7A-450B-BB36-42B30A3A7E20} : C:\Users\Pavla\Desktop\install.exe [x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545032B9A300 +++++
--- User ---
[MBR] ecc597a59eb61f468dfa52f904e11495
[BSP] 7f057efe7b86af4364a6ac94e90d6f0d : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 26626048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 26830848 | Size: 292143 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09012013_213725.txt >>

Hryzon · #8 Příspěvek od **Hryzon** » 01 zář 2013 20:40

Na AVG netrvám ...

#9 Příspěvek od **vyosek** » 01 zář 2013 20:42

Avg je spise parodie na antivir

Odinstalujte Avg a pak pouzijte jeste http://download.avg.com/filedir/util/av ... 3_2706.exe

Nainstalujte Avast Free http://www.avast.com/get/gWR5mo92

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

Ulozte nejlepe na Plochu
Spustte tradicne dvouklikem a postupujte dle pokynu utility
Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

Hryzon · #10 Příspěvek od **Hryzon** » 01 zář 2013 22:14

Tak tady je ještě požadovaný log:

Results of screen317's Security Check version 0.99.73
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 25
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.8.800.94
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (23.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
AVAST Software Avast setup avast.setup
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

#11 Příspěvek od **vyosek** » 02 zář 2013 08:06

Odinstalujte Microsoft Security Essentials , je v kolizi s Avastem

Pouzijte jeste pak toto

Poprosim o spusteni nasledujiciho

Aplikace ke stažení:

Po stažení FRSTLauncher spustte, objevi se mozna varovani od antiviru, ignorujte a nechte FRSTL spustit

Následně dojde ke stažení FRST a inicializaci

Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
Dooznačíme položku Addition.txt - viz obrázek.
Klikneme na tlačítko Scan čímž spustíme skenování.
Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

Hryzon · #12 Příspěvek od **Hryzon** » 02 zář 2013 19:54

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-09-2013 05
Ran by Pavla (administrator) on PAVLA_ACER on 02-09-2013 20:43:37
Running from C:\Users\Pavla\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Software602) C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-07] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2008-07-30] ()
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-06] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] - C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-08-15] ()
HKLM-x32\...\Run: [SSDMonitor] - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [103896 2012-01-04] (PC Tools)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Print2PDF Print Monitor] - C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C9683CBD-4E3A-4C70-9858-85AA0B824AB0}: [NameServer]192.168.0.100

FireFox:
========
FF ProfilePath: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\oivyyq21.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler - C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: 7Go Games - C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\oivyyq21.default\Extensions\7go@7go.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-07] (Egis Technology Inc.)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-01-04] (PC Tools)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-09-01] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-09-01] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-09-01] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2013-08-30] (Windows (R) Win 7 DDK provider)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [x]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-09-02 20:41 - 2013-09-02 20:41 - 00000000 ____D C:\Users\Pavla\AppData\Local\qb15BE4F.74
2013-09-02 20:41 - 2013-09-02 17:04 - 01951954 _____ (Farbar) C:\Users\Pavla\Desktop\FRST64.exe
2013-09-02 20:11 - 2013-09-02 20:12 - 00000000 ____D C:\WINSSLog
2013-09-02 20:07 - 2013-09-02 20:07 - 00756776 _____ (Microsoft Corporation) C:\Users\Pavla\Downloads\OneCareCleanUp.exe
2013-09-02 20:05 - 2013-09-02 20:05 - 00008918 _____ C:\FixitRegBackup.reg
2013-09-02 20:03 - 2013-09-02 20:03 - 00806400 _____ C:\Users\Pavla\Downloads\MicrosoftFixit50692.msi
2013-09-01 22:58 - 2013-09-01 22:58 - 00891144 _____ C:\Users\Pavla\Downloads\SecurityCheck(1).exe
2013-09-01 22:57 - 2013-09-02 20:21 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-01 22:57 - 2013-09-01 22:57 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-01 22:57 - 2013-09-01 22:57 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-01 22:57 - 2013-09-01 22:57 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-01 22:57 - 2013-09-01 22:57 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-01 22:57 - 2013-09-01 22:57 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-01 22:57 - 2013-09-01 22:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-01 22:57 - 2013-09-01 22:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-01 22:57 - 2013-09-01 22:57 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-01 22:57 - 2013-05-09 10:59 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-09-01 22:57 - 2013-05-09 10:59 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-09-01 22:57 - 2013-05-09 10:59 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-09-01 22:57 - 2013-05-09 10:59 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-09-01 22:57 - 2013-05-09 10:59 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-09-01 22:57 - 2013-05-09 10:58 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-09-01 22:56 - 2013-09-01 22:56 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-01 22:56 - 2013-05-09 10:58 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-09-01 22:55 - 2013-09-01 22:56 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-01 22:12 - 2013-09-01 22:48 - 117482200 _____ C:\Users\Pavla\Downloads\avast_free_antivirus_setup.exe
2013-09-01 22:06 - 2013-09-01 22:09 - 00541638 _____ C:\Users\Pavla\Downloads\avgremover.log
2013-09-01 22:06 - 2013-09-01 22:06 - 03222280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Pavla\Downloads\avg_remover_stf_x64_2013_2706.exe
2013-09-01 21:52 - 2013-09-01 21:52 - 00891144 _____ C:\Users\Pavla\Downloads\SecurityCheck.exe
2013-09-01 21:34 - 2013-09-01 21:34 - 00913408 _____ C:\Users\Pavla\Downloads\RogueKiller.exe
2013-09-01 21:20 - 2013-09-01 21:24 - 00000000 ____D C:\AdwCleaner
2013-09-01 21:18 - 2013-09-01 21:19 - 00994642 _____ C:\Users\Pavla\Downloads\adwcleaner.exe
2013-09-01 21:07 - 2013-09-01 21:07 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 21:06 - 2013-09-01 21:07 - 01027511 _____ (Thisisu) C:\Users\Pavla\Downloads\JRT.exe
2013-09-01 21:04 - 2013-09-01 21:04 - 00001796 _____ C:\sc-cleaner.txt
2013-09-01 21:01 - 2013-09-01 21:01 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Pavla\Downloads\sc-cleaner.exe
2013-09-01 20:42 - 2013-09-01 23:34 - 00000000 ____D C:\Users\Pavla\Desktop\A_V
2013-09-01 20:36 - 2013-09-01 20:41 - 00000000 ____D C:\rsit
2013-09-01 20:36 - 2013-09-01 20:41 - 00000000 ____D C:\Program Files\trend micro
2013-09-01 20:35 - 2013-09-01 20:35 - 00832273 _____ C:\Users\Pavla\Downloads\RSITx64.exe
2013-09-01 20:18 - 2013-09-01 20:37 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2013-09-01 20:16 - 2013-09-01 20:18 - 49321784 _____ (GridinSoft LLC) C:\Users\Pavla\Downloads\gtk-2.1.8.5-setup.exe
2013-09-01 18:48 - 2013-09-01 22:07 - 00002174 _____ C:\Windows\PFRO.log
2013-09-01 10:22 - 2013-09-01 10:22 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\SpeedAnalysis3
2013-09-01 10:22 - 2013-09-01 10:22 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\SeeSimilar02
2013-09-01 10:21 - 2013-09-01 10:22 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\7go
2013-09-01 10:20 - 2013-09-01 10:20 - 00804672 _____ () C:\Users\Pavla\Downloads\BestCodecsPackSetup.exe
2013-08-30 16:55 - 2013-08-30 16:55 - 00016640 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2013-08-17 07:57 - 2013-08-17 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-14 22:36 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 22:36 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 22:36 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-14 22:36 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 22:36 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-14 22:36 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 22:36 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-14 22:36 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-14 22:36 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-14 22:36 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-14 22:36 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-14 22:36 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-14 22:36 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-14 22:36 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-14 22:28 - 2013-08-14 22:30 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 21:02 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-14 21:02 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-14 21:02 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 21:02 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-14 21:02 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 21:02 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 21:02 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-14 21:02 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 21:02 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 21:02 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 21:02 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 21:02 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 21:02 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-14 21:02 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-14 21:02 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-14 21:02 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-14 21:02 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-14 21:02 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-14 21:02 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-14 21:02 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-14 21:02 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-14 21:02 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-14 21:02 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-14 21:02 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-14 21:02 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-14 21:02 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 21:02 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

2013-09-02 20:43 - 2013-09-02 20:43 - 00000000 ____D C:\FRST
2013-09-02 20:41 - 2013-09-02 20:41 - 00000000 ____D C:\Users\Pavla\AppData\Local\qb15BE4F.74
2013-09-02 20:25 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-02 20:25 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-02 20:22 - 2009-09-28 06:24 - 01726714 _____ C:\Windows\WindowsUpdate.log
2013-09-02 20:21 - 2013-09-01 22:57 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-02 20:18 - 2012-05-27 07:47 - 00034258 _____ C:\Windows\setupact.log
2013-09-02 20:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-02 20:12 - 2013-09-02 20:11 - 00000000 ____D C:\WINSSLog
2013-09-02 20:07 - 2013-09-02 20:07 - 00756776 _____ (Microsoft Corporation) C:\Users\Pavla\Downloads\OneCareCleanUp.exe
2013-09-02 20:05 - 2013-09-02 20:05 - 00008918 _____ C:\FixitRegBackup.reg
2013-09-02 20:03 - 2013-09-02 20:03 - 00806400 _____ C:\Users\Pavla\Downloads\MicrosoftFixit50692.msi
2013-09-02 20:02 - 2011-03-12 12:11 - 00001912 _____ C:\Windows\epplauncher.mif
2013-09-02 19:56 - 2009-09-28 07:11 - 00631526 _____ C:\Windows\system32\perfh005.dat
2013-09-02 19:56 - 2009-09-28 07:11 - 00122148 _____ C:\Windows\system32\perfc005.dat
2013-09-02 19:56 - 2009-07-14 07:13 - 01470298 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-02 19:54 - 2009-11-02 18:30 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\Skype
2013-09-02 17:04 - 2013-09-02 20:41 - 01951954 _____ (Farbar) C:\Users\Pavla\Desktop\FRST64.exe
2013-09-01 23:34 - 2013-09-01 20:42 - 00000000 ____D C:\Users\Pavla\Desktop\A_V
2013-09-01 22:58 - 2013-09-01 22:58 - 00891144 _____ C:\Users\Pavla\Downloads\SecurityCheck(1).exe
2013-09-01 22:57 - 2013-09-01 22:57 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-09-01 22:57 - 2013-09-01 22:57 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-09-01 22:57 - 2013-09-01 22:57 - 00189936 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-09-01 22:57 - 2013-09-01 22:57 - 00001926 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-09-01 22:57 - 2013-09-01 22:57 - 00000175 _____ C:\Windows\system32\Drivers\aswVmm.sys.sum
2013-09-01 22:57 - 2013-09-01 22:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
2013-09-01 22:57 - 2013-09-01 22:57 - 00000175 _____ C:\Windows\system32\Drivers\aswSnx.sys.sum
2013-09-01 22:57 - 2013-09-01 22:57 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-01 22:56 - 2013-09-01 22:56 - 00000000 ____D C:\Program Files\AVAST Software
2013-09-01 22:56 - 2013-09-01 22:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-09-01 22:48 - 2013-09-01 22:12 - 117482200 _____ C:\Users\Pavla\Downloads\avast_free_antivirus_setup.exe
2013-09-01 22:09 - 2013-09-01 22:06 - 00541638 _____ C:\Users\Pavla\Downloads\avgremover.log
2013-09-01 22:07 - 2013-09-01 18:48 - 00002174 _____ C:\Windows\PFRO.log
2013-09-01 22:06 - 2013-09-01 22:06 - 03222280 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Pavla\Downloads\avg_remover_stf_x64_2013_2706.exe
2013-09-01 21:52 - 2013-09-01 21:52 - 00891144 _____ C:\Users\Pavla\Downloads\SecurityCheck.exe
2013-09-01 21:34 - 2013-09-01 21:34 - 00913408 _____ C:\Users\Pavla\Downloads\RogueKiller.exe
2013-09-01 21:24 - 2013-09-01 21:20 - 00000000 ____D C:\AdwCleaner
2013-09-01 21:19 - 2013-09-01 21:18 - 00994642 _____ C:\Users\Pavla\Downloads\adwcleaner.exe
2013-09-01 21:07 - 2013-09-01 21:07 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 21:07 - 2013-09-01 21:06 - 01027511 _____ (Thisisu) C:\Users\Pavla\Downloads\JRT.exe
2013-09-01 21:04 - 2013-09-01 21:04 - 00001796 _____ C:\sc-cleaner.txt
2013-09-01 21:01 - 2013-09-01 21:01 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Pavla\Downloads\sc-cleaner.exe
2013-09-01 20:41 - 2013-09-01 20:36 - 00000000 ____D C:\rsit
2013-09-01 20:41 - 2013-09-01 20:36 - 00000000 ____D C:\Program Files\trend micro
2013-09-01 20:37 - 2013-09-01 20:18 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2013-09-01 20:35 - 2013-09-01 20:35 - 00832273 _____ C:\Users\Pavla\Downloads\RSITx64.exe
2013-09-01 20:18 - 2013-09-01 20:16 - 49321784 _____ (GridinSoft LLC) C:\Users\Pavla\Downloads\gtk-2.1.8.5-setup.exe
2013-09-01 19:00 - 2013-05-02 19:00 - 00000392 _____ C:\Windows\SysWOW64\AppLog.log
2013-09-01 10:22 - 2013-09-01 10:22 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\SpeedAnalysis3
2013-09-01 10:22 - 2013-09-01 10:22 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\SeeSimilar02
2013-09-01 10:22 - 2013-09-01 10:21 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\7go
2013-09-01 10:20 - 2013-09-01 10:20 - 00804672 _____ () C:\Users\Pavla\Downloads\BestCodecsPackSetup.exe
2013-08-30 16:55 - 2013-08-30 16:55 - 00016640 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2013-08-26 19:09 - 2012-02-16 18:16 - 00000000 ____D C:\Users\Pavla\Desktop\PŘIZNÁNÍ XML
2013-08-24 07:44 - 2012-04-15 08:33 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-24 07:44 - 2011-10-24 18:43 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-18 20:51 - 2012-06-24 20:28 - 00000000 ____D C:\Users\Pavla\FOTKY
2013-08-18 11:58 - 2013-05-25 13:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-17 08:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-17 07:57 - 2013-08-17 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-14 22:30 - 2013-08-14 22:28 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 22:28 - 2009-10-25 22:27 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-11 13:07 - 2009-11-02 18:30 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-11 13:07 - 2009-11-02 18:30 - 00000000 ____D C:\ProgramData\Skype

Files to move or delete:
====================
C:\Users\Pavla\wrar401cz.exe
C:\Users\Pavla\AppData\Local\Temp\11.0.0.302_RM_Adobe_219.exe
C:\Users\Pavla\AppData\Local\Temp\contentDATs.exe
C:\Users\Pavla\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pavla\AppData\Local\Temp\i4jdel1.exe
C:\Users\Pavla\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Pavla\AppData\Local\Temp\Quarantine.exe
C:\Users\Pavla\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Pavla\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pavla\AppData\Local\Temp\Stormware\Pohoda\{F8B29DBD-4327-4C9D-94DF-419E61AC175E}\Setup.exe
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\DownloadManagerAPI.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\DownloadManagerWrapper.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\htmlayout.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\InnoHelpers.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\InnoSelfProtect.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\install.exe
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\InstallWrapper.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\PCTUI.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\tiscript.dll
C:\Users\Pavla\AppData\Local\Temp\PC Tools Download Manager\lang\English.dll
C:\Users\Pavla\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Pavla\AppData\Local\Temp\Fixit\DeleteAclKey.exe
C:\Users\Pavla\AppData\Local\Temp\FileUpds\PhDB.dll
C:\Users\Pavla\AppData\Local\Temp\FileUpds\PhPZD.dll
C:\Users\Pavla\AppData\Local\Temp\FileUpds\StwBank.dll
C:\Users\Pavla\AppData\Local\Temp\FileUpds\StwHw.dll
C:\Users\Pavla\AppData\Local\Temp\FileUpds\StwPh.exe
C:\Users\Pavla\AppData\Local\Temp\FileUpds\StwPhCZ.dll
C:\Users\Pavla\AppData\Local\Temp\DF4668C6-BAB0-7891-A964-985A1C1FB66C\Setup.exe
C:\Users\Pavla\AppData\Local\Temp\DF4668C6-BAB0-7891-A964-985A1C1FB66C\sqlite3.dll
C:\Users\Pavla\AppData\Local\Temp\DF4668C6-BAB0-7891-A964-985A1C1FB66C\Latest\IEHelper.dll
C:\Users\Pavla\AppData\Local\Temp\DF4668C6-BAB0-7891-A964-985A1C1FB66C\Latest\Setup.exe
C:\Users\Pavla\AppData\Local\Temp\DF4668C6-BAB0-7891-A964-985A1C1FB66C\Latest\sqlite3.dll
C:\Users\Pavla\AppData\Local\Temp\d55709be4c1a401e8ed2191c86fc76f8\extfuncs.dll
C:\Users\Pavla\AppData\Local\Temp\d55709be4c1a401e8ed2191c86fc76f8\netplugin.dll
C:\Users\Pavla\AppData\Local\Temp\d55709be4c1a401e8ed2191c86fc76f8\netshim.dll
C:\Users\Pavla\AppData\Local\Temp\d55709be4c1a401e8ed2191c86fc76f8\xshim.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Scheduled Tasks (whitelisted) ===========

==================== Supplementary Scan (All) ================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000005
"ConsentPromptBehaviorUser"=dword:00000003
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableUIADesktopToggle"=dword:00000000
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=dword:00000001
"NoActiveDesktopChanges"=dword:00000001
"ForceActiveDesktopOn"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"msacm.msadpcm"="msadp32.acm"
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.i420"="iyuv_32.dll"
"VIDC.YVU9"="tsbyuv.dll"
"msacm.l3acm"="C:\\Windows\\System32\\l3codeca.acm"
"MSVideo8"="VfWWDM32.dll"
"wave1"="wdmaud.drv"
"midi1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"aux1"="wdmaud.drv"
"wave2"="wdmaud.drv"
"midi2"="wdmaud.drv"
"mixer2"="wdmaud.drv"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"

==================== Drive and Memory info ===================

Drive c: (ACER) (Fixed) (Total:285.3 GB) (Free:223.3 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Available physical RAM: 1684.37 MB
Total physical RAM: 3000.93 MB
Percentage of memory in use: 43%

LastRegBack: 2013-09-01 12:49

==================== End Of Log ==============================

#13 Příspěvek od **vyosek** » 03 zář 2013 05:32

Odinstalujte McAfee Security Scan, muze kolidovat s Avastem

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-08-15] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Print2PDF Print Monitor] - C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File

S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)

C:\Program Files (x86)\McAfee Security Scan
2013-09-01 21:04 - 2013-09-01 21:04 - 00001796 _____ C:\sc-cleaner.txt
2013-09-01 21:01 - 2013-09-01 21:01 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Pavla\Downloads\sc-cleaner.exe
2013-09-01 20:37 - 2013-09-01 20:18 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2013-09-01 20:18 - 2013-09-01 20:16 - 49321784 _____ (GridinSoft LLC) C:\Users\Pavla\Downloads\gtk-2.1.8.5-setup.exe
C:\Users\Pavla\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pavla\AppData\Local\Temp\i4jdel1.exe

Hosts:
CMD: shutdown /r /f /t 2
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Hryzon · #14 Příspěvek od **Hryzon** » 03 zář 2013 20:25

Omlouvám se, dostanu se k tomu vždy až večer, tady je log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2013 03
Ran by Pavla at 2013-09-03 21:10:22 Run:1
Running from C:\Users\Pavla\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-08-22] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKLM-x32\...\Run: [PlayMovie] - C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-08-05] (Acer Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] - C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-08-15] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-03-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Print2PDF Print Monitor] - C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [220992 2011-10-04] (Software602)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - No File
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - No File

S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)

C:\Program Files (x86)\McAfee Security Scan
2013-09-01 21:04 - 2013-09-01 21:04 - 00001796 _____ C:\sc-cleaner.txt
2013-09-01 21:01 - 2013-09-01 21:01 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Pavla\Downloads\sc-cleaner.exe
2013-09-01 20:37 - 2013-09-01 20:18 - 00000000 ____D C:\Program Files\GridinSoft Trojan Killer
2013-09-01 20:18 - 2013-09-01 20:16 - 49321784 _____ (GridinSoft LLC) C:\Users\Pavla\Downloads\gtk-2.1.8.5-setup.exe
C:\Users\Pavla\AppData\Local\Temp\i4jdel0.exe
C:\Users\Pavla\AppData\Local\Temp\i4jdel1.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktop => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoActiveDesktopChanges => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\PlayMovie => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Samsung PanelMgr => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Print2PDF Print Monitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found.
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk => Moved successfully.
C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE => Moved successfully.
HKCR\PROTOCOLS\Handler\http\0x00000001 => Key deleted successfully.
HKCR\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} => Key not found.
HKCR\PROTOCOLS\Handler\http\oledb => Key deleted successfully.
HKCR\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} => Key not found.
HKCR\PROTOCOLS\Handler\https\0x00000001 => Key deleted successfully.
HKCR\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} => Key not found.
HKCR\PROTOCOLS\Handler\https\oledb => Key deleted successfully.
HKCR\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} => Key not found.
HKCR\PROTOCOLS\Handler\msdaipp\0x00000001 => Key deleted successfully.
HKCR\CLSID\{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} => Key not found.
HKCR\PROTOCOLS\Handler\msdaipp\oledb => Key deleted successfully.
HKCR\CLSID\{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} => Key not found.
McComponentHostService => Service not found.
"C:\Program Files (x86)\McAfee Security Scan" => File/Directory not found.
C:\sc-cleaner.txt => Moved successfully.
C:\Users\Pavla\Downloads\sc-cleaner.exe => Moved successfully.
C:\Program Files\GridinSoft Trojan Killer => Moved successfully.
C:\Users\Pavla\Downloads\gtk-2.1.8.5-setup.exe => Moved successfully.
C:\Users\Pavla\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
C:\Users\Pavla\AppData\Local\Temp\i4jdel1.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

==== End of Fixlog ====

#15 Příspěvek od **vyosek** » 03 zář 2013 20:35

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Kontrola logu - delta-search

Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search

Re: Kontrola logu - delta-search