Prosím o kontrolu.Děkuji.

Zpráva

saltao · #1 Příspěvek od **saltao** » 01 lis 2013 18:03

Logfile of random's system information tool 1.08 (written by random/random)
Run by pc at 2013-11-01 18:00:23
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 2 GB (5%) free of 40 GB
Total RAM: 3984 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:00:54, on 1.11.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal

Running processes:
E:\Kalendar\kalendar.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://safesearchr.lavasoft.com/?source ... 521D90EFE5
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Kalendar] E:\Kalendar\kalendar.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslive) (bonanzadealslive) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: SluA3ba BonanzaDealsLive (bonanzadealslivem) (bonanzadealslivem) - BonanzaDeals - C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\sua.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9555 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000005f4
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
"C:\Program Files (x86)\Secunia\PSI\sua.exe" --start-service
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-41380108-fefc-4eb2-8305-0f3768b2f071 -SystemEventPortName:HostProcess-481fe8f4-89c7-4673-aa36-908ce9780fe3 -IoCancelEventPortName:HostProcess-b99983b0-c110-41fb-836b-8e57d4a3d4c4 -NonStateChangingEventPortName:HostProcess-0a5fab9d-00db-4ca2-b9d1-9d8cb1a22043 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f92a8d12-01a5-45d3-ba25-74c40f1bf09e -DeviceGroupId:WpdFsGroup
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"E:\Kalendar\kalendar.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"E:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
C:\Windows\tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2013-10-23 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-10-23 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fe063412-bea4-4d76-8ed3-183be6220d17}]
BonanzaDeals - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll [2013-08-21 100336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2013-10-23 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-10-23 12240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"Kalendar"=E:\Kalendar\kalendar.exe [2005-11-09 580608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection]
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-23 1673680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-10-28 347192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-08-09 5263504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-08-25 398656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-08-25 170304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2012-08-25 441152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection]
C:\ProgramData\Search Protection\_run.bat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-12-08 774144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-20 291648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
C:\PROGRA~2\Secunia\PSI\psi_tray.exe [2013-10-14 565464]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2013-10-28 347192]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-10-23 1673680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-24 441856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-11-01 18:00:23 ----D---- C:\rsit
2013-11-01 18:00:23 ----D---- C:\Program Files\trend micro
2013-10-31 14:09:50 ----D---- C:\Users\pc\AppData\Roaming\DVD Flick
2013-10-31 14:09:36 ----A---- C:\Windows\SYSWOW64\ssubtmr6.dll
2013-10-31 14:06:32 ----D---- C:\ProgramData\BonanzaDealsLive
2013-10-31 14:06:32 ----D---- C:\Program Files (x86)\BonanzaDealsLive
2013-10-31 14:06:30 ----D---- C:\Program Files (x86)\BonanzaDeals
2013-10-31 08:41:29 ----D---- C:\ProgramData\Win7codecs
2013-10-30 19:37:21 ----D---- C:\Program Files (x86)\HandyUpdater
2013-10-30 19:01:31 ----D---- C:\ProgramData\GFI Software
2013-10-29 17:46:37 ----A---- C:\Windows\SYSWOW64\sipr3260.dll
2013-10-29 17:46:37 ----A---- C:\Windows\SYSWOW64\Pncrt.dll
2013-10-29 17:46:37 ----A---- C:\Windows\SYSWOW64\drv43260.dll
2013-10-29 17:46:37 ----A---- C:\Windows\SYSWOW64\drv33260.dll
2013-10-29 17:46:37 ----A---- C:\Windows\SYSWOW64\drv23260.dll
2013-10-29 17:46:37 ----A---- C:\Windows\SYSWOW64\cook3260.dll
2013-10-29 17:46:36 ----A---- C:\Windows\SYSWOW64\wvc1dmod.dll
2013-10-29 17:46:36 ----A---- C:\Windows\SYSWOW64\vp7vfw.dll
2013-10-29 16:16:08 ----D---- C:\Users\pc\AppData\Roaming\dvdcss
2013-10-29 14:45:44 ----D---- C:\ProgramData\vsosdk
2013-10-29 07:46:16 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2013-10-28 20:11:59 ----D---- C:\Users\pc\AppData\Roaming\Avira
2013-10-28 20:11:00 ----D---- C:\ProgramData\AskPartnerNetwork
2013-10-28 20:11:00 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2013-10-28 20:09:48 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2013-10-28 20:09:48 ----A---- C:\Windows\system32\drivers\avipbb.sys
2013-10-28 20:09:48 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2013-10-27 20:49:35 ----D---- C:\Windows\system32\appmgmt
2013-10-27 20:13:58 ----A---- C:\autoexec.bat
2013-10-27 20:12:32 ----D---- C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-25 16:55:24 ----D---- C:\Users\pc\AppData\Roaming\Nico Mak Computing
2013-10-25 16:55:19 ----D---- C:\Program Files (x86)\WinZip Registry Optimizer
2013-10-21 11:02:39 ----D---- C:\Users\pc\AppData\Roaming\Nero
2013-10-21 11:00:51 ----D---- C:\ProgramData\Nero
2013-10-21 10:02:08 ----D---- C:\ProgramData\Freemake
2013-10-21 09:44:35 ----D---- C:\Users\pc\AppData\Roaming\Vso
2013-10-21 09:44:35 ----A---- C:\Windows\system32\drivers\pcouffin.sys
2013-10-21 09:44:35 ----A---- C:\Users\pc\AppData\Roaming\pcouffin.sys
2013-10-21 09:44:35 ----A---- C:\Users\pc\AppData\Roaming\inst.exe
2013-10-21 09:44:27 ----D---- C:\Program Files (x86)\vso
2013-10-21 09:44:21 ----D---- C:\ProgramData\VSO
2013-10-20 17:38:56 ----D---- C:\Windows\pss
2013-10-20 12:25:51 ----D---- C:\Program Files (x86)\Secunia
2013-10-18 15:59:37 ----D---- C:\Users\pc\AppData\Roaming\vlc
2013-10-18 07:29:09 ----D---- C:\ProgramData\Oracle
2013-10-18 07:28:59 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-10-18 07:28:54 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-10-18 07:28:54 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-10-18 07:28:54 ----A---- C:\Windows\SYSWOW64\java.exe
2013-10-18 07:28:47 ----D---- C:\Program Files (x86)\Java
2013-10-18 07:20:48 ----D---- C:\Program Files (x86)\Google
2013-10-17 16:22:14 ----D---- C:\Program Files (x86)\Adobe
2013-10-17 16:22:06 ----D---- C:\ProgramData\Adobe
2013-10-16 15:46:50 ----D---- C:\ProgramData\Ad-Aware Antivirus
2013-10-16 15:24:17 ----D---- C:\TEMP
2013-10-16 15:05:28 ----D---- C:\Users\pc\AppData\Roaming\WinRAR
2013-10-16 15:02:48 ----D---- C:\Users\pc\AppData\Roaming\GHISLER
2013-10-16 14:37:03 ----D---- C:\Users\pc\AppData\Roaming\Macromedia
2013-10-16 14:37:03 ----D---- C:\Users\pc\AppData\Roaming\Adobe
2013-10-16 14:31:47 ----D---- C:\Users\pc\AppData\Roaming\Foxit Software
2013-10-14 11:04:42 ----A---- C:\Windows\system32\drivers\psi_mf_amd64.sys
2013-10-11 15:55:28 ----D---- C:\Program Files (x86)\DirectVobSub
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039whnt.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039wh.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039unic.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039obex.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039nd5.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039mgmt.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039mdm.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039mdfl.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039cr.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039cmnt.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039cm.sys
2013-10-11 08:33:46 ----A---- C:\Windows\system32\drivers\s1039bus.sys
2013-10-11 08:33:42 ----D---- C:\ProgramData\Sony Ericsson
2013-10-11 08:33:42 ----D---- C:\Program Files (x86)\Sony Ericsson
2013-10-11 02:08:57 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-11 02:08:57 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 02:08:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-11 02:08:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-11 02:08:55 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 02:08:55 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 02:08:54 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-11 02:08:54 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-11 02:08:54 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 02:08:53 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 02:08:53 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 02:08:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-11 02:08:51 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 02:08:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-11 02:08:50 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 02:08:49 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-11 02:08:49 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 02:08:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-11 02:08:48 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 02:08:47 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-11 02:08:47 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 02:08:46 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 02:08:45 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-11 02:08:45 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-11 02:08:44 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-11 02:08:44 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 02:08:42 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 02:08:41 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 02:08:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-10 21:51:34 ----A---- C:\Windows\system32\comctl32.dll
2013-10-10 21:51:33 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-10 21:51:31 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-10 21:51:30 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-10 21:51:30 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-10 21:51:30 ----A---- C:\Windows\system32\lpk.dll
2013-10-10 21:51:30 ----A---- C:\Windows\system32\dciman32.dll
2013-10-10 21:51:30 ----A---- C:\Windows\system32\atmfd.dll
2013-10-10 21:51:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-10 21:51:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-10 21:51:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-10 21:51:29 ----A---- C:\Windows\system32\fontsub.dll
2013-10-10 21:51:29 ----A---- C:\Windows\system32\atmlib.dll
2013-10-10 21:51:28 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-10 21:51:27 ----A---- C:\Windows\system32\drivers\USBAUDIO.sys
2013-10-10 21:51:26 ----A---- C:\Windows\system32\drivers\usbscan.sys
2013-10-10 21:51:26 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-10 21:51:26 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-10 21:51:24 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-10 21:51:24 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-10 21:51:24 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-10 21:51:24 ----A---- C:\Windows\system32\davclnt.dll
2013-10-10 21:51:23 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-10 21:51:22 ----A---- C:\Windows\system32\mswsock.dll
2013-10-10 21:51:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-10 21:51:22 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-10 21:51:21 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-10 21:51:20 ----A---- C:\Windows\system32\win32k.sys
2013-10-10 21:51:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-10 21:51:15 ----A---- C:\Windows\system32\advapi32.dll
2013-10-10 21:51:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-10 21:51:14 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-10 21:51:14 ----A---- C:\Windows\system32\tdh.dll
2013-10-10 21:51:13 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-10 21:51:13 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-10 21:51:13 ----A---- C:\Windows\system32\ntdll.dll
2013-10-10 21:51:12 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-10 21:51:11 ----A---- C:\Windows\system32\wow64.dll
2013-10-10 21:51:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-10 21:51:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-10 21:51:06 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-10 21:51:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-10 21:51:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-10 21:50:56 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 21:50:56 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 21:50:56 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-10 21:50:55 ----A---- C:\Windows\system32\scavengeui.dll

======List of files/folders modified in the last 1 months======

2013-11-01 18:00:35 ----D---- C:\Windows\Prefetch
2013-11-01 18:00:28 ----D---- C:\Windows\Temp
2013-11-01 18:00:23 ----RD---- C:\Program Files
2013-11-01 17:31:27 ----RD---- C:\Documents
2013-11-01 13:26:41 ----D---- C:\Windows\SysWOW64
2013-11-01 08:14:51 ----SHD---- C:\System Volume Information
2013-11-01 07:40:22 ----D---- C:\Windows\system32\config
2013-11-01 07:30:31 ----D---- C:\Windows\System32
2013-11-01 07:30:31 ----D---- C:\Windows\inf
2013-11-01 07:30:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-11-01 07:28:06 ----A---- C:\Windows\SYSWOW64\log.txt
2013-11-01 07:25:43 ----D---- C:\Windows
2013-10-31 14:06:38 ----SHD---- C:\Windows\Installer
2013-10-31 14:06:36 ----D---- C:\Windows\Tasks
2013-10-31 14:06:36 ----D---- C:\Windows\system32\Tasks
2013-10-31 14:06:32 ----RD---- C:\Program Files (x86)
2013-10-31 14:06:32 ----HD---- C:\ProgramData
2013-10-30 19:29:48 ----D---- C:\Windows\SoftwareDistribution
2013-10-30 19:25:21 ----D---- C:\Windows\SYSWOW64\drivers
2013-10-30 19:25:18 ----D---- C:\Windows\system32\drivers
2013-10-30 19:20:01 ----D---- C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus
2013-10-30 19:16:07 ----SD---- C:\ProgramData\Microsoft
2013-10-30 19:09:18 ----D---- C:\Windows\system32\catroot
2013-10-29 17:47:11 ----D---- C:\Windows\system32\DriverStore
2013-10-28 20:09:47 ----D---- C:\ProgramData\Avira
2013-10-28 20:09:47 ----D---- C:\Program Files (x86)\Avira
2013-10-28 18:19:14 ----D---- C:\Windows\system32\catroot2
2013-10-28 13:19:06 ----SD---- C:\Users\pc\AppData\Roaming\Microsoft
2013-10-27 20:12:31 ----D---- C:\Program Files (x86)\Common Files
2013-10-21 11:00:41 ----D---- C:\Windows\winsxs
2013-10-16 14:27:03 ----D---- C:\Users\pc\AppData\Roaming\Mozilla
2013-10-16 14:13:45 ----RD---- C:\Users
2013-10-16 12:51:43 ----D---- C:\Windows\Panther
2013-10-16 12:51:42 ----D---- C:\Windows\debug
2013-10-11 20:15:27 ----D---- C:\Windows\rescache
2013-10-11 08:34:01 ----D---- C:\Windows\system32\drivers\UMDF
2013-10-11 08:33:42 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-10-11 02:37:32 ----D---- C:\Windows\Microsoft.NET
2013-10-11 02:36:54 ----RSD---- C:\Windows\assembly
2013-10-11 02:28:39 ----A---- C:\Windows\SYSWOW64\ssins.exe
2013-10-11 02:26:44 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-11 02:26:43 ----D---- C:\Program Files\Internet Explorer
2013-10-11 02:26:41 ----D---- C:\Windows\AppPatch
2013-10-11 02:08:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-10-11 02:04:47 ----D---- C:\Windows\system32\MRT
2013-10-11 02:03:43 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 02:00:41 ----D---- C:\Windows\system32\cs-CZ
2013-10-10 18:48:40 ----D---- C:\Program Files (x86)\VideoLAN
2013-10-10 13:00:50 ----D---- C:\Windows\system32\wdi
2013-10-09 17:07:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-09 09:24:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 19264]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2012-10-25 22680]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-10-28 132088]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-28 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-10-28 105344]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2012-10-18 1930240]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2012-08-07 65152]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2012-08-07 88832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-24 9000256]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-07-19 110744]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-02 62784]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2013-10-29 82816]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2013-10-14 18456]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-08-03 2206352]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-05 65640]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2013-10-28 108088]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2013-10-28 84024]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-10-28 815160]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-10-23 166352]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2013-10-14 1228504]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-10-14 660184]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2013-10-11 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-08-03 27792]
S2 bonanzadealslive;SluA3ba BonanzaDealsLive (bonanzadealslive); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-31 148976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 bonanzadealslivem;SluA3ba BonanzaDealsLive (bonanzadealslivem); C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-31 148976]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-25 276288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-18 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-01 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 01 lis 2013 21:27

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

saltao · #3 Příspěvek od **saltao** » 02 lis 2013 09:51

Dobrý den,děkuji za kontrolu a vkládám jeden log.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Professional x64
Ran by pc on so 02.11.2013 at 9:44:08,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2695420397-2242752436-917041406-1000\Software\Microsoft\Internet Explorer\Main\\Start Page

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23119123-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{03119103-0854-469D-807A-171568457991}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\APNSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\pc\appdata\local\iac"
Successfully deleted: [Folder] "C:\Users\pc\appdata\locallow\videodownloadconverter_4z"
Successfully deleted: [Folder] "C:\Program Files (x86)\winzip registry optimizer"

~~~ FireFox

Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml"
Successfully deleted: [File] C:\Users\pc\AppData\Roaming\mozilla\firefox\profiles\gwrsyf2z.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [File] C:\Users\pc\AppData\Roaming\mozilla\firefox\profiles\gwrsyf2z.default\searchplugins\ask-web-search.xml
Successfully deleted the following from C:\Users\pc\AppData\Roaming\mozilla\firefox\profiles\gwrsyf2z.default\prefs.js

user_pref("browser.search.defaultenginename", "Ask Web Search");
user_pref("browser.search.selectedEngine", "Ask Web Search");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.BUTTON_STRUCTURE", "[{\"b\":220255731,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":220255732,\"c\":\"mindspark.enterse
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.savedPrev", "true");
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.savedPrev", "true");
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.startup.homepage.prev", "www.seznam.cz");
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.startup.homepage.savedPrev", "true");
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=DB1EA06E-1D9F-4A24-BE6F-D82C1F666041&n=77fd827f&p2=^H
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.startup.page.savedPrev", 1);
user_pref("extensions.toolbar.mindspark._4zMembers_.browser.startup.page.tb", 1);
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=DB1EA06E-1D9F-4A24-BE6F-D82C1F666041&n=77fd827f&p2=^HJ^xdm007^YYA^cz&si=
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013102719");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm007^YYA^cz");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "CIr00-O-p7oCFU2R3godslIAkg");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "DB1EA06E-1D9F-4A24-BE6F-D82C1F666041");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1382900212881");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastKnownVersion", "5.40.2.30721");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.toolbarCollapsed", false);
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
Emptied folder: C:\Users\pc\AppData\Roaming\mozilla\firefox\profiles\gwrsyf2z.default\minidumps [33 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\pc\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
Successfully deleted: [Folder] C:\Users\pc\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 02.11.2013 at 9:47:55,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

saltao · #4 Příspěvek od **saltao** » 02 lis 2013 09:56

Zasílá druhý log.

# AdwCleaner v3.010 - Report created 02/11/2013 at 09:52:25
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : pc - PC-PC
# Running from : C:\Users\pc\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : bonanzadealslive
[#] Service Deleted : bonanzadealslivem

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\BonanzaDealsLive
Folder Deleted : C:\Users\pc\AppData\Local\BonanzaDealsLive
Folder Deleted : C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\gwrsyf2z.default\VideoDownloadConverter_4z
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
File Deleted : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\BonanzaDealsLiveUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14CEEA2F-3D21-46ED-A7D2-89056C520E5E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1CC8D970-F626-4F19-815F-890032BB6606}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B5E5D0E-7C83-4A32-ADD2-E5F488DD6783}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6802463D-636F-41FE-9924-4CAD56906590}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{944661E7-67B9-4DF7-BFF2-05388C166D34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B71934E5-6B93-448D-9D32-CBAA5150C5D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E970727E-0508-4BEB-8B72-BBA9D0D047C7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF1F869-D2F0-4D31-A877-386C853A9C3D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3CF4912-CF0A-451B-AF3B-C4F216C715E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F904AC50-215C-42AB-A532-77E9FDBA9B19}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33BAF587-9647-4281-A34F-F4830CDC1B9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKCU\Software\BonanzaDealsLive
Key Deleted : HKLM\Software\BonanzaDealsLive
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\gwrsyf2z.default\prefs.js ]

Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.BUTTON_STRUCTURE", "[{\"b\":220255731,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":220255732,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]

[ File : C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\ighco7ac.default\prefs.js ]

Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=58AC6461-6C83-44E4-A44B-11ED86CFEEB9&n=77fd30cf&p2=^AYY^xdm007^YYA^cz&si=COe57LylhrkCFQJ2cAod7lIA[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.installDate", "2013081807");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerId", "^AYY^xdm007^YYA^cz");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId", "COe57LylhrkCFQJ2cAod7lIAfg");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.toolbarId", "58AC6461-6C83-44E4-A44B-11ED86CFEEB9");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1376804808671");
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._8hMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "allin1convert@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [11609 octets] - [02/11/2013 09:52:01]
AdwCleaner[S0].txt - [11699 octets] - [02/11/2013 09:52:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11760 octets] ##########

#5 Příspěvek od **vyosek** » 02 lis 2013 10:15

Poprosim o log dle tohoto navoud http://forum.viry.cz/viewtopic.php?f=30&t=133101

saltao · #6 Příspěvek od **saltao** » 02 lis 2013 10:28

Zasílá požadovaný log.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by pc (administrator) on PC-PC on 02-11-2013 10:25:41
Running from C:\Users\pc\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() E:\Kalendar\kalendar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Kalendar] - E:\Kalendar\kalendar.exe [580608 2005-11-09] ()
MountPoints2: {251e838d-05ca-11e3-8942-806e6f6e6963} - F:\setup.exe
MountPoints2: {50b7bc59-3214-11e3-b00a-94de80728372} - G:\Startme.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-10-28] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\pc\AppData ()
Startup: C:\Users\pc\Contacts ()
Startup: C:\Users\pc\Desktop ()
Startup: C:\Users\pc\Downloads ()
Startup: C:\Users\pc\Favorites ()
Startup: C:\Users\pc\kbpki ()
Startup: C:\Users\pc\Links ()
Startup: C:\Users\pc\Music ()
Startup: C:\Users\pc\NTUSER.DAT ()
Startup: C:\Users\pc\ntuser.dat.LOG1 ()
Startup: C:\Users\pc\ntuser.dat.LOG2 ()
Startup: C:\Users\pc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf ()
Startup: C:\Users\pc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\pc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\pc\NTUSER.DAT{f03a16d3-366e-11e3-b2dc-94de80728372}.TM.blf ()
Startup: C:\Users\pc\NTUSER.DAT{f03a16d3-366e-11e3-b2dc-94de80728372}.TMContainer00000000000000000001.regtrans-ms ()
Startup: C:\Users\pc\NTUSER.DAT{f03a16d3-366e-11e3-b2dc-94de80728372}.TMContainer00000000000000000002.regtrans-ms ()
Startup: C:\Users\pc\ntuser.ini ()
Startup: C:\Users\pc\Pictures ()
Startup: C:\Users\pc\Saved Games ()
Startup: C:\Users\pc\Searches ()
Startup: C:\Users\pc\Videos ()
Startup: C:\Users\Public\Desktop ()
Startup: C:\Users\Public\Documents ()
Startup: C:\Users\Public\Downloads ()
Startup: C:\Users\Public\Favorites ()
Startup: C:\Users\Public\Libraries ()
Startup: C:\Users\Public\Music ()
Startup: C:\Users\Public\Pictures ()
Startup: C:\Users\Public\Recorded TV ()
Startup: C:\Users\Public\Videos ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2210608 2006-10-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\gwrsyf2z.default
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
FF Plugin-x32: @VideoDownloadConverter_ScriptHelper.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter\npVDCPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\pc\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\pc\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-10-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-10-28] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-10-14] (Secunia)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2013-10-11] (PS Media s.r.o.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-10-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-10-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-28] (Avira Operations GmbH & Co. KG)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-10-14] (Secunia)
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2009-11-19] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2009-11-19] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2009-11-19] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2009-11-19] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2009-11-19] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2009-11-19] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2009-11-19] (MCCI Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-02 10:24 - 2013-11-02 10:24 - 00000000 ____D C:\FRST
2013-11-02 10:20 - 2013-11-02 10:20 - 00112128 _____ (forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe
2013-11-02 10:19 - 2013-11-02 10:19 - 01957098 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2013-11-02 09:51 - 2013-11-02 09:52 - 00000000 ____D C:\AdwCleaner
2013-11-02 09:51 - 2013-11-02 09:51 - 01060070 _____ C:\Users\pc\Desktop\adwcleaner.exe
2013-11-02 09:47 - 2013-11-02 09:47 - 00006770 _____ C:\Users\pc\Desktop\JRT.txt
2013-11-02 09:44 - 2013-11-02 09:44 - 00000000 ____D C:\Windows\ERUNT
2013-11-02 09:43 - 2013-11-02 09:43 - 01033335 _____ (Thisisu) C:\Users\pc\Desktop\JRT.exe
2013-11-01 18:00 - 2013-11-01 18:00 - 00000000 ____D C:\rsit
2013-11-01 18:00 - 2013-11-01 18:00 - 00000000 ____D C:\Program Files\trend micro
2013-11-01 07:25 - 2013-11-02 09:53 - 00000112 _____ C:\Windows\setupact.log
2013-11-01 07:25 - 2013-11-01 07:25 - 00000000 _____ C:\Windows\setuperr.log
2013-10-31 14:09 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\Windows\SysWOW64\trayicon_handler.ocx
2013-10-31 14:09 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\Windows\SysWOW64\ssubtmr6.dll
2013-10-30 19:37 - 2013-10-30 19:37 - 00000000 ____D C:\Program Files (x86)\HandyUpdater
2013-10-30 19:23 - 2013-10-30 19:23 - 00001115 _____ C:\Users\pc\Desktop\CCleaner64 – zástupce.lnk
2013-10-30 18:58 - 2013-10-30 18:58 - 00000000 ____D C:\Users\pc\AppData\Local\AskPartnerNetwork
2013-10-29 19:47 - 2013-10-30 08:09 - 104098187 _____ C:\Windows\SysWOW64\꾺및b
2013-10-29 18:49 - 2013-10-29 18:49 - 00003334 _____ C:\Windows\System32\Tasks\{6C975B6D-FC28-42A5-B062-D56A47B47BA8}
2013-10-29 17:59 - 2013-10-29 17:59 - 00003116 _____ C:\Windows\System32\Tasks\{DB53AF35-9EDF-423A-B999-E43981A1361A}
2013-10-29 17:46 - 2013-10-29 17:46 - 00000667 _____ C:\Users\pc\Desktop\ConvertXtoDVD 4.lnk
2013-10-29 17:46 - 2009-09-02 16:41 - 01184984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc1dmod.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00626688 _____ (On2.com) C:\Windows\SysWOW64\vp7vfw.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00273408 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\Pncrt.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00217127 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drv43260.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00208935 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drv33260.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00176165 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drv23260.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00102439 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\sipr3260.dll
2013-10-29 17:46 - 2009-09-02 16:41 - 00065602 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\cook3260.dll
2013-10-29 16:16 - 2013-10-29 16:16 - 00000000 ____D C:\Users\pc\AppData\Roaming\dvdcss
2013-10-29 12:36 - 2013-10-29 18:52 - 00001173 _____ C:\Users\pc\AppData\Roaming\vso_ts_preview.xml
2013-10-29 07:46 - 2013-10-29 07:46 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-28 20:11 - 2013-10-28 20:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Avira
2013-10-28 20:11 - 2013-10-28 20:11 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-10-28 20:10 - 2013-10-28 20:10 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-28 20:09 - 2013-10-28 20:08 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-28 20:09 - 2013-10-28 20:08 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-28 20:09 - 2013-10-28 20:08 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-28 13:23 - 2013-10-28 13:23 - 00000000 ___RD C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-27 20:49 - 2013-10-28 18:46 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-27 20:13 - 2013-10-27 20:13 - 00000000 _____ C:\autoexec.bat
2013-10-27 20:12 - 2013-10-27 20:49 - 00000000 ____D C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-25 16:55 - 2013-10-25 17:04 - 00000000 ____D C:\Users\pc\AppData\Roaming\Nico Mak Computing
2013-10-24 10:29 - 2013-10-24 10:29 - 00019708 _____ C:\Users\pc\Desktop\MojeBanka.htm
2013-10-24 10:29 - 2013-10-24 10:29 - 00000000 ____D C:\Users\pc\Desktop\MojeBanka_files
2013-10-21 11:02 - 2013-10-21 11:13 - 00000000 ____D C:\Users\pc\AppData\Roaming\Nero
2013-10-21 11:01 - 2013-10-27 20:20 - 00001421 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2013-10-21 09:44 - 2013-10-30 14:03 - 00000000 ____D C:\Users\pc\AppData\Roaming\Vso
2013-10-21 09:44 - 2013-10-29 17:47 - 00000034 _____ C:\Users\pc\AppData\Roaming\pcouffin.log
2013-10-21 09:44 - 2013-10-29 17:46 - 00099384 _____ C:\Users\pc\AppData\Roaming\inst.exe
2013-10-21 09:44 - 2013-10-29 17:46 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2013-10-21 09:44 - 2013-10-29 17:46 - 00082816 _____ (VSO Software) C:\Users\pc\AppData\Roaming\pcouffin.sys
2013-10-21 09:44 - 2013-10-29 17:46 - 00007859 _____ C:\Users\pc\AppData\Roaming\pcouffin.cat
2013-10-21 09:44 - 2013-10-29 17:46 - 00000000 ____D C:\Program Files (x86)\vso
2013-10-20 17:38 - 2013-10-21 14:14 - 00000000 ____D C:\Windows\pss
2013-10-20 12:25 - 2013-10-20 12:25 - 00000000 ____D C:\Users\pc\AppData\Local\Secunia PSI
2013-10-20 12:25 - 2013-10-20 12:25 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-18 15:59 - 2013-10-27 14:47 - 00000000 ____D C:\Users\pc\AppData\Roaming\vlc
2013-10-18 15:29 - 2013-10-18 15:29 - 00000456 _____ C:\Users\pc\Desktop\Záloha (E) – zástupce.lnk
2013-10-18 07:28 - 2013-10-18 07:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-18 07:28 - 2013-10-18 07:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-18 07:28 - 2013-10-18 07:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-18 07:28 - 2013-10-18 07:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-18 07:28 - 2013-10-18 07:28 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-18 07:20 - 2013-11-02 10:25 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-18 07:20 - 2013-11-02 09:53 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-18 07:20 - 2013-10-18 07:21 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-18 07:20 - 2013-10-18 07:20 - 00003940 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-18 07:20 - 2013-10-18 07:20 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-18 06:35 - 2013-10-18 06:35 - 00000012 _____ C:\Users\pc\Desktop\FSSC.dat
2013-10-18 06:34 - 2013-10-18 06:34 - 00000000 ____D C:\Users\pc\AppData\Local\Downloaded Installations
2013-10-17 16:22 - 2013-10-17 16:22 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-17 16:22 - 2013-10-17 16:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-17 16:21 - 2013-10-17 16:28 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe
2013-10-16 15:27 - 2013-10-20 11:57 - 00000000 ____D C:\Users\pc\AppData\Local\VirtualStore
2013-10-16 15:26 - 2013-10-16 15:26 - 00000020 ___SH C:\Users\pc\ntuser.ini
2013-10-16 15:26 - 2013-10-16 15:26 - 00000000 ____D C:\Users\pc\AppData\Local\Sony Ericsson
2013-10-16 15:05 - 2013-10-16 15:05 - 00000000 ____D C:\Users\pc\AppData\Roaming\WinRAR
2013-10-16 15:02 - 2013-10-16 15:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\GHISLER
2013-10-16 15:02 - 2013-08-25 21:09 - 00000601 _____ C:\Users\pc\Desktop\Play IGI 2 Covert Strike.lnk
2013-10-16 14:37 - 2013-10-17 16:28 - 00000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2013-10-16 14:37 - 2013-10-16 14:37 - 00000000 ____D C:\Users\pc\AppData\Roaming\Macromedia
2013-10-16 14:37 - 2013-10-16 14:37 - 00000000 ____D C:\Users\pc\AppData\Local\Macromedia
2013-10-16 14:35 - 2013-10-16 14:35 - 00109296 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-16 14:35 - 2013-10-16 14:35 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-16 14:31 - 2013-10-16 14:33 - 00000000 ____D C:\Users\pc\AppData\Roaming\Foxit Software
2013-10-16 14:17 - 2013-10-16 14:17 - 00000359 _____ C:\Users\pc\Desktop\Počítač – zástupce.lnk
2013-10-14 11:04 - 2013-10-14 11:04 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-10-11 15:55 - 2013-10-11 16:01 - 00000000 ____D C:\Program Files (x86)\DirectVobSub
2013-10-11 08:34 - 2013-10-11 08:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-11 08:33 - 2013-10-11 08:33 - 00002264 _____ C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
2013-10-11 08:33 - 2013-10-11 08:33 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson
2013-10-11 08:33 - 2009-11-19 14:06 - 00161904 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039mdm.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00158320 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039unic.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00141424 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039mgmt.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00137328 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039obex.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00127600 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039bus.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00034416 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039nd5.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00019568 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039mdfl.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00015984 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039whnt.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00015984 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039wh.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00015472 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039cmnt.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00015472 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039cm.sys
2013-10-11 08:33 - 2009-11-19 14:06 - 00014960 _____ (MCCI Corporation) C:\Windows\system32\Drivers\s1039cr.sys
2013-10-11 02:08 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-11 02:08 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-11 02:08 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-11 02:08 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 02:08 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 02:08 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 02:08 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 02:08 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 02:08 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 02:08 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-11 02:08 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 02:08 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-10 21:51 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-10 21:51 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-10 21:51 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-10 21:51 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-10 21:51 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-10 21:51 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-10 21:51 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-10 21:51 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-10 21:51 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-10 21:51 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-10 21:51 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-10 21:51 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-10 21:51 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-10 21:51 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-10 21:51 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-10 21:51 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-10 21:51 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-10 21:51 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-10 21:51 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-10 21:51 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-10 21:51 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-10 21:51 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-10 21:51 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-10 21:51 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-10 21:51 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-10 21:51 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-10 21:51 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-10 21:51 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-10 21:51 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-10 21:51 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-10 21:51 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-10 21:51 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-10 21:51 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-10 21:51 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-10 21:51 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-10 21:51 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-10 21:51 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-10 21:51 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-10 21:51 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-10 21:51 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-10 21:51 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-10 21:51 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-10 21:51 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-10 21:50 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-10 21:50 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-10 21:50 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 21:50 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-10 18:48 - 2013-10-20 12:29 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk

==================== One Month Modified Files and Folders =======

2013-11-02 10:25 - 2013-10-18 07:20 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-02 10:24 - 2013-11-02 10:24 - 00000000 ____D C:\FRST
2013-11-02 10:24 - 2013-08-16 13:29 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-02 10:20 - 2013-11-02 10:20 - 00112128 _____ (forum.viry.cz) C:\Users\pc\Desktop\FRSTLauncher.exe
2013-11-02 10:19 - 2013-11-02 10:19 - 01957098 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2013-11-02 10:01 - 2009-07-14 05:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-02 10:01 - 2009-07-14 05:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-02 09:57 - 2013-08-15 17:48 - 01797078 _____ C:\Windows\WindowsUpdate.log
2013-11-02 09:57 - 2010-11-21 10:27 - 00666406 _____ C:\Windows\system32\perfh005.dat
2013-11-02 09:57 - 2010-11-21 10:27 - 00140102 _____ C:\Windows\system32\perfc005.dat
2013-11-02 09:57 - 2009-07-14 06:13 - 01577410 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-02 09:53 - 2013-11-01 07:25 - 00000112 _____ C:\Windows\setupact.log
2013-11-02 09:53 - 2013-10-18 07:20 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-02 09:53 - 2013-08-18 06:51 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2013-11-02 09:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-02 09:52 - 2013-11-02 09:51 - 00000000 ____D C:\AdwCleaner
2013-11-02 09:51 - 2013-11-02 09:51 - 01060070 _____ C:\Users\pc\Desktop\adwcleaner.exe
2013-11-02 09:47 - 2013-11-02 09:47 - 00006770 _____ C:\Users\pc\Desktop\JRT.txt
2013-11-02 09:44 - 2013-11-02 09:44 - 00000000 ____D C:\Windows\ERUNT
2013-11-02 09:43 - 2013-11-02 09:43 - 01033335 _____ (Thisisu) C:\Users\pc\Desktop\JRT.exe
2013-11-02 09:34 - 2013-09-18 13:36 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA.job
2013-11-02 08:46 - 2013-09-18 13:36 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core.job
2013-11-01 18:00 - 2013-11-01 18:00 - 00000000 ____D C:\rsit
2013-11-01 18:00 - 2013-11-01 18:00 - 00000000 ____D C:\Program Files\trend micro
2013-11-01 07:25 - 2013-11-01 07:25 - 00000000 _____ C:\Windows\setuperr.log
2013-10-30 19:37 - 2013-10-30 19:37 - 00000000 ____D C:\Program Files (x86)\HandyUpdater
2013-10-30 19:23 - 2013-10-30 19:23 - 00001115 _____ C:\Users\pc\Desktop\CCleaner64 – zástupce.lnk
2013-10-30 19:20 - 2013-08-28 06:46 - 00000000 ____D C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus
2013-10-30 18:58 - 2013-10-30 18:58 - 00000000 ____D C:\Users\pc\AppData\Local\AskPartnerNetwork
2013-10-30 14:03 - 2013-10-21 09:44 - 00000000 ____D C:\Users\pc\AppData\Roaming\Vso
2013-10-30 08:09 - 2013-10-29 19:47 - 104098187 _____ C:\Windows\SysWOW64\꾺및b
2013-10-29 18:52 - 2013-10-29 12:36 - 00001173 _____ C:\Users\pc\AppData\Roaming\vso_ts_preview.xml
2013-10-29 18:49 - 2013-10-29 18:49 - 00003334 _____ C:\Windows\System32\Tasks\{6C975B6D-FC28-42A5-B062-D56A47B47BA8}
2013-10-29 17:59 - 2013-10-29 17:59 - 00003116 _____ C:\Windows\System32\Tasks\{DB53AF35-9EDF-423A-B999-E43981A1361A}
2013-10-29 17:47 - 2013-10-21 09:44 - 00000034 _____ C:\Users\pc\AppData\Roaming\pcouffin.log
2013-10-29 17:46 - 2013-10-29 17:46 - 00000667 _____ C:\Users\pc\Desktop\ConvertXtoDVD 4.lnk
2013-10-29 17:46 - 2013-10-21 09:44 - 00099384 _____ C:\Users\pc\AppData\Roaming\inst.exe
2013-10-29 17:46 - 2013-10-21 09:44 - 00082816 _____ (VSO Software) C:\Windows\system32\Drivers\pcouffin.sys
2013-10-29 17:46 - 2013-10-21 09:44 - 00082816 _____ (VSO Software) C:\Users\pc\AppData\Roaming\pcouffin.sys
2013-10-29 17:46 - 2013-10-21 09:44 - 00007859 _____ C:\Users\pc\AppData\Roaming\pcouffin.cat
2013-10-29 17:46 - 2013-10-21 09:44 - 00000000 ____D C:\Program Files (x86)\vso
2013-10-29 16:16 - 2013-10-29 16:16 - 00000000 ____D C:\Users\pc\AppData\Roaming\dvdcss
2013-10-29 07:46 - 2013-10-29 07:46 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-28 20:11 - 2013-10-28 20:11 - 00000000 ____D C:\Users\pc\AppData\Roaming\Avira
2013-10-28 20:11 - 2013-10-28 20:11 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-10-28 20:10 - 2013-10-28 20:10 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-28 20:09 - 2013-08-15 13:58 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-28 20:08 - 2013-10-28 20:09 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-28 20:08 - 2013-10-28 20:09 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-28 20:08 - 2013-10-28 20:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-28 18:46 - 2013-10-27 20:49 - 00000000 ____D C:\Windows\system32\appmgmt
2013-10-28 13:23 - 2013-10-28 13:23 - 00000000 ___RD C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-27 20:49 - 2013-10-27 20:12 - 00000000 ____D C:\Windows\037F8C0EE8E1408FABB4FC4ABF947E1B.TMP
2013-10-27 20:20 - 2013-10-21 11:01 - 00001421 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2013-10-27 20:13 - 2013-10-27 20:13 - 00000000 _____ C:\autoexec.bat
2013-10-27 14:47 - 2013-10-18 15:59 - 00000000 ____D C:\Users\pc\AppData\Roaming\vlc
2013-10-25 17:04 - 2013-10-25 16:55 - 00000000 ____D C:\Users\pc\AppData\Roaming\Nico Mak Computing
2013-10-24 10:29 - 2013-10-24 10:29 - 00019708 _____ C:\Users\pc\Desktop\MojeBanka.htm
2013-10-24 10:29 - 2013-10-24 10:29 - 00000000 ____D C:\Users\pc\Desktop\MojeBanka_files
2013-10-21 14:14 - 2013-10-20 17:38 - 00000000 ____D C:\Windows\pss
2013-10-21 11:13 - 2013-10-21 11:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\Nero
2013-10-20 19:12 - 2013-08-22 06:19 - 00000000 ____D C:\Users\pc\Desktop\RBP
2013-10-20 12:29 - 2013-10-10 18:48 - 00000994 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-10-20 12:25 - 2013-10-20 12:25 - 00000000 ____D C:\Users\pc\AppData\Local\Secunia PSI
2013-10-20 12:25 - 2013-10-20 12:25 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-10-20 11:57 - 2013-10-16 15:27 - 00000000 ____D C:\Users\pc\AppData\Local\VirtualStore
2013-10-18 15:29 - 2013-10-18 15:29 - 00000456 _____ C:\Users\pc\Desktop\Záloha (E) – zástupce.lnk
2013-10-18 07:28 - 2013-10-18 07:28 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-10-18 07:28 - 2013-10-18 07:28 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-10-18 07:28 - 2013-10-18 07:28 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-10-18 07:28 - 2013-10-18 07:28 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-18 07:28 - 2013-10-18 07:28 - 00000000 ____D C:\Program Files (x86)\Java
2013-10-18 07:21 - 2013-10-18 07:20 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-18 07:20 - 2013-10-18 07:20 - 00003940 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-18 07:20 - 2013-10-18 07:20 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-18 06:35 - 2013-10-18 06:35 - 00000012 _____ C:\Users\pc\Desktop\FSSC.dat
2013-10-18 06:34 - 2013-10-18 06:34 - 00000000 ____D C:\Users\pc\AppData\Local\Downloaded Installations
2013-10-17 16:28 - 2013-10-17 16:21 - 00000000 ____D C:\Users\pc\AppData\Local\Adobe
2013-10-17 16:28 - 2013-10-16 14:37 - 00000000 ____D C:\Users\pc\AppData\Roaming\Adobe
2013-10-17 16:22 - 2013-10-17 16:22 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-17 16:22 - 2013-10-17 16:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-16 15:31 - 2013-08-28 07:11 - 00004310 _____ C:\Windows\System32\Tasks\Ad-Aware Antivirus Scheduled Scan
2013-10-16 15:26 - 2013-10-16 15:26 - 00000020 ___SH C:\Users\pc\ntuser.ini
2013-10-16 15:26 - 2013-10-16 15:26 - 00000000 ____D C:\Users\pc\AppData\Local\Sony Ericsson
2013-10-16 15:26 - 2013-08-15 17:51 - 00000000 ____D C:\Users\pc
2013-10-16 15:20 - 2013-09-18 13:36 - 00000000 ____D C:\Users\pc\AppData\Local\Google
2013-10-16 15:05 - 2013-10-16 15:05 - 00000000 ____D C:\Users\pc\AppData\Roaming\WinRAR
2013-10-16 15:02 - 2013-10-16 15:02 - 00000000 ____D C:\Users\pc\AppData\Roaming\GHISLER
2013-10-16 14:58 - 2013-08-15 13:53 - 00000000 ____D C:\Users\pc\AppData\Local\Mozilla
2013-10-16 14:37 - 2013-10-16 14:37 - 00000000 ____D C:\Users\pc\AppData\Roaming\Macromedia
2013-10-16 14:37 - 2013-10-16 14:37 - 00000000 ____D C:\Users\pc\AppData\Local\Macromedia
2013-10-16 14:35 - 2013-10-16 14:35 - 00109296 _____ C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-16 14:35 - 2013-10-16 14:35 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-16 14:33 - 2013-10-16 14:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\Foxit Software
2013-10-16 14:27 - 2013-08-15 13:53 - 00000000 ____D C:\Users\pc\AppData\Roaming\Mozilla
2013-10-16 14:17 - 2013-10-16 14:17 - 00000359 _____ C:\Users\pc\Desktop\Počítač – zástupce.lnk
2013-10-16 12:51 - 2013-08-15 18:45 - 00000000 ____D C:\Windows\Panther
2013-10-14 11:04 - 2013-10-14 11:04 - 00018456 _____ (Secunia) C:\Windows\system32\Drivers\psi_mf_amd64.sys
2013-10-11 20:15 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-11 16:01 - 2013-10-11 15:55 - 00000000 ____D C:\Program Files (x86)\DirectVobSub
2013-10-11 08:34 - 2013-10-11 08:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-10-11 08:33 - 2013-10-11 08:33 - 00002264 _____ C:\Users\Public\Desktop\Sony Ericsson PC Companion 1.6.lnk
2013-10-11 08:33 - 2013-10-11 08:33 - 00000000 ____D C:\Program Files (x86)\Sony Ericsson
2013-10-11 08:33 - 2013-08-15 18:00 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-11 06:29 - 2013-09-18 13:36 - 00003914 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA
2013-10-11 06:29 - 2013-09-18 13:36 - 00003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core
2013-10-11 02:28 - 2013-08-18 06:51 - 02324216 _____ (PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
2013-10-11 02:28 - 2009-07-14 05:45 - 00419872 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-11 02:08 - 2013-08-15 18:00 - 01555696 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-11 02:04 - 2013-08-23 06:38 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 02:03 - 2013-08-23 06:38 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 18:48 - 2013-08-17 08:24 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2013-10-09 17:07 - 2013-08-15 13:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-09 09:24 - 2013-08-16 13:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-09 09:24 - 2013-08-16 13:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 09:24 - 2013-08-16 13:29 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\671f0e75-9501-4c2f-ae8a-2026d095cced.exe
C:\Users\pc\AppData\Local\Temp\710af6f9-ed99-4ee2-b06f-2ff38faeeeea.dll
C:\Users\pc\AppData\Local\Temp\bitool.dll
C:\Users\pc\AppData\Local\Temp\ef10e06c-1df8-4f28-b59d-553ce18b5f16.exe
C:\Users\pc\AppData\Local\Temp\fb04106a-5f6b-4903-bb15-a5727ae0476c.dll
C:\Users\pc\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-31 00:31

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:38.96 GB) (Free:1.48 GB) NTFS
Drive d: (Hry) (Fixed) (Total:126.96 GB) (Free:118.59 GB) NTFS
Drive e: (Záloha) (Fixed) (Total:132.07 GB) (Free:114.46 GB) NTFS

Available physical RAM: 2671.54 MB
Total physical RAM: 3983.69 MB
Percentage of memory in use: 32%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: AFEE1298)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=39 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=132 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\pc\Desktop" je 5 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds
C:\Windows\system32\hkcmd.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray
C:\Windows\system32\igfxtray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence
C:\Windows\system32\igfxpers.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection
C:\ProgramData\Search Protection\_run.bat [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar
C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion
"C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk
C:\PROGRA~2\Secunia\PSI\psi_tray.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#7 Příspěvek od **vyosek** » 02 lis 2013 11:55

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
MountPoints2: {251e838d-05ca-11e3-8942-806e6f6e6963} - F:\setup.exe
MountPoints2: {50b7bc59-3214-11e3-b00a-94de80728372} - G:\Startme.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/GENUINE - disabled No File

CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

2013-10-30 18:58 - 2013-10-30 18:58 - 00000000 ____D C:\Users\pc\AppData\Local\AskPartnerNetwork
2013-10-28 20:11 - 2013-10-28 20:11 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-10-30 19:20 - 2013-08-28 06:46 - 00000000 ____D C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus
C:\Users\pc\AppData\Local\Temp\671f0e75-9501-4c2f-ae8a-2026d095cced.exe
C:\Users\pc\AppData\Local\Temp\710af6f9-ed99-4ee2-b06f-2ff38faeeeea.dll
C:\Users\pc\AppData\Local\Temp\bitool.dll
C:\Users\pc\AppData\Local\Temp\ef10e06c-1df8-4f28-b59d-553ce18b5f16.exe
C:\Users\pc\AppData\Local\Temp\fb04106a-5f6b-4903-bb15-a5727ae0476c.dll
C:\Users\pc\AppData\Local\Temp\Quarantine.exe
C:\Program Files\Enigma Software Group
C:\ProgramData\Ad-Aware Browsing Protection
C:\ProgramData\Search Protection

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

Hosts:

End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

saltao · #8 Příspěvek od **saltao** » 02 lis 2013 12:27

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by pc at 2013-11-02 12:21:22 Run:1
Running from C:\Users\pc\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
MountPoints2: {251e838d-05ca-11e3-8942-806e6f6e6963} - F:\setup.exe
MountPoints2: {50b7bc59-3214-11e3-b00a-94de80728372} - G:\Startme.exe

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/GENUINE - disabled No File

CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

2013-10-30 18:58 - 2013-10-30 18:58 - 00000000 ____D C:\Users\pc\AppData\Local\AskPartnerNetwork
2013-10-28 20:11 - 2013-10-28 20:11 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-10-30 19:20 - 2013-08-28 06:46 - 00000000 ____D C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus
C:\Users\pc\AppData\Local\Temp\671f0e75-9501-4c2f-ae8a-2026d095cced.exe
C:\Users\pc\AppData\Local\Temp\710af6f9-ed99-4ee2-b06f-2ff38faeeeea.dll
C:\Users\pc\AppData\Local\Temp\bitool.dll
C:\Users\pc\AppData\Local\Temp\ef10e06c-1df8-4f28-b59d-553ce18b5f16.exe
C:\Users\pc\AppData\Local\Temp\fb04106a-5f6b-4903-bb15-a5727ae0476c.dll
C:\Users\pc\AppData\Local\Temp\Quarantine.exe
C:\Program Files\Enigma Software Group
C:\ProgramData\Ad-Aware Browsing Protection
C:\ProgramData\Search Protection

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion" /f
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

Hosts:

End
*****************

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{251e838d-05ca-11e3-8942-806e6f6e6963} => Key deleted successfully.
HKCR\CLSID\{251e838d-05ca-11e3-8942-806e6f6e6963} => Key not found.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{50b7bc59-3214-11e3-b00a-94de80728372} => Key deleted successfully.
HKCR\CLSID\{50b7bc59-3214-11e3-b00a-94de80728372} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} => Key deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-00A7-7A786E7484D7} => Value deleted successfully.
HKCR\CLSID\{41564952-412D-5637-00A7-7A786E7484D7} => Key not found.
Firefox Keyword.URL deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik => Key deleted successfully.
"C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx" => File/Directory not found.
APNMCP => Service deleted successfully.
esgiguard => Service deleted successfully.
gdrv => Service deleted successfully.
SBRE => Service deleted successfully.
C:\Users\pc\AppData\Local\AskPartnerNetwork => Moved successfully.
C:\Program Files (x86)\AskPartnerNetwork => Moved successfully.
C:\Users\pc\AppData\Roaming\Ad-Aware Antivirus => Moved successfully.
C:\Users\pc\AppData\Local\Temp\671f0e75-9501-4c2f-ae8a-2026d095cced.exe => Moved successfully.
C:\Users\pc\AppData\Local\Temp\710af6f9-ed99-4ee2-b06f-2ff38faeeeea.dll => Moved successfully.
C:\Users\pc\AppData\Local\Temp\bitool.dll => Moved successfully.
C:\Users\pc\AppData\Local\Temp\ef10e06c-1df8-4f28-b59d-553ce18b5f16.exe => Moved successfully.
C:\Users\pc\AppData\Local\Temp\fb04106a-5f6b-4903-bb15-a5727ae0476c.dll => Moved successfully.
C:\Users\pc\AppData\Local\Temp\Quarantine.exe => Moved successfully.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
"C:\ProgramData\Ad-Aware Browsing Protection" => File/Directory not found.
"C:\ProgramData\Search Protection" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000Core.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2695420397-2242752436-917041406-1000UA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

The system needs a manual reboot.

==== End of Fixlog ====

#9 Příspěvek od **vyosek** » 02 lis 2013 12:30

Jeste jeden fixlist pro FRST, postup stejny

Kód: Vybrat vše

Start

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

End

saltao · #10 Příspěvek od **saltao** » 02 lis 2013 12:42

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013
Ran by pc at 2013-11-02 12:37:33 Run:2
Running from C:\Users\pc\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

End
*****************

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Aware Browsing Protection" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchProtection" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

==== End of Fixlog ====

#11 Příspěvek od **vyosek** » 02 lis 2013 12:47

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

saltao · #12 Příspěvek od **saltao** » 02 lis 2013 13:33

Mnohokrát děkuji.

#13 Příspěvek od **vyosek** » 02 lis 2013 13:39

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Prosím o kontrolu.Děkuji.

Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.

Re: Prosím o kontrolu.Děkuji.